Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B0E/44BCA632806911EF887B703CC4F9AE02/17782970808311EFBB9C2A46C4F9AE02.roa
File:                     17782970808311EFBB9C2A46C4F9AE02.roa (raw, json)
Hash identifier:          tl/k13u9WQTOSahGwGx1iDOYk8VB5/PtqpvEKgFMIvg=
Subject key identifier:   44:32:A0:69:CF:E5:1C:17:05:30:E6:19:09:4E:F8:BA:7C:F0:26:24
Certificate issuer:       /CN=A91D0B0E/serialNumber=6B0292C6027089C8BA89D8C65A1A330D488B0A2C
Certificate serial:       015A
Authority key identifier: 6B:02:92:C6:02:70:89:C8:BA:89:D8:C6:5A:1A:33:0D:48:8B:0A:2C
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/awKSxgJwici6idjGWhozDUiLCiw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D0B0E/44BCA632806911EF887B703CC4F9AE02/17782970808311EFBB9C2A46C4F9AE02.roa
Signing time:             Fri 03 Jul 2026 06:32:40 +0000
ROA not before:           Fri 03 Jul 2026 06:32:40 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     153055
IP address blocks:        160.25.94.0/23 maxlen: 23
                          160.25.94.0/24 maxlen: 24
                          160.25.95.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D0B0E/44BCA632806911EF887B703CC4F9AE02/awKSxgJwici6idjGWhozDUiLCiw.crl
                          rsync://rpki.apnic.net/member_repository/A91D0B0E/44BCA632806911EF887B703CC4F9AE02/awKSxgJwici6idjGWhozDUiLCiw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/awKSxgJwici6idjGWhozDUiLCiw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:15:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 346 (0x15a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D0B0E, serialNumber=6B0292C6027089C8BA89D8C65A1A330D488B0A2C
        Validity
            Not Before: Jul  3 06:32:40 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a475788-8bc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:7c:86:d1:28:35:15:42:3e:d1:c2:bd:cc:e4:
                    2c:26:56:57:78:ac:b7:f5:33:19:e1:47:ed:67:14:
                    bf:bc:79:d6:dd:c3:05:24:ec:6d:4f:41:cb:1b:f7:
                    e6:67:9e:3a:4e:45:0c:5b:c4:98:f8:a6:50:22:85:
                    64:26:02:ff:6e:02:02:60:ac:3c:39:c7:86:6a:fd:
                    9f:1a:e3:6b:71:d6:db:94:72:7a:43:f4:68:07:c7:
                    b0:dd:27:e7:3d:81:33:32:1c:04:64:db:db:da:ee:
                    86:9a:10:91:21:0c:48:93:2a:26:49:52:a4:b5:50:
                    88:6e:ec:1f:6b:b0:4c:0e:29:7b:e4:58:1d:03:01:
                    ad:cf:b4:c7:71:ff:3f:3f:2e:bb:87:81:aa:96:3e:
                    c4:a0:bf:9f:f8:87:51:4f:89:08:2e:7c:54:3f:0c:
                    d9:58:ad:de:59:b7:8a:b9:05:10:d9:fa:2d:7f:cb:
                    b4:bd:4b:c5:cb:2f:65:03:1f:91:90:4e:47:98:69:
                    fe:1d:d0:b2:88:87:2b:8d:db:09:04:27:c0:02:68:
                    4d:53:b6:a2:3b:8a:6f:ca:1d:38:5f:6f:0a:8a:47:
                    46:c7:50:34:9f:ea:c4:72:e8:ba:33:fd:9a:64:95:
                    86:e4:88:6e:0a:04:88:c0:73:e3:ac:ba:a4:5f:a8:
                    eb:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:32:A0:69:CF:E5:1C:17:05:30:E6:19:09:4E:F8:BA:7C:F0:26:24
            X509v3 Authority Key Identifier:
                keyid:6B:02:92:C6:02:70:89:C8:BA:89:D8:C6:5A:1A:33:0D:48:8B:0A:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/44BCA632806911EF887B703CC4F9AE02/awKSxgJwici6idjGWhozDUiLCiw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/awKSxgJwici6idjGWhozDUiLCiw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/44BCA632806911EF887B703CC4F9AE02/17782970808311EFBB9C2A46C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8a:63:00:35:c9:63:ce:48:44:54:6a:19:f6:5d:52:a8:14:13:
         12:46:8c:45:4a:6c:9a:3f:c7:ea:18:23:c6:20:bc:b2:82:21:
         34:b9:a0:18:9f:24:90:bb:2f:00:04:2a:f5:3d:c9:a9:08:cd:
         a0:c5:e2:16:3d:cb:21:c0:82:ba:e5:f2:05:4b:40:40:a9:55:
         67:75:31:79:f1:14:fe:66:23:ee:fa:86:85:5a:0e:28:98:cc:
         6a:f4:7c:36:c4:e4:1b:e8:05:ca:a8:c6:d7:f2:ed:31:10:7b:
         ab:c0:af:3e:05:c4:38:2f:a7:7e:09:bc:5b:8e:33:57:c4:f3:
         d6:fc:bc:2e:19:b5:13:90:3a:71:77:ae:e1:b1:06:82:81:11:
         55:02:e6:30:42:05:96:62:90:b8:62:17:41:dc:89:01:e6:87:
         50:1e:6e:63:45:f5:5b:59:e4:b3:1e:8a:57:a5:b5:fd:42:66:
         f3:d6:9a:cf:7e:8c:20:50:ca:e0:3c:8b:6c:0d:d9:36:7b:97:
         21:32:9e:0e:0c:5b:5a:6d:c6:e1:35:ca:7b:23:39:5d:62:fc:
         7e:5f:3e:a0:fd:a3:b7:5f:4d:0a:70:34:32:58:18:40:bf:bd:
         84:f7:3e:22:9e:3f:8c:ec:13:a0:cc:08:c6:41:cf:57:12:97:
         11:a6:9a:71
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDBCMEUxMTAvBgNVBAUTKDZCMDI5MkM2MDI3MDg5QzhCQTg5RDhDNjVBMUEzMzBE
NDg4QjBBMkMwHhcNMjYwNzAzMDYzMjQwWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3NTc4OC04YmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2nyG0Sg1FUI+0cK9zOQsJlZXeKy39TMZ4UftZxS/vHnW3cMFJOxtT0HLG/fm
Z546TkUMW8SY+KZQIoVkJgL/bgICYKw8OceGav2fGuNrcdbblHJ6Q/RoB8ew3Sfn
PYEzMhwEZNvb2u6GmhCRIQxIkyomSVKktVCIbuwfa7BMDil75FgdAwGtz7THcf8/
Py67h4Gqlj7EoL+f+IdRT4kILnxUPwzZWK3eWbeKuQUQ2fotf8u0vUvFyy9lAx+R
kE5HmGn+HdCyiIcrjdsJBCfAAmhNU7aiO4pvyh04X28KikdGx1A0n+rEcui6M/2a
ZJWG5IhuCgSIwHPjrLqkX6jrQwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFEQyoGnP
5RwXBTDmGQlO+Lp88CYkMB8GA1UdIwQYMBaAFGsCksYCcInIuonYxloaMw1Iiwos
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEIwRS80NEJDQTYzMjgw
NjkxMUVGODg3QjcwM0NDNEY5QUUwMi9hd0tTeGdKd2ljaTZpZGpHV2hvekRVaUxD
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2F3S1N4Z0p3aWNpNmlkakdXaG96RFVpTENpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDBCMEUvNDRCQ0E2MzI4MDY5MTFFRjg4N0I3MDNDQzRGOUFFMDIvMTc3ODI5NzA4
MDgzMTFFRkJCOUMyQTQ2QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBoBleMA0GCSqGSIb3DQEBCwUAA4IBAQCKYwA1yWPOSERUahn2XVKo
FBMSRoxFSmyaP8fqGCPGILyygiE0uaAYnySQuy8ABCr1PcmpCM2gxeIWPcshwIK6
5fIFS0BAqVVndTF58RT+ZiPu+oaFWg4omMxq9Hw2xOQb6AXKqMbX8u0xEHurwK8+
BcQ4L6d+CbxbjjNXxPPW/LwuGbUTkDpxd67hsQaCgRFVAuYwQgWWYpC4YhdB3IkB
5odQHm5jRfVbWeSzHopXpbX9Qmbz1prPfowgUMrgPItsDdk2e5chMp4ODFtabcbh
Ncp7IzldYvx+Xz6g/aO3X00KcDQyWBhAv72E9z4inj+M7BOgzAjGQc9XEpcRpppx
-----END CERTIFICATE-----
Generated at Sat Jul 18 05:36:32 2026 by rpki-client