Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
File:                     22F72E28725311EBA9C51756C4F9AE02.roa (raw, json)
Hash identifier:          JK6/e0PvYBa8kGFQgLjtSrCPCDpo6wNDkFljh8D9dzM=
Subject key identifier:   C8:AE:C4:74:4C:0F:4C:38:9C:AE:75:9B:72:6C:62:4B:5A:32:88:67
Certificate issuer:       /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Certificate serial:       077C
Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
Signing time:             Fri 10 Jul 2026 22:23:30 +0000
ROA not before:           Fri 10 Jul 2026 22:23:30 +0000
ROA not after:            Sun 31 Oct 2027 00:00:00 +0000
asID:                     18018
IP address blocks:        110.50.224.0/23 maxlen: 23
                          110.50.224.0/24 maxlen: 24
                          110.50.225.0/24 maxlen: 24
                          110.50.226.0/23 maxlen: 23
                          110.50.226.0/24 maxlen: 24
                          110.50.227.0/24 maxlen: 24
                          110.50.228.0/23 maxlen: 23
                          110.50.228.0/24 maxlen: 24
                          110.50.229.0/24 maxlen: 24
                          110.50.230.0/23 maxlen: 23
                          110.50.230.0/24 maxlen: 24
                          110.50.231.0/24 maxlen: 24
                          110.50.232.0/24 maxlen: 24
                          110.50.233.0/24 maxlen: 24
                          110.50.234.0/24 maxlen: 24
                          110.50.235.0/24 maxlen: 24
                          110.50.236.0/24 maxlen: 24
                          110.50.237.0/24 maxlen: 24
                          110.50.238.0/24 maxlen: 24
                          110.50.239.0/24 maxlen: 24
                          114.141.216.0/21 maxlen: 21
                          114.141.216.0/24 maxlen: 24
                          114.141.217.0/24 maxlen: 24
                          114.141.218.0/24 maxlen: 24
                          114.141.219.0/24 maxlen: 24
                          114.141.220.0/24 maxlen: 24
                          114.141.221.0/24 maxlen: 24
                          114.141.222.0/24 maxlen: 24
                          114.141.223.0/24 maxlen: 24
                          202.129.220.0/24 maxlen: 24
                          202.129.221.0/24 maxlen: 24
                          202.129.222.0/23 maxlen: 23
                          202.129.222.0/24 maxlen: 24
                          202.129.223.0/24 maxlen: 24
                          202.151.34.0/23 maxlen: 24
                          202.165.60.0/24 maxlen: 24
                          202.165.61.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
                          rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 19 Jul 2026 21:42:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1916 (0x77c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B477B, serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
        Validity
            Not Before: Jul 10 22:23:30 2026 GMT
            Not After : Oct 31 00:00:00 2027 GMT
        Subject: CN=6a5170e2-ad0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4e:48:3c:c6:12:17:23:bf:04:94:1b:56:e9:
                    ef:34:4d:d4:79:48:50:2c:43:00:4a:17:a5:77:a8:
                    9c:7d:0e:67:e3:f6:25:e9:b7:a4:0f:33:ec:37:1f:
                    4c:ac:e7:65:6a:d1:a0:ed:78:b8:43:46:15:3d:d9:
                    e0:29:61:f6:f8:26:db:87:63:6a:b3:61:ce:ef:df:
                    c1:1a:2b:4a:7c:da:f7:f4:06:0d:35:ac:6f:d8:86:
                    fa:a0:c8:16:2b:25:6f:73:20:88:f6:8c:f0:47:16:
                    a5:cd:da:79:2a:55:92:e9:81:62:1e:41:fd:9a:d1:
                    51:83:10:aa:c9:4a:08:8c:c2:cf:7f:6c:45:9e:8f:
                    6e:99:fd:36:df:2e:ff:ab:e2:91:1e:a5:85:5c:c0:
                    a9:79:63:cc:21:6a:0d:ea:1a:5f:74:f6:22:7a:69:
                    73:a9:c1:73:90:d5:ee:ff:93:2a:5f:34:ae:a0:c4:
                    73:90:d4:90:6d:08:c0:c5:f1:8c:6c:c6:7a:08:36:
                    10:33:68:8a:4c:11:ea:9a:2f:24:84:09:59:e2:e0:
                    f6:1e:90:48:df:ab:8f:57:ca:c6:9f:19:d5:02:07:
                    7f:8e:26:25:5e:85:18:cf:37:82:db:f5:bb:fb:bb:
                    1c:d0:00:0e:ae:18:28:1f:2f:b5:50:ab:a2:60:c1:
                    70:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:AE:C4:74:4C:0F:4C:38:9C:AE:75:9B:72:6C:62:4B:5A:32:88:67
            X509v3 Authority Key Identifier:
                keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.50.224.0/20
                  114.141.216.0/21
                  202.129.220.0/22
                  202.151.34.0/23
                  202.165.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:16:02:bf:63:ce:31:2a:46:93:32:ff:cc:65:be:42:71:9a:
         ef:f7:02:e4:15:20:95:a7:b3:f9:6b:42:99:e3:f1:9f:35:ac:
         be:d4:1f:48:be:7f:6c:bb:a0:98:df:0d:05:e7:11:da:31:32:
         a3:87:6f:2f:5f:ea:4e:94:2c:59:1e:a1:b3:22:31:0f:07:fd:
         5b:ca:65:f3:ec:6f:eb:c9:62:8a:46:0d:6d:83:71:29:4a:66:
         bd:e1:f5:dd:99:09:bc:cd:e9:9f:ae:e8:c1:66:5a:14:85:00:
         e0:a3:b8:ff:0e:f1:3d:4f:4e:a1:22:59:89:c1:a6:35:1b:c9:
         80:81:be:fc:12:af:8c:e2:39:79:3d:bc:eb:fa:5d:38:f2:c5:
         19:22:2f:87:4d:36:65:01:c3:56:64:a7:da:6b:00:89:21:ef:
         19:53:9f:a6:65:94:23:10:cf:69:33:61:d8:42:74:25:55:99:
         3a:05:7d:71:77:2c:a1:bb:d9:c4:5c:5d:c4:2e:b7:b4:4c:e8:
         7f:de:63:90:f3:c8:e0:15:dc:0d:2c:11:4e:25:43:00:9a:32:
         69:f4:59:06:d3:c1:2c:e3:ac:2e:4a:16:b4:b0:b2:9f:8a:b0:
         46:84:12:6d:a1:3d:aa:60:80:03:d3:58:69:b9:ab:70:ec:be:
         80:31:15:00
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgICB3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz
NDU4MzdBQzkwHhcNMjYwNzEwMjIyMzMwWhcNMjcxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTUxNzBlMi1hZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxE5IPMYSFyO/BJQbVunvNE3UeUhQLEMASheld6icfQ5n4/Yl6bekDzPsNx9M
rOdlatGg7Xi4Q0YVPdngKWH2+Cbbh2Nqs2HO79/BGitKfNr39AYNNaxv2Ib6oMgW
KyVvcyCI9ozwRxalzdp5KlWS6YFiHkH9mtFRgxCqyUoIjMLPf2xFno9umf023y7/
q+KRHqWFXMCpeWPMIWoN6hpfdPYiemlzqcFzkNXu/5MqXzSuoMRzkNSQbQjAxfGM
bMZ6CDYQM2iKTBHqmi8khAlZ4uD2HpBI36uPV8rGnxnVAgd/jiYlXoUYzzeC2/W7
+7sc0AAOrhgoHy+1UKuiYMFwCQIDAQABo4ICeDCCAnQwHQYDVR0OBBYEFMiuxHRM
D0w4nK51m3JsYktaMohnMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy
NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl
c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ3N0IvMUMyNTYyNzA3MjUwMTFFQkI2NDhGODRFQzRGOUFFMDIvMjJGNzJFMjg3
MjUzMTFFQkE5QzUxNzU2QzRGOUFFMDIucm9hMDcGCCsGAQUFBwEHAQH/BCgwJjAk
BAIAATAeAwQEbjLgAwQDco3YAwQCyoHcAwQBypciAwQByqU8MA0GCSqGSIb3DQEB
CwUAA4IBAQAsFgK/Y84xKkaTMv/MZb5CcZrv9wLkFSCVp7P5a0KZ4/GfNay+1B9I
vn9su6CY3w0F5xHaMTKjh28vX+pOlCxZHqGzIjEPB/1bymXz7G/ryWKKRg1tg3Ep
Sma94fXdmQm8zemfrujBZloUhQDgo7j/DvE9T06hIlmJwaY1G8mAgb78Eq+M4jl5
Pbzr+l048sUZIi+HTTZlAcNWZKfaawCJIe8ZU5+mZZQjEM9pM2HYQnQlVZk6BX1x
dyyhu9nEXF3ELre0TOh/3mOQ88jgFdwNLBFOJUMAmjJp9FkG08Es46wuSha0sLKf
irBGhBJtoT2qYIAD01hpuatw7L6AMRUA
-----END CERTIFICATE-----
Generated at Mon Jul 13 05:53:31 2026 by rpki-client