Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC98B/74107CEE036511F1B98578D42C3D8C67/32A5FD8C036611F1A426A4772D3D8C67.roa
File:                     32A5FD8C036611F1A426A4772D3D8C67.roa (raw, json)
Hash identifier:          74mwc9LQpW/L2dkBvxUUTHTqTkYyfx6a6uTfz8A4a5I=
Subject key identifier:   79:A4:77:AC:A0:DF:16:3C:30:5E:DD:48:D1:18:55:6B:63:65:C7:32
Certificate issuer:       /CN=A91EC98B/serialNumber=0AFE2B20ADE6B9C30B8B1811D15F1D0D574DE3DE
Certificate serial:       51
Authority key identifier: 0A:FE:2B:20:AD:E6:B9:C3:0B:8B:18:11:D1:5F:1D:0D:57:4D:E3:DE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cv4rIK3mucMLixgR0V8dDVdN494.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EC98B/74107CEE036511F1B98578D42C3D8C67/32A5FD8C036611F1A426A4772D3D8C67.roa
Signing time:             Wed 01 Jul 2026 10:35:17 +0000
ROA not before:           Wed 01 Jul 2026 10:35:17 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     56283
IP address blocks:        202.0.115.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EC98B/74107CEE036511F1B98578D42C3D8C67/Cv4rIK3mucMLixgR0V8dDVdN494.crl
                          rsync://rpki.apnic.net/member_repository/A91EC98B/74107CEE036511F1B98578D42C3D8C67/Cv4rIK3mucMLixgR0V8dDVdN494.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cv4rIK3mucMLixgR0V8dDVdN494.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 09:14:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 81 (0x51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EC98B, serialNumber=0AFE2B20ADE6B9C30B8B1811D15F1D0D574DE3DE
        Validity
            Not Before: Jul  1 10:35:17 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a44ed64-a683
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0b:4d:55:5f:a7:2c:bd:11:df:c5:73:6d:b3:
                    2b:1a:d8:b3:f8:fa:01:b2:96:4a:70:e6:64:45:55:
                    63:76:26:2f:85:a7:e2:b2:ff:c4:af:e9:06:4e:e6:
                    32:a7:7d:a1:dd:50:1e:59:2e:ef:5b:cd:8f:77:b0:
                    1c:f9:b0:91:96:27:9f:c5:fe:44:7c:33:41:74:11:
                    9b:00:6e:d9:0f:08:37:75:7f:80:4a:ad:4a:9c:11:
                    cf:0d:10:5a:c9:e7:8c:5f:18:ab:21:e3:d3:9f:4e:
                    e1:c4:75:fe:78:c9:3c:0d:b1:67:b9:49:a0:01:59:
                    e8:bd:61:de:2c:bf:d5:65:cd:3e:f2:31:96:6a:2b:
                    9f:15:49:1c:2b:06:2e:27:7d:88:06:a5:ee:91:0d:
                    f0:14:74:e3:e1:7b:3b:49:53:ac:a0:98:18:9a:c8:
                    27:d1:38:23:cf:b9:38:24:42:6c:ca:82:f5:3a:0f:
                    59:9c:87:46:1f:cd:e8:7c:4c:66:a4:7c:d2:64:d0:
                    62:57:19:84:1d:98:31:b3:d9:fc:70:f8:bf:02:a1:
                    ca:8c:56:49:55:7f:a9:e3:d2:90:f1:9c:05:4f:1e:
                    0b:46:7d:c8:83:10:3a:c5:1c:50:d4:da:f0:b8:8e:
                    77:48:92:f0:95:03:da:62:0e:ae:71:10:70:65:93:
                    58:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:A4:77:AC:A0:DF:16:3C:30:5E:DD:48:D1:18:55:6B:63:65:C7:32
            X509v3 Authority Key Identifier:
                keyid:0A:FE:2B:20:AD:E6:B9:C3:0B:8B:18:11:D1:5F:1D:0D:57:4D:E3:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EC98B/74107CEE036511F1B98578D42C3D8C67/Cv4rIK3mucMLixgR0V8dDVdN494.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cv4rIK3mucMLixgR0V8dDVdN494.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC98B/74107CEE036511F1B98578D42C3D8C67/32A5FD8C036611F1A426A4772D3D8C67.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.0.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:44:0c:ee:cf:d3:57:84:a4:9e:43:8c:66:b3:d2:90:3e:66:
         97:d7:fa:0f:b0:9c:07:e9:2b:25:fa:5d:cf:1a:cb:59:a1:a3:
         91:de:84:ca:ed:54:01:c9:7d:91:44:63:39:87:c2:d9:81:55:
         84:ae:5c:f4:bc:c1:82:0c:fd:10:78:e2:d5:2f:16:b6:8b:68:
         bd:0d:e5:16:13:fd:d5:51:94:ea:1f:e5:dc:fa:54:b3:5a:15:
         15:1d:12:f4:9d:cf:be:88:dd:d3:86:72:a4:f0:6e:1e:30:86:
         69:b9:f3:3f:3a:33:aa:41:f8:66:4f:41:c0:a2:f7:02:1e:91:
         52:ea:47:ee:ce:f8:d7:0b:44:f1:c7:fa:84:c8:fa:c7:0f:ab:
         07:ce:cb:bd:a2:ae:5c:a6:44:f9:8a:6f:61:3f:8c:0c:1d:c7:
         50:91:8a:a5:f6:97:ba:20:bc:4e:11:c1:9e:7c:7f:01:b0:f7:
         59:dc:c7:a0:d7:47:f3:c5:de:a0:4b:94:fa:35:ca:1a:da:12:
         9b:a2:79:84:78:9a:2a:28:89:7b:63:f5:b2:20:e9:dc:b9:00:
         73:94:81:15:a7:bc:aa:7d:7a:62:48:d6:c2:ec:62:a0:36:93:
         e5:dd:f8:dc:9e:c0:e3:ec:83:a9:bf:c0:e3:32:b2:ae:a7:a8:
         33:a9:40:30
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIBUTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
Qzk4QjExMC8GA1UEBRMoMEFGRTJCMjBBREU2QjlDMzBCOEIxODExRDE1RjFEMEQ1
NzRERTNERTAeFw0yNjA3MDExMDM1MTdaFw0yNjEwMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTZhNDRlZDY0LWE2ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvC01VX6csvRHfxXNtsysa2LP4+gGylkpw5mRFVWN2Ji+Fp+Ky/8Sv6QZO5jKn
faHdUB5ZLu9bzY93sBz5sJGWJ5/F/kR8M0F0EZsAbtkPCDd1f4BKrUqcEc8NEFrJ
54xfGKsh49OfTuHEdf54yTwNsWe5SaABWei9Yd4sv9VlzT7yMZZqK58VSRwrBi4n
fYgGpe6RDfAUdOPheztJU6ygmBiayCfROCPPuTgkQmzKgvU6D1mch0Yfzeh8TGak
fNJk0GJXGYQdmDGz2fxw+L8CocqMVklVf6nj0pDxnAVPHgtGfciDEDrFHFDU2vC4
jndIkvCVA9piDq5xEHBlk1h9AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUeaR3rKDf
FjwwXt1I0RhVa2NlxzIwHwYDVR0jBBgwFoAUCv4rIK3mucMLixgR0V8dDVdN494w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDOThCLzc0MTA3Q0VFMDM2
NTExRjFCOTg1NzhENDJDM0Q4QzY3L0N2NHJJSzNtdWNNTGl4Z1IwVjhkRFZkTjQ5
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ3Y0cklLM211Y01MaXhnUjBWOGREVmRONDk0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
Qzk4Qi83NDEwN0NFRTAzNjUxMUYxQjk4NTc4RDQyQzNEOEM2Ny8zMkE1RkQ4QzAz
NjYxMUYxQTQyNkE0NzcyRDNEOEM2Ny5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBADKAHMwDQYJKoZIhvcNAQELBQADggEBAJ1EDO7P01eEpJ5DjGaz0pA+
ZpfX+g+wnAfpKyX6Xc8ay1mho5HehMrtVAHJfZFEYzmHwtmBVYSuXPS8wYIM/RB4
4tUvFraLaL0N5RYT/dVRlOof5dz6VLNaFRUdEvSdz76I3dOGcqTwbh4whmm58z86
M6pB+GZPQcCi9wIekVLqR+7O+NcLRPHH+oTI+scPqwfOy72irlymRPmKb2E/jAwd
x1CRiqX2l7ogvE4RwZ58fwGw91ncx6DXR/PF3qBLlPo1yhraEpuieYR4miooiXtj
9bIg6dy5AHOUgRWnvKp9emJI1sLsYqA2k+Xd+NyewOPsg6m/wOMysq6nqDOpQDA=
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:39:28 2026 by rpki-client