Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa
File:                     81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa (raw, json)
Hash identifier:          wltUxvT2gIrkk4cq9N351wOYzI5GH6/ywEsI+BXEuw0=
Subject key identifier:   FA:EA:A7:A6:9B:B4:F3:E7:83:4D:16:0C:9E:EC:E7:85:A0:EB:4F:8C
Certificate issuer:       /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial:       2596
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa
Signing time:             Thu 16 Jul 2026 15:13:13 +0000
ROA not before:           Thu 16 Jul 2026 15:13:13 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     135295
IP address blocks:        136.228.152.0/24 maxlen: 24
                          136.228.153.0/24 maxlen: 24
                          136.228.154.0/24 maxlen: 24
                          136.228.155.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
                          rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 15:13:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9622 (0x2596)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA958, serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
        Validity
            Not Before: Jul 16 15:13:13 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a58f509-5ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:dd:fc:34:26:30:04:8a:8e:bd:c4:06:c6:21:
                    68:6f:78:b4:d7:0f:fc:3d:86:91:90:3b:06:7e:78:
                    c7:33:b6:cd:81:b3:ea:c4:d3:46:64:d7:b2:85:97:
                    e1:bc:4d:7a:44:25:94:5d:6c:08:63:19:4c:ff:fd:
                    92:97:08:36:0b:1e:86:a5:12:52:b8:57:60:1c:a2:
                    27:f9:79:18:84:81:c5:5f:ee:6f:fd:b3:3d:8f:19:
                    33:3b:e7:a0:c0:2c:9f:70:20:02:47:4e:02:5d:c5:
                    57:5b:c2:98:dd:43:db:6b:c4:e7:ec:5f:30:e4:03:
                    72:20:d5:20:ea:6f:47:0b:d2:79:33:f7:08:18:bb:
                    09:44:3c:02:3b:e3:4e:24:96:94:51:f7:78:b5:b5:
                    fb:09:78:ac:b0:a6:8a:6c:2f:00:61:f5:33:95:ce:
                    a6:89:ac:bd:2a:1e:4a:9d:c9:ba:ce:81:72:91:ac:
                    79:7d:28:b7:eb:bc:09:65:28:a6:9d:4c:38:e4:22:
                    de:3d:e6:c5:0f:bd:79:52:a2:e7:07:46:43:03:08:
                    13:1a:07:e0:cf:e0:c4:d3:11:92:44:81:90:20:c0:
                    ad:54:d7:d6:73:38:3d:90:1d:81:c0:fe:af:fa:3a:
                    64:c4:bf:eb:99:a5:ed:08:a8:c8:6e:39:e9:3f:73:
                    f2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:EA:A7:A6:9B:B4:F3:E7:83:4D:16:0C:9E:EC:E7:85:A0:EB:4F:8C
            X509v3 Authority Key Identifier:
                keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.228.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:15:d7:26:ff:4f:3f:1b:51:c3:92:96:7e:94:29:b3:5a:93:
         a2:c5:61:43:57:dc:af:9c:cd:65:87:12:fd:c4:56:8b:49:4d:
         de:52:9a:ea:3a:1c:3a:17:1c:a4:85:3d:93:37:45:2a:f5:95:
         b7:f9:8b:f6:75:48:f0:94:4b:2f:05:3c:b0:27:b0:e0:95:db:
         01:9c:e1:1c:dd:a2:ba:eb:93:4c:1b:10:16:fa:1a:4e:cd:ef:
         c1:f1:4b:64:b1:ff:63:27:6d:e8:f1:bf:ae:dd:c3:12:01:72:
         45:8c:3d:49:85:ec:1f:de:77:ab:af:b2:53:fb:e1:46:29:46:
         54:db:ee:d3:ab:44:f0:a7:68:15:7d:a4:f9:c9:f3:87:3c:99:
         7c:ec:e2:8e:fb:73:1e:e4:ed:b8:4d:84:26:f6:4f:7b:9f:a1:
         d3:23:5f:2a:04:50:46:d0:17:85:5b:a1:4c:9f:e4:47:f0:1b:
         b9:b1:dd:51:0d:55:b9:1b:5a:75:0a:95:87:e5:d6:93:3a:ad:
         5e:b6:51:b7:e6:bf:3a:34:5e:a2:07:c3:25:cf:f1:56:64:10:
         a1:8f:35:a6:05:7f:4d:59:3b:13:0a:76:ad:33:aa:72:da:ef:
         12:84:5e:bc:9b:23:4e:cb:5a:0f:83:0f:44:d6:fe:17:61:d8:
         a6:75:99:c8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICJZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjYwNzE2MTUxMzEzWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU4ZjUwOS01Y2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm938NCYwBIqOvcQGxiFob3i01w/8PYaRkDsGfnjHM7bNgbPqxNNGZNeyhZfh
vE16RCWUXWwIYxlM//2Slwg2Cx6GpRJSuFdgHKIn+XkYhIHFX+5v/bM9jxkzO+eg
wCyfcCACR04CXcVXW8KY3UPba8Tn7F8w5ANyINUg6m9HC9J5M/cIGLsJRDwCO+NO
JJaUUfd4tbX7CXissKaKbC8AYfUzlc6miay9Kh5Kncm6zoFykax5fSi367wJZSim
nUw45CLePebFD715UqLnB0ZDAwgTGgfgz+DE0xGSRIGQIMCtVNfWczg9kB2BwP6v
+jpkxL/rmaXtCKjIbjnpP3PyMwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPrqp6ab
tPPng00WDJ7s54Wg60+MMB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvODFFNkEwMzhC
RUJEMTFFQkExQkM4QTBGQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCiOSYMA0GCSqGSIb3DQEBCwUAA4IBAQBiFdcm/08/G1HDkpZ+lCmz
WpOixWFDV9yvnM1lhxL9xFaLSU3eUprqOhw6FxykhT2TN0Uq9ZW3+Yv2dUjwlEsv
BTywJ7DgldsBnOEc3aK665NMGxAW+hpOze/B8Utksf9jJ23o8b+u3cMSAXJFjD1J
hewf3nerr7JT++FGKUZU2+7Tq0Twp2gVfaT5yfOHPJl87OKO+3Me5O24TYQm9k97
n6HTI18qBFBG0BeFW6FMn+RH8Bu5sd1RDVW5G1p1CpWH5daTOq1etlG35r86NF6i
B8Mlz/FWZBChjzWmBX9NWTsTCnatM6py2u8ShF68myNOy1oPgw9E1v4XYdimdZnI
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:34:39 2026 by rpki-client