Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/AA2A006C340411E9A22CD05CC4F9AE02.roa
File:                     AA2A006C340411E9A22CD05CC4F9AE02.roa (raw, json)
Hash identifier:          1Lpcsh4Qf+Hq87TjwbVVHnxjyqxNO76hC9h94aNRvTI=
Subject key identifier:   DD:1E:63:19:9E:53:DE:D2:59:60:92:3F:57:92:B3:4F:EA:9B:8C:AE
Certificate issuer:       /CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Certificate serial:       367B
Authority key identifier: 80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/AA2A006C340411E9A22CD05CC4F9AE02.roa
Signing time:             Wed 24 Jun 2026 15:12:57 +0000
ROA not before:           Wed 24 Jun 2026 15:12:57 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     55746
IP address blocks:        2404:138:1304::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl
                          rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 14:44:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13947 (0x367b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9111318, serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
        Validity
            Not Before: Jun 24 15:12:57 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3bf3f9-6f5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5c:94:fd:e3:fd:bd:e6:95:c6:bd:28:99:59:
                    31:cc:9c:c9:63:5d:67:d0:e7:76:e9:d3:d4:ad:07:
                    82:4f:b7:28:3d:ac:16:2f:67:89:18:b5:4f:f5:3f:
                    b2:18:00:52:6c:ec:3c:61:be:e7:d8:f6:56:d7:05:
                    d6:87:55:7d:85:3f:18:57:92:63:4f:0b:49:8a:3c:
                    26:d8:09:72:8c:98:b3:25:e0:36:fe:8e:23:d8:9d:
                    48:66:25:6a:18:63:89:9d:92:d2:ed:f6:65:76:cc:
                    3a:fa:f5:03:38:61:2d:c2:80:4d:03:ec:d6:fb:b5:
                    01:b3:4b:36:8d:e9:66:c4:14:30:4d:a5:65:33:2f:
                    bd:46:7b:6e:f0:19:10:7b:e1:06:30:2d:2c:1b:87:
                    de:c2:d1:bf:82:81:30:55:30:98:95:38:b1:02:e0:
                    76:dd:b2:59:4a:47:e3:02:24:dd:01:8a:e5:67:58:
                    65:6b:d5:74:7a:d9:99:30:c8:c8:d7:6e:77:63:c3:
                    15:bc:3b:0d:86:04:0c:ac:1d:10:2b:50:f8:72:6e:
                    d0:46:91:f8:11:8a:96:27:3e:24:c6:f1:a1:a2:b9:
                    c0:fb:c4:78:6a:09:a5:1f:dc:db:ed:ab:76:16:46:
                    6a:72:89:f0:75:ea:04:fe:3f:b8:6a:3b:f5:7f:f4:
                    79:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:1E:63:19:9E:53:DE:D2:59:60:92:3F:57:92:B3:4F:EA:9B:8C:AE
            X509v3 Authority Key Identifier:
                keyid:80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/AA2A006C340411E9A22CD05CC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:138:1304::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:d7:ad:80:01:7a:cd:be:33:5d:86:8a:ea:1f:12:99:e6:37:
         ab:31:49:d9:a4:ce:6f:39:0a:b1:0a:1b:58:ba:e7:bf:0c:f2:
         04:42:47:8f:a3:b8:d3:fc:6b:c4:24:d5:3d:66:0e:3d:7b:0c:
         30:a8:1d:5a:36:f3:36:af:89:8d:62:53:26:39:79:60:86:fe:
         a4:5b:0b:41:d7:bd:59:5f:04:86:1c:00:44:85:ca:eb:42:df:
         f2:24:cd:1c:91:59:7c:e4:f6:ec:b9:af:ef:90:ec:20:f8:c0:
         4f:2f:60:51:2f:85:01:76:eb:f4:d5:e1:65:23:76:f5:c4:93:
         b8:0d:20:86:7b:b9:18:23:ca:b1:5d:9c:58:b6:05:a3:ca:94:
         c2:4d:d4:e7:55:a5:47:42:a3:d2:ea:b1:ab:89:4a:61:f3:37:
         49:1f:51:dc:6e:c4:d0:1a:03:fa:7c:33:ad:75:c8:37:b3:72:
         ac:05:20:f0:97:27:71:d3:8e:09:56:23:b2:c1:a8:f2:5d:f9:
         09:90:e3:49:55:c5:ae:fd:ff:f5:35:b8:c7:22:26:57:55:2a:
         19:ea:12:48:0f:54:18:ad:02:93:0c:79:b6:55:2b:a5:3f:1e:
         7e:34:aa:a3:4e:4f:a0:c6:17:0a:16:6e:3c:dc:8f:a9:24:11:
         4f:23:3c:17
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICNnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEzMTgxMTAvBgNVBAUTKDgwNkFCRkY0NjM1OTRDQUEzMERFNzBBMzExQUUyRjg0
OTE4OUJDNjQwHhcNMjYwNjI0MTUxMjU3WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNiZjNmOS02ZjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn1yU/eP9veaVxr0omVkxzJzJY11n0Od26dPUrQeCT7coPawWL2eJGLVP9T+y
GABSbOw8Yb7n2PZW1wXWh1V9hT8YV5JjTwtJijwm2AlyjJizJeA2/o4j2J1IZiVq
GGOJnZLS7fZldsw6+vUDOGEtwoBNA+zW+7UBs0s2jelmxBQwTaVlMy+9Rntu8BkQ
e+EGMC0sG4fewtG/goEwVTCYlTixAuB23bJZSkfjAiTdAYrlZ1hla9V0etmZMMjI
1253Y8MVvDsNhgQMrB0QK1D4cm7QRpH4EYqWJz4kxvGhornA+8R4agmlH9zb7at2
FkZqconwdeoE/j+4ajv1f/R58wIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFN0eYxme
U97SWWCSP1eSs0/qm4yuMB8GA1UdIwQYMBaAFIBqv/RjWUyqMN5woxGuL4SRibxk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTMxOC9EQzc0NTFGMjFE
OTExMUUyOThFNzQ2RjQwOEIwMkNEMi9nR3FfOUdOWlRLb3czbkNqRWE0dmhKR0p2
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHcV85R05aVEtvdzNuQ2pFYTR2aEpHSnZHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEzMTgvREM3NDUxRjIxRDkxMTFFMjk4RTc0NkY0MDhCMDJDRDIvQUEyQTAwNkMz
NDA0MTFFOUEyMkNEMDVDQzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAQBOBMEMA0GCSqGSIb3DQEBCwUAA4IBAQCi162AAXrNvjNdhorq
HxKZ5jerMUnZpM5vOQqxChtYuue/DPIEQkePo7jT/GvEJNU9Zg49ewwwqB1aNvM2
r4mNYlMmOXlghv6kWwtB171ZXwSGHABEhcrrQt/yJM0ckVl85Pbsua/vkOwg+MBP
L2BRL4UBduv01eFlI3b1xJO4DSCGe7kYI8qxXZxYtgWjypTCTdTnVaVHQqPS6rGr
iUph8zdJH1HcbsTQGgP6fDOtdcg3s3KsBSDwlydx044JViOywajyXfkJkONJVcWu
/f/1NbjHIiZXVSoZ6hJID1QYrQKTDHm2VSulPx5+NKqjTk+gxhcKFm483I+pJBFP
IzwX
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:16:16 2026 by rpki-client