Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/AACC7DA6340411E9A22CD05CC4F9AE02.roa
File:                     AACC7DA6340411E9A22CD05CC4F9AE02.roa (raw, json)
Hash identifier:          fhuL4as/jKU5LCg5kEb3sZKC4Pb5j31KM+AsrsAx2Lk=
Subject key identifier:   15:C7:EF:7B:AD:DA:C3:56:EF:95:8A:7D:3C:C6:A0:0D:64:8E:5E:F1
Certificate issuer:       /CN=A9111318/serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
Certificate serial:       367C
Authority key identifier: 80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/AACC7DA6340411E9A22CD05CC4F9AE02.roa
Signing time:             Wed 24 Jun 2026 15:12:59 +0000
ROA not before:           Wed 24 Jun 2026 15:12:59 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     55747
IP address blocks:        2404:138:1303::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl
                          rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 14:44:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13948 (0x367c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9111318, serialNumber=806ABFF463594CAA30DE70A311AE2F849189BC64
        Validity
            Not Before: Jun 24 15:12:59 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3bf3fb-3a84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4c:f9:e0:9f:f1:0e:af:9a:f8:47:14:4c:e3:
                    da:5e:3e:15:10:bd:1f:ba:de:6b:aa:c2:32:22:87:
                    b1:f8:a2:87:5f:49:5b:b1:88:93:72:82:6c:52:da:
                    61:11:b5:21:65:3f:76:37:41:50:0b:65:27:c2:0f:
                    70:89:8a:68:45:f7:87:26:57:ef:62:3f:f9:0a:e2:
                    c1:d3:ad:64:74:69:f9:10:62:d3:71:68:e6:02:af:
                    0e:2e:47:f6:2b:7b:0d:ef:03:0a:51:18:2a:e7:5e:
                    8c:a2:55:19:9e:a6:86:45:9f:a1:68:ad:e5:97:a7:
                    f2:0c:df:e8:57:61:fd:aa:d9:f7:13:c7:75:63:78:
                    09:cd:c5:a7:5b:4e:1d:ba:19:5a:35:ec:e6:63:be:
                    6b:92:41:c1:3f:90:cb:f6:32:d1:8a:bd:2a:c5:36:
                    62:f0:a3:94:15:9a:d9:58:53:2e:23:ba:1b:07:af:
                    2d:01:79:7e:99:ff:24:3f:a0:26:5f:6c:98:e7:8b:
                    9c:91:f8:df:63:62:7d:b5:70:7a:92:cf:18:73:86:
                    8b:ea:40:0a:9e:e0:37:b1:53:c8:4f:93:4b:03:25:
                    74:2c:4e:a0:36:05:56:22:7e:3d:cb:86:db:0e:de:
                    56:2a:fb:44:12:64:ea:cb:05:34:05:e0:0a:76:fd:
                    2e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:C7:EF:7B:AD:DA:C3:56:EF:95:8A:7D:3C:C6:A0:0D:64:8E:5E:F1
            X509v3 Authority Key Identifier:
                keyid:80:6A:BF:F4:63:59:4C:AA:30:DE:70:A3:11:AE:2F:84:91:89:BC:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGq_9GNZTKow3nCjEa4vhJGJvGQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111318/DC7451F21D9111E298E746F408B02CD2/AACC7DA6340411E9A22CD05CC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:138:1303::/48

    Signature Algorithm: sha256WithRSAEncryption
         7e:b8:c7:0f:ba:5a:aa:54:75:6e:16:e0:75:ef:d9:ac:69:56:
         35:65:9a:af:9d:57:87:77:b6:e4:b1:58:ba:16:68:bb:e4:d0:
         78:3e:00:65:8b:90:c7:db:73:07:25:d3:e2:fc:03:27:e2:0a:
         ad:28:1f:8e:87:0a:fe:65:80:5d:f2:c3:70:df:09:81:42:57:
         5e:67:51:e1:75:a6:54:2e:d4:98:98:45:ef:2f:74:f2:b8:9d:
         20:69:fa:65:20:a4:9f:e6:c0:e9:b1:55:66:c7:56:d7:a9:02:
         b0:37:71:b6:2e:cf:80:7d:13:b4:2b:3d:b6:2b:1d:de:34:1f:
         43:cf:71:69:dc:63:02:d6:ec:a4:8a:9f:2f:b2:b8:ab:ac:72:
         21:9d:84:a6:94:ad:91:e5:97:a2:7e:96:dc:d1:ee:2b:7b:e7:
         42:26:97:50:91:4d:2e:b3:16:83:ef:2a:c5:2d:67:33:29:06:
         20:ae:b9:a3:40:80:dd:8f:ac:c9:6c:95:67:70:f2:67:01:4d:
         a6:28:c0:1e:58:0f:4a:f2:6e:2d:2f:2c:a1:48:d5:fe:60:67:
         3e:86:b6:39:53:7f:bb:dc:ae:41:18:94:80:a0:40:7c:0b:b3:
         0f:77:db:2e:ff:67:72:13:7b:ea:78:79:63:37:1d:9d:50:0d:
         4c:0a:63:83
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICNnwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTEzMTgxMTAvBgNVBAUTKDgwNkFCRkY0NjM1OTRDQUEzMERFNzBBMzExQUUyRjg0
OTE4OUJDNjQwHhcNMjYwNjI0MTUxMjU5WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNiZjNmYi0zYTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyEz54J/xDq+a+EcUTOPaXj4VEL0fut5rqsIyIoex+KKHX0lbsYiTcoJsUtph
EbUhZT92N0FQC2Unwg9wiYpoRfeHJlfvYj/5CuLB061kdGn5EGLTcWjmAq8OLkf2
K3sN7wMKURgq516MolUZnqaGRZ+haK3ll6fyDN/oV2H9qtn3E8d1Y3gJzcWnW04d
uhlaNezmY75rkkHBP5DL9jLRir0qxTZi8KOUFZrZWFMuI7obB68tAXl+mf8kP6Am
X2yY54uckfjfY2J9tXB6ks8Yc4aL6kAKnuA3sVPIT5NLAyV0LE6gNgVWIn49y4bb
Dt5WKvtEEmTqywU0BeAKdv0uQQIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFBXH73ut
2sNW75WKfTzGoA1kjl7xMB8GA1UdIwQYMBaAFIBqv/RjWUyqMN5woxGuL4SRibxk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTMxOC9EQzc0NTFGMjFE
OTExMUUyOThFNzQ2RjQwOEIwMkNEMi9nR3FfOUdOWlRLb3czbkNqRWE0dmhKR0p2
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHcV85R05aVEtvdzNuQ2pFYTR2aEpHSnZHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTEzMTgvREM3NDUxRjIxRDkxMTFFMjk4RTc0NkY0MDhCMDJDRDIvQUFDQzdEQTYz
NDA0MTFFOUEyMkNEMDVDQzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAQBOBMDMA0GCSqGSIb3DQEBCwUAA4IBAQB+uMcPulqqVHVuFuB1
79msaVY1ZZqvnVeHd7bksVi6Fmi75NB4PgBli5DH23MHJdPi/AMn4gqtKB+Ohwr+
ZYBd8sNw3wmBQldeZ1HhdaZULtSYmEXvL3TyuJ0gafplIKSf5sDpsVVmx1bXqQKw
N3G2Ls+AfRO0Kz22Kx3eNB9Dz3Fp3GMC1uykip8vsrirrHIhnYSmlK2R5Zeifpbc
0e4re+dCJpdQkU0usxaD7yrFLWczKQYgrrmjQIDdj6zJbJVncPJnAU2mKMAeWA9K
8m4tLyyhSNX+YGc+hrY5U3+73K5BGJSAoEB8C7MPd9su/2dyE3vqeHljNx2dUA1M
CmOD
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:15:44 2026 by rpki-client