Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/05C4C0A41D8411E2B0C5A3D908B02CD2/FACC58F855C411E9A0FEF781C4F9AE02.roa
File:                     FACC58F855C411E9A0FEF781C4F9AE02.roa (raw, json)
Hash identifier:          FneWbJ04EWBnNB9hcGYxNXW+7dDU9U/j/uBXyZbLddM=
Subject key identifier:   77:6C:6D:D1:05:BA:85:3F:0F:3B:C6:B4:0E:E7:50:3F:07:0F:48:95
Certificate issuer:       /CN=A91EF19E/serialNumber=2B5375F2D0607546D51F6511F61BC4A18974FDE2
Certificate serial:       3590
Authority key identifier: 2B:53:75:F2:D0:60:75:46:D5:1F:65:11:F6:1B:C4:A1:89:74:FD:E2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1N18tBgdUbVH2UR9hvEoYl0_eI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EF19E/05C4C0A41D8411E2B0C5A3D908B02CD2/FACC58F855C411E9A0FEF781C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 15:12:00 +0000
ROA not before:           Tue 30 Jun 2026 15:12:00 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     7575
IP address blocks:        113.197.0.0/20 maxlen: 24
                          182.255.96.0/19 maxlen: 24
                          202.0.98.0/24 maxlen: 24
                          202.6.112.0/24 maxlen: 24
                          202.158.192.0/19 maxlen: 24
                          203.5.76.0/24 maxlen: 24
                          203.13.161.0/24 maxlen: 24
                          203.19.110.0/24 maxlen: 24
                          203.21.37.0/24 maxlen: 24
                          2001:388::/32 maxlen: 40
                          2001:388:cf85::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EF19E/05C4C0A41D8411E2B0C5A3D908B02CD2/K1N18tBgdUbVH2UR9hvEoYl0_eI.crl
                          rsync://rpki.apnic.net/member_repository/A91EF19E/05C4C0A41D8411E2B0C5A3D908B02CD2/K1N18tBgdUbVH2UR9hvEoYl0_eI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1N18tBgdUbVH2UR9hvEoYl0_eI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 14:24:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13712 (0x3590)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EF19E, serialNumber=2B5375F2D0607546D51F6511F61BC4A18974FDE2
        Validity
            Not Before: Jun 30 15:12:00 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a43dcc0-2d0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4d:30:07:19:2d:9d:fd:86:2a:53:c8:0a:e4:
                    e8:d0:72:88:7f:1e:65:83:c7:2d:f8:90:b3:bf:14:
                    b6:c4:db:3e:60:d1:97:95:46:c5:d7:5d:45:f7:22:
                    9b:10:12:d5:bf:29:7c:f1:42:f0:4c:5f:51:72:16:
                    8b:66:3f:aa:c9:d6:5d:a3:14:18:7c:cf:6d:51:37:
                    6c:66:8b:12:64:bb:38:e8:92:21:f5:10:22:cc:f7:
                    d4:ae:ae:54:1d:97:11:d0:a0:f2:6c:52:e4:03:21:
                    cf:7f:48:db:d4:2a:ed:11:6a:60:cd:54:3c:62:7e:
                    f7:cf:8b:14:1c:dd:77:23:2b:0b:b5:0c:12:bf:90:
                    a2:50:d3:44:b0:22:ad:d7:62:93:e6:6b:5c:54:14:
                    69:4d:f2:dd:7d:9e:cb:36:a4:39:0d:82:ab:9a:fe:
                    cf:96:59:28:89:5b:1d:53:f9:ee:f6:37:94:df:b7:
                    9e:ed:62:3e:50:f2:08:d5:0a:e5:71:4b:c1:33:10:
                    9a:63:5d:98:a4:cc:90:f1:a6:51:89:c6:16:ee:e9:
                    b5:5d:b4:4d:f7:e4:1b:a8:75:07:06:bf:db:47:cd:
                    db:28:dc:80:11:36:65:dc:fb:24:ed:ab:8e:37:b2:
                    83:c9:95:0a:c1:4b:6d:41:99:84:71:78:dd:42:ab:
                    99:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6C:6D:D1:05:BA:85:3F:0F:3B:C6:B4:0E:E7:50:3F:07:0F:48:95
            X509v3 Authority Key Identifier:
                keyid:2B:53:75:F2:D0:60:75:46:D5:1F:65:11:F6:1B:C4:A1:89:74:FD:E2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EF19E/05C4C0A41D8411E2B0C5A3D908B02CD2/K1N18tBgdUbVH2UR9hvEoYl0_eI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K1N18tBgdUbVH2UR9hvEoYl0_eI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/05C4C0A41D8411E2B0C5A3D908B02CD2/FACC58F855C411E9A0FEF781C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.197.0.0/20
                  182.255.96.0/19
                  202.0.98.0/24
                  202.6.112.0/24
                  202.158.192.0/19
                  203.5.76.0/24
                  203.13.161.0/24
                  203.19.110.0/24
                  203.21.37.0/24
                IPv6:
                  2001:388::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:bb:bc:2f:c8:de:c0:8e:9c:d6:9a:95:76:b9:2d:3b:bd:d3:
         03:3e:40:ca:c1:10:ec:d2:14:a9:4e:e3:6f:75:87:39:1c:d6:
         e5:0c:d0:f3:14:fd:3e:f9:78:5d:fc:f0:43:a0:39:5a:dc:49:
         44:b2:5c:e1:48:c6:28:c2:a0:b3:50:8b:dc:33:56:b9:3c:1d:
         5b:20:09:05:54:69:e8:1b:58:f6:e6:38:77:e1:41:31:ed:60:
         19:3d:af:ed:cc:f0:5e:5b:3c:bd:8d:7d:9d:bb:a1:bf:63:d3:
         bd:45:0a:75:17:b8:b3:c8:a9:f0:01:06:9b:72:ad:6a:ab:b9:
         11:db:41:b4:2c:b3:bd:09:5d:62:8a:28:37:f9:d7:7d:71:ee:
         68:f5:66:cd:72:61:90:6d:91:f5:a7:78:3f:fb:35:3b:c3:0c:
         af:be:5a:a7:59:d2:77:80:00:f2:77:11:25:c1:3f:bc:9d:98:
         ff:54:f7:6a:ee:41:b9:38:65:af:04:5a:fc:70:07:ca:11:ea:
         55:88:b6:33:a1:c0:50:24:42:b0:1a:85:bf:b6:8d:7c:2f:c6:
         57:b9:f7:28:bc:22:b0:72:f3:c1:54:7a:c2:5f:8e:4b:17:6f:
         9f:1b:5c:08:0a:4b:f9:8a:cb:78:bc:b8:4d:eb:e3:83:7c:7b:
         ac:14:98:de
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICNZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYxOUUxMTAvBgNVBAUTKDJCNTM3NUYyRDA2MDc1NDZENTFGNjUxMUY2MUJDNEEx
ODk3NEZERTIwHhcNMjYwNjMwMTUxMjAwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQzZGNjMC0yZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp00wBxktnf2GKlPICuTo0HKIfx5lg8ct+JCzvxS2xNs+YNGXlUbF111F9yKb
EBLVvyl88ULwTF9RchaLZj+qydZdoxQYfM9tUTdsZosSZLs46JIh9RAizPfUrq5U
HZcR0KDybFLkAyHPf0jb1CrtEWpgzVQ8Yn73z4sUHN13IysLtQwSv5CiUNNEsCKt
12KT5mtcVBRpTfLdfZ7LNqQ5DYKrmv7PllkoiVsdU/nu9jeU37ee7WI+UPII1Qrl
cUvBMxCaY12YpMyQ8aZRicYW7um1XbRN9+QbqHUHBr/bR83bKNyAETZl3Psk7auO
N7KDyZUKwUttQZmEcXjdQquZIwIDAQABo4ICnzCCApswHQYDVR0OBBYEFHdsbdEF
uoU/DzvGtA7nUD8HD0iVMB8GA1UdIwQYMBaAFCtTdfLQYHVG1R9lEfYbxKGJdP3i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS8wNUM0QzBBNDFE
ODQxMUUyQjBDNUEzRDkwOEIwMkNEMi9LMU4xOHRCZ2RVYlZIMlVSOWh2RW9ZbDBf
ZUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0sxTjE4dEJnZFViVkgyVVI5aHZFb1lsMF9lSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYxOUUvMDVDNEMwQTQxRDg0MTFFMkIwQzVBM0Q5MDhCMDJDRDIvRkFDQzU4Rjg1
NUM0MTFFOUEwRkVGNzgxQzRGOUFFMDIucm9hMF4GCCsGAQUFBwEHAQH/BE8wTTA8
BAIAATA2AwQEccUAAwQFtv9gAwQAygBiAwQAygZwAwQFyp7AAwQAywVMAwQAyw2h
AwQAyxNuAwQAyxUlMA0EAgACMAcDBQAgAQOIMA0GCSqGSIb3DQEBCwUAA4IBAQCu
u7wvyN7AjpzWmpV2uS07vdMDPkDKwRDs0hSpTuNvdYc5HNblDNDzFP0++Xhd/PBD
oDla3ElEslzhSMYowqCzUIvcM1a5PB1bIAkFVGnoG1j25jh34UEx7WAZPa/tzPBe
Wzy9jX2du6G/Y9O9RQp1F7izyKnwAQabcq1qq7kR20G0LLO9CV1iiig3+dd9ce5o
9WbNcmGQbZH1p3g/+zU7wwyvvlqnWdJ3gADydxElwT+8nZj/VPdq7kG5OGWvBFr8
cAfKEepViLYzocBQJEKwGoW/to18L8ZXufcovCKwcvPBVHrCX45LF2+fG1wICkv5
ist4vLhN6+ODfHusFJje
-----END CERTIFICATE-----
Generated at Mon Jul 6 23:15:39 2026 by rpki-client