Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/C608133C226F11EF8D24AD63C4F9AE02.roa
File:                     C608133C226F11EF8D24AD63C4F9AE02.roa (raw, json)
Hash identifier:          5OHmsgpNaZCWhI9Ovt9ZtSQjbw9IURcbBlU1wm6uqes=
Subject key identifier:   0F:F0:95:7E:2B:D0:B7:91:3D:45:B0:6B:F1:70:07:42:E8:CA:1B:8E
Certificate issuer:       /CN=A91E4468/serialNumber=AFFCE637988165E6C51BFBFEBD1283D511240190
Certificate serial:       0197
Authority key identifier: AF:FC:E6:37:98:81:65:E6:C5:1B:FB:FE:BD:12:83:D5:11:24:01:90
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_zmN5iBZebFG_v-vRKD1REkAZA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/C608133C226F11EF8D24AD63C4F9AE02.roa
Signing time:             Mon 29 Dec 2025 03:22:58 +0000
ROA not before:           Mon 29 Dec 2025 03:22:58 +0000
ROA not after:            Tue 02 Mar 2027 00:00:00 +0000
asID:                     56264
IP address blocks:        210.79.181.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/r_zmN5iBZebFG_v-vRKD1REkAZA.crl
                          rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/r_zmN5iBZebFG_v-vRKD1REkAZA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_zmN5iBZebFG_v-vRKD1REkAZA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 26 Feb 2026 02:44:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 407 (0x197)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4468, serialNumber=AFFCE637988165E6C51BFBFEBD1283D511240190
        Validity
            Not Before: Dec 29 03:22:58 2025 GMT
            Not After : Mar  2 00:00:00 2027 GMT
        Subject: CN=6951f411-9908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:07:e2:95:be:f8:9c:88:43:1a:79:f6:d4:01:
                    b7:8c:9b:6a:5c:f3:45:1b:0d:9b:e1:d3:cb:19:e9:
                    b0:96:a9:21:b1:7d:97:76:11:01:6d:b5:c4:fa:6d:
                    98:1f:e2:c4:98:29:43:2f:4a:33:f5:b5:53:8f:65:
                    4b:b1:37:5f:6b:b9:24:61:44:3d:c4:0f:a6:a3:3b:
                    18:c7:25:26:fc:e8:96:ec:b9:4e:c5:00:9b:0e:96:
                    63:ca:26:28:c9:d4:ef:79:a7:39:88:6a:85:e7:95:
                    e1:12:01:10:7c:2c:db:48:59:ba:22:f7:3a:b3:ac:
                    16:fd:0a:21:22:d6:af:2f:cf:6d:67:2a:33:79:18:
                    26:09:1a:80:6f:0b:fd:f4:a7:7d:65:ba:38:7c:38:
                    10:d7:71:53:e2:0c:76:dd:a7:d0:a1:6e:f7:ec:22:
                    4a:0b:fd:ce:d9:a8:1f:e5:e5:d5:c7:1a:4d:05:ce:
                    56:f5:3c:7d:6b:57:bc:70:76:fe:d3:12:d4:14:6b:
                    79:b3:a2:3f:d3:f0:2d:b1:d6:89:b1:54:01:90:66:
                    22:e2:ac:47:99:1d:ac:6b:cf:b2:56:3f:fd:a1:b7:
                    13:7a:e1:83:cb:b2:5c:2f:c7:db:39:e7:52:d1:30:
                    31:63:57:51:bc:a3:62:82:74:3c:0b:ed:ae:1b:f9:
                    4c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:F0:95:7E:2B:D0:B7:91:3D:45:B0:6B:F1:70:07:42:E8:CA:1B:8E
            X509v3 Authority Key Identifier:
                keyid:AF:FC:E6:37:98:81:65:E6:C5:1B:FB:FE:BD:12:83:D5:11:24:01:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/r_zmN5iBZebFG_v-vRKD1REkAZA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_zmN5iBZebFG_v-vRKD1REkAZA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4468/827524E88EE511EEA2EEDD12C4F9AE02/C608133C226F11EF8D24AD63C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.79.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:9e:89:0f:1a:6e:69:89:58:a2:96:5c:e9:fd:2e:28:59:29:
         24:2b:c3:d3:2e:a0:dc:1c:c6:3c:09:e2:e3:6c:24:58:e7:bf:
         0a:8f:ca:f9:d9:cf:e8:cb:9b:c7:a9:41:66:cd:c3:95:c7:88:
         e7:dc:63:7f:5f:e1:f1:37:b9:b2:11:21:15:be:ba:6d:03:fc:
         3a:c6:ff:6e:62:a0:59:09:f6:a7:4b:09:cc:97:9d:e5:de:76:
         ff:7a:30:34:c5:79:4e:f6:87:ec:34:59:ab:d0:b2:8d:38:4d:
         50:4e:37:0f:68:d0:0a:b0:6f:ff:79:06:5e:e5:cb:47:b2:3b:
         25:9a:78:a8:3d:05:11:42:69:57:46:d4:49:06:f0:aa:91:a9:
         48:94:14:5e:62:99:9a:39:16:b7:13:18:2e:60:1f:72:26:b5:
         20:c7:8e:9c:20:1b:68:4d:30:ce:4d:e8:c7:87:cb:23:49:d6:
         d4:b5:34:0a:24:17:17:ce:29:e5:bd:be:c4:07:67:a0:c8:5e:
         39:d3:42:00:79:e1:0b:68:40:79:e9:9a:3e:56:3c:30:31:e3:
         be:59:6e:f4:cb:f4:bc:4e:42:44:17:d5:cc:47:90:9d:2f:3b:
         e3:68:5e:b2:39:80:bb:75:52:83:8f:6a:fa:85:b8:7b:ac:53:
         bd:f5:e4:72
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
RTQ0NjgxMTAvBgNVBAUTKEFGRkNFNjM3OTg4MTY1RTZDNTFCRkJGRUJEMTI4M0Q1
MTEyNDAxOTAwHhcNMjUxMjI5MDMyMjU4WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTUxZjQxMS05OTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApQfilb74nIhDGnn21AG3jJtqXPNFGw2b4dPLGemwlqkhsX2XdhEBbbXE+m2Y
H+LEmClDL0oz9bVTj2VLsTdfa7kkYUQ9xA+mozsYxyUm/OiW7LlOxQCbDpZjyiYo
ydTveac5iGqF55XhEgEQfCzbSFm6Ivc6s6wW/QohItavL89tZyozeRgmCRqAbwv9
9Kd9Zbo4fDgQ13FT4gx23afQoW737CJKC/3O2agf5eXVxxpNBc5W9Tx9a1e8cHb+
0xLUFGt5s6I/0/AtsdaJsVQBkGYi4qxHmR2sa8+yVj/9obcTeuGDy7JcL8fbOedS
0TAxY1dRvKNignQ8C+2uG/lMDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA/wlX4r
0LeRPUWwa/FwB0LoyhuOMB8GA1UdIwQYMBaAFK/85jeYgWXmxRv7/r0Sg9URJAGQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDQ2OC84Mjc1MjRFODhF
RTUxMUVFQTJFRUREMTJDNEY5QUUwMi9yX3ptTjVpQlplYkZHX3YtdlJLRDFSRWtB
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Jfem1ONWlCWmViRkdfdi12UktEMVJFa0FaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ0NjgvODI3NTI0RTg4RUU1MTFFRUEyRUVERDEyQzRGOUFFMDIvQzYwODEzM0My
MjZGMTFFRjhEMjRBRDYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADST7UwDQYJKoZIhvcNAQELBQADggEBALmeiQ8abmmJWKKW
XOn9LihZKSQrw9MuoNwcxjwJ4uNsJFjnvwqPyvnZz+jLm8epQWbNw5XHiOfcY39f
4fE3ubIRIRW+um0D/DrG/25ioFkJ9qdLCcyXneXedv96MDTFeU72h+w0WavQso04
TVBONw9o0Aqwb/95Bl7ly0eyOyWaeKg9BRFCaVdG1EkG8KqRqUiUFF5imZo5FrcT
GC5gH3ImtSDHjpwgG2hNMM5N6MeHyyNJ1tS1NAokFxfOKeW9vsQHZ6DIXjnTQgB5
4QtoQHnpmj5WPDAx475ZbvTL9LxOQkQX1cxHkJ0vO+NoXrI5gLt1UoOPavqFuHus
U7315HI=
-----END CERTIFICATE-----
Generated at Thu Feb 19 18:16:16 2026 by rpki-client