Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/6CF915F2636511EFAB755B09C4F9AE02.roa
File:                     6CF915F2636511EFAB755B09C4F9AE02.roa (raw, json)
Hash identifier:          lg/9vLFdR9bS0cDL5Wq9xs80TOpZfAyWG1Xt+dYjoWY=
Subject key identifier:   C3:C6:43:5E:42:28:41:03:DB:D3:BE:2A:5C:14:B7:42:B1:D1:88:94
Certificate issuer:       /CN=A91262CA/serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
Certificate serial:       067B
Authority key identifier: 77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/6CF915F2636511EFAB755B09C4F9AE02.roa
Signing time:             Wed 27 Aug 2025 01:06:18 +0000
ROA not before:           Wed 27 Aug 2025 01:06:18 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     59374
IP address blocks:        27.254.155.0/24 maxlen: 24
                          27.254.164.0/22 maxlen: 22
                          27.254.164.0/24 maxlen: 24
                          27.254.165.0/24 maxlen: 24
                          27.254.166.0/24 maxlen: 24
                          27.254.167.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl
                          rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 26 Oct 2025 02:20:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1659 (0x67b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91262CA, serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
        Validity
            Not Before: Aug 27 01:06:18 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=68ae5a0a-ab31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:39:fd:ec:49:70:75:a1:e8:46:fc:f0:70:fe:
                    df:6c:a4:ff:97:7f:0c:64:eb:2d:f3:1b:f8:83:02:
                    51:af:76:83:5c:34:3e:85:df:86:a6:a5:12:b2:4c:
                    6c:2b:db:74:1f:ff:43:27:4c:69:21:56:d6:a2:62:
                    00:5e:46:f5:44:c3:7b:e6:72:1e:fb:c0:4e:32:07:
                    b0:b9:ca:99:f0:50:54:28:74:0e:be:0e:68:42:7f:
                    3f:2b:91:fb:ca:f3:8f:10:05:87:78:15:90:bd:fd:
                    3f:72:e8:30:1e:ed:d5:f6:01:40:40:37:ee:09:1f:
                    8c:05:4e:e6:c0:56:b8:2c:f2:25:82:20:28:a9:f7:
                    7e:18:6c:fb:d2:ac:6c:46:b4:34:49:a5:16:fc:3e:
                    98:95:96:4d:80:64:8e:e0:34:89:c3:ce:dd:93:eb:
                    35:76:38:92:cc:be:19:3c:86:35:7d:08:b6:c3:f7:
                    aa:7d:97:61:16:b1:a9:12:a5:bf:3c:44:20:ea:24:
                    75:75:38:b8:bd:3a:09:a3:7e:df:c0:43:8a:48:82:
                    96:87:26:0b:9b:3a:41:47:85:ab:fa:49:cc:6b:2d:
                    9d:74:da:a8:9f:8b:c8:36:f1:2f:2e:81:88:f3:92:
                    4a:52:f4:6d:2e:90:38:a3:6c:a6:85:fd:4a:a6:bd:
                    bd:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:C6:43:5E:42:28:41:03:DB:D3:BE:2A:5C:14:B7:42:B1:D1:88:94
            X509v3 Authority Key Identifier:
                keyid:77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/6CF915F2636511EFAB755B09C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.254.155.0/24
                  27.254.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:ec:74:43:7e:e1:1c:3a:12:05:5b:d6:54:b0:b8:c5:10:ad:
         79:dd:af:97:4c:71:d0:71:b2:06:25:7f:90:68:a8:67:85:f7:
         94:a5:42:c1:80:e9:e4:29:c1:60:52:d2:d4:d8:16:da:c3:20:
         6b:7b:30:aa:64:15:cd:7c:53:3f:33:27:8b:5e:6f:d6:94:9a:
         c5:e7:0a:8b:89:27:76:13:f8:bb:de:66:ed:a4:48:57:fa:2e:
         61:18:b3:7c:0c:10:45:61:d7:ed:bf:6b:de:42:9e:f1:9e:23:
         32:c2:e7:1f:ee:66:b1:0b:d9:82:68:44:b2:b0:a2:00:c5:f9:
         e4:55:36:b7:cb:1b:2d:48:36:29:d4:79:01:57:6f:64:b8:e7:
         50:a0:a4:24:23:09:f7:52:60:ea:39:b1:a6:a5:35:42:c1:94:
         44:1a:74:bc:ee:4e:56:12:2b:aa:be:f5:ba:b9:ce:6d:b0:ca:
         b4:d3:df:13:56:65:b3:d2:48:a6:40:46:84:7a:f8:f3:ac:bd:
         24:25:27:34:24:46:c1:23:95:b5:95:77:0c:16:d7:a5:40:c4:
         b9:a0:82:54:33:c8:fc:a0:7b:8d:ed:e8:c5:f4:e0:58:c0:f4:
         66:6a:28:ea:a3:19:e9:92:53:8a:0f:7d:49:af:df:f2:c2:4d:
         ca:4b:03:a6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKDc3QTIwMUM1OEVCM0I0MjA4QzkxQkE3RUNFRDkzNkU1
OTVFNjFBMTkwHhcNMjUwODI3MDEwNjE4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGFlNWEwYS1hYjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArjn97ElwdaHoRvzwcP7fbKT/l38MZOst8xv4gwJRr3aDXDQ+hd+GpqUSskxs
K9t0H/9DJ0xpIVbWomIAXkb1RMN75nIe+8BOMgewucqZ8FBUKHQOvg5oQn8/K5H7
yvOPEAWHeBWQvf0/cugwHu3V9gFAQDfuCR+MBU7mwFa4LPIlgiAoqfd+GGz70qxs
RrQ0SaUW/D6YlZZNgGSO4DSJw87dk+s1djiSzL4ZPIY1fQi2w/eqfZdhFrGpEqW/
PEQg6iR1dTi4vToJo37fwEOKSIKWhyYLmzpBR4Wr+knMay2ddNqon4vINvEvLoGI
85JKUvRtLpA4o2ymhf1Kpr29XQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMPGQ15C
KEED29O+KlwUt0Kx0YiUMB8GA1UdIwQYMBaAFHeiAcWOs7QgjJG6fs7ZNuWV5hoZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9GNUVEQzdGQzhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi9kNklCeFk2enRDQ01rYnAtenRrMjVaWG1H
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q2SUJ4WTZ6dENDTWticC16dGsyNVpYbUdoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRjVFREM3RkM4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvNkNGOTE1RjI2
MzY1MTFFRkFCNzU1QjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAb/psDBAIb/qQwDQYJKoZIhvcNAQELBQADggEBAIvsdEN+
4Rw6EgVb1lSwuMUQrXndr5dMcdBxsgYlf5BoqGeF95SlQsGA6eQpwWBS0tTYFtrD
IGt7MKpkFc18Uz8zJ4teb9aUmsXnCouJJ3YT+LveZu2kSFf6LmEYs3wMEEVh1+2/
a95CnvGeIzLC5x/uZrEL2YJoRLKwogDF+eRVNrfLGy1INinUeQFXb2S451CgpCQj
CfdSYOo5saalNULBlEQadLzuTlYSK6q+9bq5zm2wyrTT3xNWZbPSSKZARoR6+POs
vSQlJzQkRsEjlbWVdwwW16VAxLmgglQzyPyge43t6MX04FjA9GZqKOqjGemSU4oP
fUmv3/LCTcpLA6Y=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:41 2025 by rpki-client