Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA618/E6F66DD2BEC311EFAFDC1D29C4F9AE02/1C236FDEE51411EFA6CE3C1EC4F9AE02.roa
File:                     1C236FDEE51411EFA6CE3C1EC4F9AE02.roa (raw, json)
Hash identifier:          aY02E3irzGto2CDBM82Hws7+3Xp8gIBSyGbYsCwSjsk=
Subject key identifier:   F7:E8:CC:62:C3:B2:5E:8F:B6:67:A2:5C:4D:59:EF:AF:AE:63:8C:6E
Certificate issuer:       /CN=A91AA618/serialNumber=C13A8ABD57043AAFA58F5853BE2FABCA9F26F0ED
Certificate serial:       7E
Authority key identifier: C1:3A:8A:BD:57:04:3A:AF:A5:8F:58:53:BE:2F:AB:CA:9F:26:F0:ED
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/wTqKvVcEOq-lj1hTvi-ryp8m8O0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AA618/E6F66DD2BEC311EFAFDC1D29C4F9AE02/1C236FDEE51411EFA6CE3C1EC4F9AE02.roa
Signing time:             Tue 29 Jul 2025 06:42:21 +0000
ROA not before:           Tue 29 Jul 2025 06:42:21 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     139922
IP address blocks:        160.250.254.0/23 maxlen: 23
                          160.250.254.0/24 maxlen: 24
                          160.250.255.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91AA618/E6F66DD2BEC311EFAFDC1D29C4F9AE02/wTqKvVcEOq-lj1hTvi-ryp8m8O0.crl
                          rsync://rpki.apnic.net/member_repository/A91AA618/E6F66DD2BEC311EFAFDC1D29C4F9AE02/wTqKvVcEOq-lj1hTvi-ryp8m8O0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/wTqKvVcEOq-lj1hTvi-ryp8m8O0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126 (0x7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AA618, serialNumber=C13A8ABD57043AAFA58F5853BE2FABCA9F26F0ED
        Validity
            Not Before: Jul 29 06:42:21 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68886d4d-f8df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b7:36:b6:a6:fa:23:57:41:c2:06:fe:27:c1:
                    8b:c6:87:9d:ee:4b:8c:05:43:ea:80:49:e8:83:32:
                    3d:8b:7c:67:d6:4e:cb:e6:1d:14:c7:fe:a6:e1:fd:
                    d6:df:75:b7:ba:4b:ab:b8:f9:ac:39:db:10:9f:cf:
                    f0:c3:37:f1:84:8f:1c:3a:7f:60:7c:79:6b:0b:9b:
                    9d:b2:48:39:c3:8e:d2:d6:7b:03:fd:6b:43:20:11:
                    4b:70:3f:37:e6:27:b4:c0:34:db:0b:06:57:b2:ad:
                    72:0e:17:18:29:6a:71:a8:7f:74:e3:43:a3:79:ba:
                    8d:19:03:ba:78:86:f2:72:60:ad:30:04:66:6f:a0:
                    ad:76:03:2e:b8:93:61:b5:be:7f:2a:56:39:04:6a:
                    87:f0:87:51:76:ec:be:65:b0:59:2d:ec:eb:3f:f4:
                    8a:b1:7a:7c:3c:a3:7b:3d:49:a0:3d:78:93:37:78:
                    53:64:61:19:97:63:b8:77:c3:5a:bb:7f:8e:35:6f:
                    a8:ca:4f:79:75:a0:7a:4f:32:e6:4a:0f:06:ff:9c:
                    4e:c5:89:7c:19:4d:c6:53:fb:8b:28:5d:58:d5:a7:
                    e0:06:80:bb:3f:c0:44:07:c3:38:bb:a3:7e:8c:e0:
                    d7:e7:5b:03:73:40:21:64:60:53:3d:2b:b5:32:4f:
                    43:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:E8:CC:62:C3:B2:5E:8F:B6:67:A2:5C:4D:59:EF:AF:AE:63:8C:6E
            X509v3 Authority Key Identifier:
                keyid:C1:3A:8A:BD:57:04:3A:AF:A5:8F:58:53:BE:2F:AB:CA:9F:26:F0:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AA618/E6F66DD2BEC311EFAFDC1D29C4F9AE02/wTqKvVcEOq-lj1hTvi-ryp8m8O0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/wTqKvVcEOq-lj1hTvi-ryp8m8O0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA618/E6F66DD2BEC311EFAFDC1D29C4F9AE02/1C236FDEE51411EFA6CE3C1EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.250.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:ce:f2:cf:65:fe:82:d6:ac:c8:e1:3a:fa:0f:d8:0d:8a:05:
         9a:56:04:ba:06:77:c3:25:8f:66:77:a7:9e:54:0a:34:c7:e2:
         06:fe:15:c0:65:fd:c9:ef:74:e5:90:91:a7:63:48:14:4f:1b:
         ed:c8:fc:ff:82:83:3e:d6:8c:16:0b:17:38:5c:76:ab:11:a0:
         cb:4a:a1:89:81:65:6e:c2:8b:ab:e3:9c:3d:4a:54:57:d7:27:
         5c:ff:b2:74:47:ff:b2:ee:e0:79:6a:75:71:46:0b:e3:f0:f1:
         fd:67:80:36:89:9d:ff:98:8f:49:c5:a4:3d:ce:35:c9:37:a0:
         da:2c:22:df:b2:95:27:ab:2e:61:f3:af:2e:16:fe:b8:c5:ca:
         b4:d0:40:b4:f8:e8:81:98:3e:8e:0f:a4:dc:5a:ab:f3:29:f0:
         78:e6:91:f1:d4:6d:55:32:df:64:a6:a7:2b:ae:b5:f3:29:2c:
         4c:93:40:85:db:cb:c6:7a:19:9c:49:c9:5b:6c:ea:ee:6b:9c:
         71:7c:12:44:3c:3d:30:2d:d3:6d:c0:55:d5:10:77:d3:34:53:
         bb:ea:6a:ed:79:ff:d9:7e:b3:ae:86:55:73:bd:15:c4:8c:e7:
         3d:3d:a0:49:b7:ce:d0:d2:29:d2:9e:1e:3b:98:29:fc:32:79:
         91:73:17:df
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QTYxODExMC8GA1UEBRMoQzEzQThBQkQ1NzA0M0FBRkE1OEY1ODUzQkUyRkFCQ0E5
RjI2RjBFRDAeFw0yNTA3MjkwNjQyMjFaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4ODg2ZDRkLWY4ZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCntza2pvojV0HCBv4nwYvGh53uS4wFQ+qASeiDMj2LfGfWTsvmHRTH/qbh/dbf
dbe6S6u4+aw52xCfz/DDN/GEjxw6f2B8eWsLm52ySDnDjtLWewP9a0MgEUtwPzfm
J7TANNsLBleyrXIOFxgpanGof3TjQ6N5uo0ZA7p4hvJyYK0wBGZvoK12Ay64k2G1
vn8qVjkEaofwh1F27L5lsFkt7Os/9Iqxenw8o3s9SaA9eJM3eFNkYRmXY7h3w1q7
f441b6jKT3l1oHpPMuZKDwb/nE7FiXwZTcZT+4soXVjVp+AGgLs/wEQHwzi7o36M
4NfnWwNzQCFkYFM9K7UyT0MxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9+jMYsOy
Xo+2Z6JcTVnvr65jjG4wHwYDVR0jBBgwFoAUwTqKvVcEOq+lj1hTvi+ryp8m8O0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBNjE4L0U2RjY2REQyQkVD
MzExRUZBRkRDMUQyOUM0RjlBRTAyL3dUcUt2VmNFT3EtbGoxaFR2aS1yeXA4bThP
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvd1RxS3ZWY0VPcS1sajFoVHZpLXJ5cDhtOE8wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QTYxOC9FNkY2NkREMkJFQzMxMUVGQUZEQzFEMjlDNEY5QUUwMi8xQzIzNkZERUU1
MTQxMUVGQTZDRTNDMUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaD6/jANBgkqhkiG9w0BAQsFAAOCAQEAic7yz2X+gtasyOE6
+g/YDYoFmlYEugZ3wyWPZnennlQKNMfiBv4VwGX9ye905ZCRp2NIFE8b7cj8/4KD
PtaMFgsXOFx2qxGgy0qhiYFlbsKLq+OcPUpUV9cnXP+ydEf/su7geWp1cUYL4/Dx
/WeANomd/5iPScWkPc41yTeg2iwi37KVJ6suYfOvLhb+uMXKtNBAtPjogZg+jg+k
3Fqr8ynweOaR8dRtVTLfZKanK6618yksTJNAhdvLxnoZnEnJW2zq7muccXwSRDw9
MC3TbcBV1RB30zRTu+pq7Xn/2X6zroZVc70VxIznPT2gSbfO0NIp0p4eO5gp/DJ5
kXMX3w==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:52:47 2025 by rpki-client