Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDEEB/1EE7FA60E5F411EFABD39D7EC4F9AE02/D554E982739411F1BD2FE81E73A30FBC.roa
File:                     D554E982739411F1BD2FE81E73A30FBC.roa (raw, json)
Hash identifier:          9aLm5LCNu2gwzP+FAooAfinfyuiMxfhk6eaA+iODIBs=
Subject key identifier:   F1:FF:48:36:B2:D5:FF:CB:F2:2D:C9:E5:21:09:5A:1C:85:31:AB:70
Certificate issuer:       /CN=A91BDEEB/serialNumber=6B63A60E7D7F51D038728C6425906047016C9904
Certificate serial:       0151
Authority key identifier: 6B:63:A6:0E:7D:7F:51:D0:38:72:8C:64:25:90:60:47:01:6C:99:04
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a2OmDn1_UdA4coxkJZBgRwFsmQQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BDEEB/1EE7FA60E5F411EFABD39D7EC4F9AE02/D554E982739411F1BD2FE81E73A30FBC.roa
Signing time:             Mon 29 Jun 2026 08:30:50 +0000
ROA not before:           Mon 29 Jun 2026 08:30:50 +0000
ROA not after:            Fri 28 May 2027 00:00:00 +0000
asID:                     199242
IP address blocks:        163.61.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BDEEB/1EE7FA60E5F411EFABD39D7EC4F9AE02/a2OmDn1_UdA4coxkJZBgRwFsmQQ.crl
                          rsync://rpki.apnic.net/member_repository/A91BDEEB/1EE7FA60E5F411EFABD39D7EC4F9AE02/a2OmDn1_UdA4coxkJZBgRwFsmQQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a2OmDn1_UdA4coxkJZBgRwFsmQQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 06 Jul 2026 08:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 337 (0x151)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDEEB, serialNumber=6B63A60E7D7F51D038728C6425906047016C9904
        Validity
            Not Before: Jun 29 08:30:50 2026 GMT
            Not After : May 28 00:00:00 2027 GMT
        Subject: CN=6a422d3a-12c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:58:96:12:72:37:b2:03:93:56:6b:ac:7d:04:
                    37:38:b7:ea:03:0c:60:65:3f:94:89:19:14:d7:18:
                    94:5e:fc:75:49:ef:15:9c:c8:74:2a:76:a2:08:f8:
                    ec:fa:14:af:72:b1:51:2d:a0:ed:38:6e:f6:16:f2:
                    28:29:32:ac:e4:15:b3:ea:56:db:05:00:3f:ba:f3:
                    94:16:9e:e2:be:cc:c2:0c:27:76:c3:72:e2:1a:41:
                    24:d1:d8:50:2a:45:ec:d0:34:19:e8:96:b6:b6:e4:
                    5d:8a:42:bf:cc:96:cf:75:61:9b:26:a1:79:6e:e6:
                    79:78:3b:d2:3b:0c:08:86:d6:57:e7:95:01:d9:23:
                    8a:56:cd:43:3b:4c:7b:57:7d:7e:99:3a:6f:3f:40:
                    69:a3:b9:82:54:29:4e:ef:2a:66:d1:c1:12:37:b2:
                    34:e8:60:4c:e0:a1:9c:94:1d:c8:82:09:bf:fa:8a:
                    34:77:c9:98:6d:7e:9f:cc:1a:9e:92:2d:1e:4e:1e:
                    9e:4f:a7:8f:b8:d3:c3:bc:53:92:2d:ce:87:42:19:
                    ee:3b:cd:23:14:44:18:8e:a6:93:be:a7:63:c9:77:
                    8d:fe:50:76:24:68:19:69:08:92:fe:c3:97:cd:ca:
                    ea:da:f7:c6:09:04:e2:97:39:6d:7f:fb:b3:d1:1b:
                    10:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:FF:48:36:B2:D5:FF:CB:F2:2D:C9:E5:21:09:5A:1C:85:31:AB:70
            X509v3 Authority Key Identifier:
                keyid:6B:63:A6:0E:7D:7F:51:D0:38:72:8C:64:25:90:60:47:01:6C:99:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BDEEB/1EE7FA60E5F411EFABD39D7EC4F9AE02/a2OmDn1_UdA4coxkJZBgRwFsmQQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a2OmDn1_UdA4coxkJZBgRwFsmQQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDEEB/1EE7FA60E5F411EFABD39D7EC4F9AE02/D554E982739411F1BD2FE81E73A30FBC.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.61.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:40:f5:09:db:9e:a6:d1:02:34:a4:41:96:74:02:18:19:91:
         b8:9d:76:2b:8b:a7:8f:80:f0:13:10:ba:4b:cb:dc:9b:67:39:
         83:e9:fc:63:1f:4a:b4:39:74:d5:1a:fb:42:6f:da:bc:f3:57:
         66:d5:91:29:8f:7a:fb:70:9a:24:f6:1f:e8:3d:cd:f3:37:2d:
         98:23:54:d6:11:1d:7a:52:9c:48:f4:cd:8f:a3:09:d8:b2:26:
         23:cf:61:38:d2:d8:e4:6c:ec:75:bd:24:07:9b:19:78:e8:a2:
         32:0e:ce:73:e5:79:89:5b:8b:02:97:c6:59:2b:7e:ba:30:63:
         97:1e:68:b8:ec:52:fd:38:2d:90:10:f3:f2:1c:6b:d1:7f:7e:
         de:0c:db:f7:22:29:fb:d4:bb:59:5e:0f:40:d4:88:7f:3c:e4:
         05:30:f5:ca:d7:4c:34:bd:0b:0c:1a:bc:e7:70:0d:2b:00:6a:
         80:78:77:32:84:2a:fe:d1:b0:ef:bb:2b:12:20:fc:fb:30:c3:
         d4:de:d5:4f:6b:be:ba:7a:ee:93:44:36:5d:7e:37:68:43:59:
         fd:4d:de:0e:6b:a7:14:6b:4b:d5:3a:08:5a:93:db:cd:47:48:
         09:ba:bf:45:e9:2a:27:73:f5:dd:10:35:8f:95:55:f0:ad:f1:
         9a:cd:47:62
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkRFRUIxMTAvBgNVBAUTKDZCNjNBNjBFN0Q3RjUxRDAzODcyOEM2NDI1OTA2MDQ3
MDE2Qzk5MDQwHhcNMjYwNjI5MDgzMDUwWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQyMmQzYS0xMmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmFiWEnI3sgOTVmusfQQ3OLfqAwxgZT+UiRkU1xiUXvx1Se8VnMh0KnaiCPjs
+hSvcrFRLaDtOG72FvIoKTKs5BWz6lbbBQA/uvOUFp7ivszCDCd2w3LiGkEk0dhQ
KkXs0DQZ6Ja2tuRdikK/zJbPdWGbJqF5buZ5eDvSOwwIhtZX55UB2SOKVs1DO0x7
V31+mTpvP0Bpo7mCVClO7ypm0cESN7I06GBM4KGclB3Iggm/+oo0d8mYbX6fzBqe
ki0eTh6eT6ePuNPDvFOSLc6HQhnuO80jFEQYjqaTvqdjyXeN/lB2JGgZaQiS/sOX
zcrq2vfGCQTilzltf/uz0RsQNwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPH/SDay
1f/L8i3J5SEJWhyFMatwMB8GA1UdIwQYMBaAFGtjpg59f1HQOHKMZCWQYEcBbJkE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREVFQi8xRUU3RkE2MEU1
RjQxMUVGQUJEMzlEN0VDNEY5QUUwMi9hMk9tRG4xX1VkQTRjb3hrSlpCZ1J3RnNt
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2EyT21EbjFfVWRBNGNveGtKWkJnUndGc21RUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkRFRUIvMUVFN0ZBNjBFNUY0MTFFRkFCRDM5RDdFQzRGOUFFMDIvRDU1NEU5ODI3
Mzk0MTFGMUJEMkZFODFFNzNBMzBGQkMucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAoz1hMA0GCSqGSIb3DQEBCwUAA4IBAQBCQPUJ256m0QI0pEGWdAIY
GZG4nXYri6ePgPATELpLy9ybZzmD6fxjH0q0OXTVGvtCb9q881dm1ZEpj3r7cJok
9h/oPc3zNy2YI1TWER16UpxI9M2PownYsiYjz2E40tjkbOx1vSQHmxl46KIyDs5z
5XmJW4sCl8ZZK366MGOXHmi47FL9OC2QEPPyHGvRf37eDNv3Iin71LtZXg9A1Ih/
POQFMPXK10w0vQsMGrzncA0rAGqAeHcyhCr+0bDvuysSIPz7MMPU3tVPa766eu6T
RDZdfjdoQ1n9Td4Oa6cUa0vVOghak9vNR0gJur9F6Sonc/XdEDWPlVXwrfGazUdi
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:33:35 2026 by rpki-client