Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B539C/58F6656E688611F1A9DD30CE6C47A888/DA76ABD0688611F19B84FAD56C47A888.roa
File:                     DA76ABD0688611F19B84FAD56C47A888.roa (raw, json)
Hash identifier:          yWiFxFgKw6kCu5u2sZNHSYxj5QrnFeWSEHXikTWB910=
Subject key identifier:   C1:E5:B9:87:D2:1A:0F:E1:03:00:F0:4F:7A:8F:C0:86:7E:44:03:5A
Certificate issuer:       /CN=A91B539C/serialNumber=157FAE07B301ECB484CBB8083B68237192056C79
Certificate serial:       02
Authority key identifier: 15:7F:AE:07:B3:01:EC:B4:84:CB:B8:08:3B:68:23:71:92:05:6C:79
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FX-uB7MB7LSEy7gIO2gjcZIFbHk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B539C/58F6656E688611F1A9DD30CE6C47A888/DA76ABD0688611F19B84FAD56C47A888.roa
Signing time:             Mon 15 Jun 2026 06:53:03 +0000
ROA not before:           Mon 15 Jun 2026 06:53:03 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     154715
IP address blocks:        162.4.246.0/23 maxlen: 23
                          162.4.246.0/24 maxlen: 24
                          162.4.247.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B539C/58F6656E688611F1A9DD30CE6C47A888/FX-uB7MB7LSEy7gIO2gjcZIFbHk.crl
                          rsync://rpki.apnic.net/member_repository/A91B539C/58F6656E688611F1A9DD30CE6C47A888/FX-uB7MB7LSEy7gIO2gjcZIFbHk.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FX-uB7MB7LSEy7gIO2gjcZIFbHk.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 10:03:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B539C, serialNumber=157FAE07B301ECB484CBB8083B68237192056C79
        Validity
            Not Before: Jun 15 06:53:03 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a2fa14e-96d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:42:02:f5:7a:1c:b2:9c:b0:9c:db:28:80:38:
                    de:9e:ae:6c:9b:7b:6b:38:fa:b1:f5:fc:6d:24:94:
                    9b:34:e9:63:88:03:3f:63:2f:23:0c:66:76:d3:d6:
                    a8:fa:90:49:6d:ec:48:55:98:f9:f5:65:c7:9d:31:
                    bc:22:ce:e5:39:df:0f:1e:37:69:eb:9f:41:1a:9b:
                    05:06:bd:d8:b8:e4:8a:a4:97:97:06:20:3b:87:91:
                    3d:61:af:e0:80:6f:79:0b:4d:b0:ae:3b:d6:58:d4:
                    f9:2c:97:58:b0:f5:51:6d:47:4f:2e:81:f1:6c:ca:
                    82:1f:c6:4e:5b:b9:c8:88:5a:ce:60:89:85:73:be:
                    60:f9:72:44:a4:62:fb:69:88:c6:d9:e8:f0:8a:f1:
                    48:70:c8:cd:76:ab:23:3c:e1:5e:30:76:1c:a4:1b:
                    60:b2:07:ee:76:7e:6c:a0:cb:84:f0:60:0e:06:eb:
                    3e:31:e0:70:f8:9e:75:ab:0f:59:e9:ff:66:38:bb:
                    3b:e6:75:f0:71:b3:5c:16:2b:d1:a7:19:11:68:1f:
                    15:36:b8:fd:2a:67:39:6c:40:85:e3:97:12:e1:f2:
                    7f:2a:32:b6:4f:7e:52:77:55:df:c1:bb:c4:90:7a:
                    c5:9a:17:da:0e:ed:81:59:88:92:74:d8:6d:55:73:
                    38:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E5:B9:87:D2:1A:0F:E1:03:00:F0:4F:7A:8F:C0:86:7E:44:03:5A
            X509v3 Authority Key Identifier:
                keyid:15:7F:AE:07:B3:01:EC:B4:84:CB:B8:08:3B:68:23:71:92:05:6C:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B539C/58F6656E688611F1A9DD30CE6C47A888/FX-uB7MB7LSEy7gIO2gjcZIFbHk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FX-uB7MB7LSEy7gIO2gjcZIFbHk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B539C/58F6656E688611F1A9DD30CE6C47A888/DA76ABD0688611F19B84FAD56C47A888.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.4.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:41:5b:60:9b:59:ad:1d:7c:10:17:cc:78:59:ad:08:c3:48:
         c6:0c:c6:b2:f7:13:18:3f:81:ce:3d:55:af:c1:53:8e:93:f1:
         1c:33:83:37:33:07:6d:ac:c9:ff:e3:2f:a6:44:13:ce:f0:06:
         79:16:b3:98:23:ca:4d:1c:c8:10:ed:3d:5c:ad:3a:7a:c6:35:
         05:28:7b:d7:5c:d4:e3:54:1c:89:18:7d:21:a1:c0:d2:c4:09:
         0a:50:32:68:82:77:b8:2c:6c:86:01:f1:fe:17:f7:47:6f:4e:
         f6:f0:16:1c:7c:a8:0d:93:8f:f5:d4:9b:16:05:0d:9a:e7:ac:
         f1:ce:77:3b:9b:ea:22:50:02:a1:32:60:ac:8c:78:d6:99:19:
         16:34:7b:7c:45:5b:6a:4f:65:41:58:67:60:73:74:13:1c:b9:
         72:18:83:8b:3e:ef:4a:71:d0:e7:c6:42:92:86:bf:56:4a:7f:
         9d:fa:b7:d5:6c:22:ba:8c:7c:0f:9f:bb:e8:12:d4:f1:7f:dc:
         be:ff:cf:0c:fd:41:01:49:ce:5d:1c:99:23:38:2f:cc:8b:1f:
         0d:be:c0:5d:d6:9a:1c:47:10:85:be:75:ee:d7:90:03:e3:5d:
         71:ca:f0:c9:a3:01:11:a8:2f:a4:7d:fb:7b:b4:f4:a1:6c:54:
         66:43:8c:a1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NTM5QzExMC8GA1UEBRMoMTU3RkFFMDdCMzAxRUNCNDg0Q0JCODA4M0I2ODIzNzE5
MjA1NkM3OTAeFw0yNjA2MTUwNjUzMDNaFw0yNzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTZhMmZhMTRlLTk2ZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCcQgL1ehyynLCc2yiAON6ermybe2s4+rH1/G0klJs06WOIAz9jLyMMZnbT1qj6
kElt7EhVmPn1ZcedMbwizuU53w8eN2nrn0EamwUGvdi45Iqkl5cGIDuHkT1hr+CA
b3kLTbCuO9ZY1Pksl1iw9VFtR08ugfFsyoIfxk5buciIWs5giYVzvmD5ckSkYvtp
iMbZ6PCK8UhwyM12qyM84V4wdhykG2CyB+52fmygy4TwYA4G6z4x4HD4nnWrD1np
/2Y4uzvmdfBxs1wWK9GnGRFoHxU2uP0qZzlsQIXjlxLh8n8qMrZPflJ3Vd/Bu8SQ
esWaF9oO7YFZiJJ02G1Vczj3AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUweW5h9Ia
D+EDAPBPeo/Ahn5EA1owHwYDVR0jBBgwFoAUFX+uB7MB7LSEy7gIO2gjcZIFbHkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1MzlDLzU4RjY2NTZFNjg4
NjExRjFBOUREMzBDRTZDNDdBODg4L0ZYLXVCN01CN0xTRXk3Z0lPMmdqY1pJRmJI
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvRlgtdUI3TUI3TFNFeTdnSU8yZ2pjWklGYkhrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTM5Qy81OEY2NjU2RTY4ODYxMUYxQTlERDMwQ0U2QzQ3QTg4OC9EQTc2QUJEMDY4
ODYxMUYxOUI4NEZBRDU2QzQ3QTg4OC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAGiBPYwDQYJKoZIhvcNAQELBQADggEBAFpBW2CbWa0dfBAXzHhZrQjD
SMYMxrL3Exg/gc49Va/BU46T8RwzgzczB22syf/jL6ZEE87wBnkWs5gjyk0cyBDt
PVytOnrGNQUoe9dc1ONUHIkYfSGhwNLECQpQMmiCd7gsbIYB8f4X90dvTvbwFhx8
qA2Tj/XUmxYFDZrnrPHOdzub6iJQAqEyYKyMeNaZGRY0e3xFW2pPZUFYZ2BzdBMc
uXIYg4s+70px0OfGQpKGv1ZKf536t9VsIrqMfA+fu+gS1PF/3L7/zwz9QQFJzl0c
mSM4L8yLHw2+wF3WmhxHEIW+de7XkAPjXXHK8MmjARGoL6R9+3u09KFsVGZDjKE=
-----END CERTIFICATE-----
Generated at Sun Jul 5 10:21:14 2026 by rpki-client