Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E208A/70E5A220760511F1B63166DF79A30FBC/1D13321C760911F1B67326767BA30FBC.roa
File:                     1D13321C760911F1B67326767BA30FBC.roa (raw, json)
Hash identifier:          gKFAP2rvC3dl4ISST8Sh3uKKIKoWICHC4vi311f7Wpw=
Subject key identifier:   BF:E3:72:B0:64:32:1A:1A:C6:EB:80:CB:CA:5F:E0:15:96:73:AC:E7
Certificate issuer:       /CN=A91E208A/serialNumber=A17210C0F82B465E7079BB96F3C499C3FC4C0A88
Certificate serial:       06
Authority key identifier: A1:72:10:C0:F8:2B:46:5E:70:79:BB:96:F3:C4:99:C3:FC:4C:0A:88
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oXIQwPgrRl5webuW88SZw_xMCog.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E208A/70E5A220760511F1B63166DF79A30FBC/1D13321C760911F1B67326767BA30FBC.roa
Signing time:             Thu 02 Jul 2026 11:29:50 +0000
ROA not before:           Thu 02 Jul 2026 11:29:49 +0000
ROA not after:            Sun 31 Oct 2027 00:00:00 +0000
asID:                     151954
IP address blocks:        160.236.58.0/23 maxlen: 23
                          160.236.58.0/24 maxlen: 24
                          160.236.59.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E208A/70E5A220760511F1B63166DF79A30FBC/oXIQwPgrRl5webuW88SZw_xMCog.crl
                          rsync://rpki.apnic.net/member_repository/A91E208A/70E5A220760511F1B63166DF79A30FBC/oXIQwPgrRl5webuW88SZw_xMCog.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oXIQwPgrRl5webuW88SZw_xMCog.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 10:09:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E208A, serialNumber=A17210C0F82B465E7079BB96F3C499C3FC4C0A88
        Validity
            Not Before: Jul  2 11:29:49 2026 GMT
            Not After : Oct 31 00:00:00 2027 GMT
        Subject: CN=6a464bad-ede0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:35:22:d3:14:34:e7:a6:d8:51:e1:f1:b7:8d:
                    57:a1:cc:6d:69:81:9a:be:1b:4f:12:72:2d:f4:bf:
                    67:23:88:a6:e6:45:4b:53:25:dc:2c:0c:e8:8e:b9:
                    52:d0:c7:e9:05:ef:25:0c:f2:99:6c:b0:14:d4:bf:
                    82:ed:30:88:00:89:72:83:8b:e6:2e:03:50:f2:6e:
                    d1:34:a5:bc:a5:e1:9f:25:f3:ce:4d:35:38:b9:22:
                    12:f9:64:cb:d3:02:41:1d:39:9d:fe:92:be:ba:04:
                    75:b5:01:06:46:fe:ea:95:53:4e:7d:e3:29:c1:41:
                    13:36:57:5e:f0:33:d5:fd:d1:1c:ff:da:c6:6f:10:
                    3a:06:db:37:b4:3c:2b:b1:c7:62:b4:31:49:a6:b7:
                    66:31:42:40:9c:d0:c5:5c:bf:d7:00:0e:bc:56:8f:
                    b9:13:ab:e9:22:fd:cd:79:a6:48:74:9a:ef:1b:e8:
                    eb:bb:be:70:e9:6e:06:c0:5c:d3:2d:11:ee:be:94:
                    57:ac:40:ec:33:09:5b:72:6a:00:72:7d:ec:d1:94:
                    58:79:e7:c0:3a:36:2b:e9:c8:21:14:27:f8:ab:44:
                    0a:51:3d:05:96:ad:bf:03:68:7c:ae:00:59:ba:08:
                    6d:bd:31:b9:87:fa:17:81:ed:6e:cb:52:65:39:04:
                    34:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E3:72:B0:64:32:1A:1A:C6:EB:80:CB:CA:5F:E0:15:96:73:AC:E7
            X509v3 Authority Key Identifier:
                keyid:A1:72:10:C0:F8:2B:46:5E:70:79:BB:96:F3:C4:99:C3:FC:4C:0A:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E208A/70E5A220760511F1B63166DF79A30FBC/oXIQwPgrRl5webuW88SZw_xMCog.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oXIQwPgrRl5webuW88SZw_xMCog.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E208A/70E5A220760511F1B63166DF79A30FBC/1D13321C760911F1B67326767BA30FBC.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.236.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d3:9f:2f:09:ff:ff:79:9f:79:3d:76:f4:33:9a:f9:6d:73:fc:
         9c:c3:91:0c:35:18:5f:fa:e6:ce:38:5e:9f:68:c7:4f:67:1e:
         98:ad:8d:aa:64:a5:22:17:eb:f4:03:ca:86:a0:af:50:38:54:
         02:d3:d5:5f:18:a4:7f:59:15:55:55:6c:71:81:d3:2f:7d:48:
         0d:e4:0e:fc:6d:18:8f:92:c0:62:eb:01:5f:b2:ba:c9:56:75:
         a7:b7:d4:5d:69:9b:b8:7d:ef:58:c3:d6:2a:f7:2b:15:5c:f4:
         1d:f9:ba:b5:61:8d:8b:97:86:05:ce:d2:e7:0d:e2:cc:d3:84:
         23:98:25:bf:93:a9:48:13:c3:2f:f7:a0:df:fc:13:38:8f:96:
         19:87:2f:28:32:af:be:52:bc:7a:af:5c:55:51:fa:ee:d5:53:
         b1:c9:47:f2:db:38:57:65:c7:01:63:e2:08:78:0e:db:d2:81:
         89:5c:bb:bd:c6:39:25:53:d0:63:0b:a2:f8:3b:d4:50:b5:40:
         2a:ca:d4:37:bb:26:5b:16:d5:85:e7:57:94:93:b8:f4:e2:84:
         80:fb:fc:e7:09:e2:f5:bd:2b:40:36:e6:a3:de:5f:bd:86:b2:
         f4:68:cb:2c:cf:d2:dc:7c:3e:69:88:db:87:0b:c0:b1:c0:80:
         e9:bc:be:26
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MjA4QTExMC8GA1UEBRMoQTE3MjEwQzBGODJCNDY1RTcwNzlCQjk2RjNDNDk5QzNG
QzRDMEE4ODAeFw0yNjA3MDIxMTI5NDlaFw0yNzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTZhNDY0YmFkLWVkZTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtNSLTFDTnpthR4fG3jVehzG1pgZq+G08Sci30v2cjiKbmRUtTJdwsDOiOuVLQ
x+kF7yUM8plssBTUv4LtMIgAiXKDi+YuA1DybtE0pbyl4Z8l885NNTi5IhL5ZMvT
AkEdOZ3+kr66BHW1AQZG/uqVU0594ynBQRM2V17wM9X90Rz/2sZvEDoG2ze0PCux
x2K0MUmmt2YxQkCc0MVcv9cADrxWj7kTq+ki/c15pkh0mu8b6Ou7vnDpbgbAXNMt
Ee6+lFesQOwzCVtyagByfezRlFh558A6NivpyCEUJ/irRApRPQWWrb8DaHyuAFm6
CG29MbmH+heB7W7LUmU5BDRVAgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUv+NysGQy
GhrG64DLyl/gFZZzrOcwHwYDVR0jBBgwFoAUoXIQwPgrRl5webuW88SZw/xMCogw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyMDhBLzcwRTVBMjIwNzYw
NTExRjFCNjMxNjZERjc5QTMwRkJDL29YSVF3UGdyUmw1d2VidVc4OFNad194TUNv
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvb1hJUXdQZ3JSbDV3ZWJ1Vzg4U1p3X3hNQ29nLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MjA4QS83MEU1QTIyMDc2MDUxMUYxQjYzMTY2REY3OUEzMEZCQy8xRDEzMzIxQzc2
MDkxMUYxQjY3MzI2NzY3QkEzMEZCQy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAGg7DowDQYJKoZIhvcNAQELBQADggEBANOfLwn//3mfeT129DOa+W1z
/JzDkQw1GF/65s44Xp9ox09nHpitjapkpSIX6/QDyoagr1A4VALT1V8YpH9ZFVVV
bHGB0y99SA3kDvxtGI+SwGLrAV+yuslWdae31F1pm7h971jD1ir3KxVc9B35urVh
jYuXhgXO0ucN4szThCOYJb+TqUgTwy/3oN/8EziPlhmHLygyr75SvHqvXFVR+u7V
U7HJR/LbOFdlxwFj4gh4DtvSgYlcu73GOSVT0GMLovg71FC1QCrK1De7JlsW1YXn
V5STuPTihID7/OcJ4vW9K0A25qPeX72GsvRoyyzP0tx8PmmI24cLwLHAgOm8viY=
-----END CERTIFICATE-----
Generated at Sun Jul 5 10:20:42 2026 by rpki-client