Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBBAF/10C19D3036DD11F096862166C4F9AE02/CE1C73F63F8211F1AB237298B0833773.roa
File:                     CE1C73F63F8211F1AB237298B0833773.roa (raw, json)
Hash identifier:          1dULmPlH8HLClqvcITKjGcpOIi/CUGi4EO79W2+0kTM=
Subject key identifier:   C7:78:5C:4D:1E:14:46:AF:87:C0:E7:7E:42:2D:79:E4:87:7D:E3:C9
Certificate issuer:       /CN=A91EBBAF/serialNumber=D2066B61934E77CF267A9DCC38BF5DEE21F07BA3
Certificate serial:       DE
Authority key identifier: D2:06:6B:61:93:4E:77:CF:26:7A:9D:CC:38:BF:5D:EE:21:F0:7B:A3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0gZrYZNOd88mep3MOL9d7iHwe6M.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EBBAF/10C19D3036DD11F096862166C4F9AE02/CE1C73F63F8211F1AB237298B0833773.roa
Signing time:             Fri 03 Jul 2026 07:34:55 +0000
ROA not before:           Fri 03 Jul 2026 07:34:55 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     153885
IP address blocks:        165.99.60.0/24 maxlen: 24
                          165.99.61.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EBBAF/10C19D3036DD11F096862166C4F9AE02/0gZrYZNOd88mep3MOL9d7iHwe6M.crl
                          rsync://rpki.apnic.net/member_repository/A91EBBAF/10C19D3036DD11F096862166C4F9AE02/0gZrYZNOd88mep3MOL9d7iHwe6M.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0gZrYZNOd88mep3MOL9d7iHwe6M.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 07:50:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 222 (0xde)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EBBAF, serialNumber=D2066B61934E77CF267A9DCC38BF5DEE21F07BA3
        Validity
            Not Before: Jul  3 07:34:55 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a47661f-658e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:18:df:25:23:2b:a8:bb:03:1a:84:f7:6a:14:
                    5a:7f:6c:26:43:7c:30:9c:db:3d:9e:36:88:b6:84:
                    0a:6f:e9:4c:3c:8b:23:8b:ed:15:50:21:aa:c4:21:
                    30:dc:2f:11:1f:c4:68:47:41:f0:98:46:b1:08:fe:
                    47:7f:84:f9:90:80:ad:a9:0a:5a:cc:4c:d7:49:e7:
                    31:48:8e:6f:94:76:6c:b1:e8:ec:9a:bb:e3:15:91:
                    c9:8b:aa:b0:7f:19:7e:46:0a:73:1c:d9:93:e6:ec:
                    53:5a:ba:d2:f9:7f:26:c2:9e:1e:38:cf:41:c3:4a:
                    b6:a1:6c:b9:90:c4:8b:08:80:5f:6c:74:92:4f:54:
                    0f:ab:46:33:ba:0f:24:18:ac:e9:f6:d7:09:ec:02:
                    1e:fe:cf:0b:ea:f5:c5:02:12:a3:ee:b9:26:05:17:
                    e1:cb:be:dc:29:92:67:a8:f2:4f:d4:9d:1c:ce:68:
                    35:69:91:31:64:22:b4:2f:f9:50:c4:2e:be:49:71:
                    4b:2a:26:29:74:42:f4:2d:1c:1e:f0:5f:15:e2:5c:
                    09:34:f5:e4:34:db:21:38:ff:53:a4:6c:bc:b3:45:
                    b2:07:79:99:ce:ed:36:7e:5b:99:e1:c6:30:96:c1:
                    f9:55:35:ee:be:6f:29:f1:36:90:47:ec:3d:be:cc:
                    06:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:78:5C:4D:1E:14:46:AF:87:C0:E7:7E:42:2D:79:E4:87:7D:E3:C9
            X509v3 Authority Key Identifier:
                keyid:D2:06:6B:61:93:4E:77:CF:26:7A:9D:CC:38:BF:5D:EE:21:F0:7B:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EBBAF/10C19D3036DD11F096862166C4F9AE02/0gZrYZNOd88mep3MOL9d7iHwe6M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0gZrYZNOd88mep3MOL9d7iHwe6M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBBAF/10C19D3036DD11F096862166C4F9AE02/CE1C73F63F8211F1AB237298B0833773.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6d:0a:02:c5:e1:61:8f:d9:15:ca:a2:3a:35:0c:14:74:aa:f4:
         0b:19:50:57:e9:cc:97:d3:af:21:9f:5e:0f:af:08:0d:30:2d:
         01:54:89:f7:ad:a2:bc:93:52:6d:4f:a0:c1:80:41:bf:ed:61:
         fc:5c:54:fc:e5:b5:c8:ad:24:7a:88:2d:cd:28:32:da:a2:ec:
         8d:d2:98:76:35:d1:ff:ff:9c:ab:2f:93:97:14:2a:87:31:ea:
         cf:c8:eb:26:5a:78:40:5d:75:c8:62:44:98:c4:b5:c2:51:61:
         40:11:eb:3b:da:60:79:ad:a4:bd:1f:19:0f:86:64:a9:b6:bc:
         7e:b6:5b:73:ec:8f:84:fe:57:70:2a:75:7c:88:7c:58:3b:76:
         4f:bd:7d:06:e7:9f:62:a5:7a:4e:45:ed:8d:09:f8:dc:85:05:
         69:01:ba:d2:1f:54:c7:75:e3:52:8a:ce:86:65:d8:14:97:50:
         03:23:b1:4d:3e:97:ab:f6:82:20:1d:65:7d:c0:15:26:7d:c1:
         8a:81:e2:ce:bb:fc:c0:2c:c7:78:86:61:40:19:12:bf:d3:4c:
         3c:70:35:b6:93:05:28:2a:0f:0c:dd:0f:db:9b:d9:39:b8:ad:
         56:d5:79:29:ea:80:da:1a:70:9a:8d:5e:2f:bf:6b:44:cc:da:
         09:54:f7:7a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJCQUYxMTAvBgNVBAUTKEQyMDY2QjYxOTM0RTc3Q0YyNjdBOURDQzM4QkY1REVF
MjFGMDdCQTMwHhcNMjYwNzAzMDczNDU1WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3NjYxZi02NThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArBjfJSMrqLsDGoT3ahRaf2wmQ3wwnNs9njaItoQKb+lMPIsji+0VUCGqxCEw
3C8RH8RoR0HwmEaxCP5Hf4T5kICtqQpazEzXSecxSI5vlHZssejsmrvjFZHJi6qw
fxl+RgpzHNmT5uxTWrrS+X8mwp4eOM9Bw0q2oWy5kMSLCIBfbHSST1QPq0Yzug8k
GKzp9tcJ7AIe/s8L6vXFAhKj7rkmBRfhy77cKZJnqPJP1J0czmg1aZExZCK0L/lQ
xC6+SXFLKiYpdEL0LRwe8F8V4lwJNPXkNNshOP9TpGy8s0WyB3mZzu02fluZ4cYw
lsH5VTXuvm8p8TaQR+w9vswGfQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFMd4XE0e
FEavh8DnfkIteeSHfePJMB8GA1UdIwQYMBaAFNIGa2GTTnfPJnqdzDi/Xe4h8Huj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkJBRi8xMEMxOUQzMDM2
REQxMUYwOTY4NjIxNjZDNEY5QUUwMi8wZ1pyWVpOT2Q4OG1lcDNNT0w5ZDdpSHdl
Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzBnWnJZWk5PZDg4bWVwM01PTDlkN2lId2U2TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJCQUYvMTBDMTlEMzAzNkREMTFGMDk2ODYyMTY2QzRGOUFFMDIvQ0UxQzczRjYz
RjgyMTFGMUFCMjM3Mjk4QjA4MzM3NzMucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBpWM8MA0GCSqGSIb3DQEBCwUAA4IBAQBtCgLF4WGP2RXKojo1DBR0
qvQLGVBX6cyX068hn14PrwgNMC0BVIn3raK8k1JtT6DBgEG/7WH8XFT85bXIrSR6
iC3NKDLaouyN0ph2NdH//5yrL5OXFCqHMerPyOsmWnhAXXXIYkSYxLXCUWFAEes7
2mB5raS9HxkPhmSptrx+tltz7I+E/ldwKnV8iHxYO3ZPvX0G559ipXpORe2NCfjc
hQVpAbrSH1THdeNSis6GZdgUl1ADI7FNPper9oIgHWV9wBUmfcGKgeLOu/zALMd4
hmFAGRK/00w8cDW2kwUoKg8M3Q/bm9k5uK1W1Xkp6oDaGnCajV4vv2tEzNoJVPd6
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:12:24 2026 by rpki-client