Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/6E340B9C4EA811EFA593A24CC4F9AE02.roa
File:                     6E340B9C4EA811EFA593A24CC4F9AE02.roa (raw, json)
Hash identifier:          AHP5y6NUQXUIuJTsf7FmuzfZjDZN51hNfIjWN43DXmk=
Subject key identifier:   5D:83:47:24:FA:CC:AB:47:24:02:A2:46:A4:8F:7F:FF:8D:C5:D3:62
Certificate issuer:       /CN=A911911C/serialNumber=F457EF8C19AA0976CE0459A5FF709C5DCA4FC7D6
Certificate serial:       36A2
Authority key identifier: F4:57:EF:8C:19:AA:09:76:CE:04:59:A5:FF:70:9C:5D:CA:4F:C7:D6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/6E340B9C4EA811EFA593A24CC4F9AE02.roa
Signing time:             Fri 10 Jul 2026 15:10:29 +0000
ROA not before:           Fri 10 Jul 2026 15:10:29 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     137289
IP address blocks:        118.97.213.0/24 maxlen: 24
                          180.250.80.0/24 maxlen: 24
                          180.250.242.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.crl
                          rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 14:23:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13986 (0x36a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911911C, serialNumber=F457EF8C19AA0976CE0459A5FF709C5DCA4FC7D6
        Validity
            Not Before: Jul 10 15:10:29 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a510b64-9dfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:78:8b:73:81:72:55:50:90:03:3b:dd:8d:bf:
                    d1:a5:15:02:d0:c8:39:b4:0f:97:4b:d5:f5:fb:ef:
                    56:b0:71:e8:7b:db:6b:db:7d:c0:b0:8d:e1:c3:a0:
                    3a:1c:41:76:2c:95:f9:f6:fd:4c:87:d7:c8:84:75:
                    e0:6e:e2:2e:1b:5d:7e:d5:fc:c5:86:25:1c:e8:01:
                    5a:54:38:f4:60:33:55:04:2a:f1:22:b7:03:8f:cc:
                    cb:6b:7c:31:ee:41:0d:28:c0:69:06:91:22:ad:c3:
                    65:aa:45:ba:3d:c1:e9:b0:b1:51:1d:34:02:8a:74:
                    d2:fa:30:c2:11:a0:03:27:c5:2a:5f:e7:0d:61:96:
                    05:ae:0a:32:eb:2f:28:8d:26:76:fc:a6:4a:e9:26:
                    4a:8f:4c:87:60:82:3a:44:30:06:65:31:3e:5e:e0:
                    fc:b1:d2:52:d5:84:2c:bf:ff:07:37:fa:b7:4b:2d:
                    60:52:f8:33:3f:ec:a0:89:5e:c9:10:04:d0:4a:45:
                    d6:26:3e:0e:a0:1c:3d:cc:da:a8:ac:63:e3:f0:a0:
                    b4:93:a3:7b:95:3b:49:af:4f:45:05:b2:10:c9:fa:
                    47:90:97:c6:c6:78:03:fa:4d:be:8e:a5:50:db:6d:
                    01:1d:d5:2d:66:42:6c:af:f4:04:fd:7d:33:98:13:
                    88:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:83:47:24:FA:CC:AB:47:24:02:A2:46:A4:8F:7F:FF:8D:C5:D3:62
            X509v3 Authority Key Identifier:
                keyid:F4:57:EF:8C:19:AA:09:76:CE:04:59:A5:FF:70:9C:5D:CA:4F:C7:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/6E340B9C4EA811EFA593A24CC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.97.213.0/24
                  180.250.80.0/24
                  180.250.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:63:69:45:5d:7c:9d:25:a7:7d:9f:37:34:99:94:28:72:ec:
         4a:9a:1d:7a:4f:e4:9a:20:bf:ed:08:76:3c:c9:21:6e:46:2f:
         7b:d0:d3:fe:20:0e:a0:86:06:d8:12:f5:06:85:2e:73:c0:f6:
         ae:7e:10:4a:6c:f5:80:5c:5a:0a:42:db:9a:0c:d3:15:1a:d4:
         52:dc:c2:e3:73:0e:5a:c6:61:98:7c:1a:9b:c1:c2:f6:1e:30:
         0b:bc:15:af:ee:06:06:e8:da:a9:22:ba:47:d5:e8:10:bc:2a:
         8e:8c:ef:eb:6b:87:f8:51:35:00:7f:fd:5c:58:02:25:96:46:
         69:1c:66:63:34:e2:7c:c3:59:a8:3b:e4:ff:e1:bb:69:21:ca:
         0e:16:de:fa:c9:ea:f2:fe:06:0a:1e:29:b1:2b:cd:56:ba:56:
         e9:6e:44:42:fe:2b:4f:b7:f4:70:44:3a:c4:98:d2:71:e0:b9:
         17:89:1d:47:34:55:61:b0:00:48:5a:7b:6a:c6:47:6e:61:79:
         c2:86:d8:58:de:63:92:73:22:58:bf:91:70:df:e1:06:61:a3:
         8a:3d:63:7b:f4:e2:23:13:48:84:9d:30:dd:85:e1:f8:c6:15:
         ee:d7:8c:5b:22:90:5e:8f:84:1a:d1:ee:e0:4c:58:48:c9:cd:
         76:55:a4:b0
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICNqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkxMUMxMTAvBgNVBAUTKEY0NTdFRjhDMTlBQTA5NzZDRTA0NTlBNUZGNzA5QzVE
Q0E0RkM3RDYwHhcNMjYwNzEwMTUxMDI5WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTUxMGI2NC05ZGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAk3iLc4FyVVCQAzvdjb/RpRUC0Mg5tA+XS9X1++9WsHHoe9tr233AsI3hw6A6
HEF2LJX59v1Mh9fIhHXgbuIuG11+1fzFhiUc6AFaVDj0YDNVBCrxIrcDj8zLa3wx
7kENKMBpBpEircNlqkW6PcHpsLFRHTQCinTS+jDCEaADJ8UqX+cNYZYFrgoy6y8o
jSZ2/KZK6SZKj0yHYII6RDAGZTE+XuD8sdJS1YQsv/8HN/q3Sy1gUvgzP+ygiV7J
EATQSkXWJj4OoBw9zNqorGPj8KC0k6N7lTtJr09FBbIQyfpHkJfGxngD+k2+jqVQ
220BHdUtZkJsr/QE/X0zmBOInQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFF2DRyT6
zKtHJAKiRqSPf/+NxdNiMB8GA1UdIwQYMBaAFPRX74wZqgl2zgRZpf9wnF3KT8fW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTExQy9CQkM1NEJBNDFE
ODMxMUUyOEU3RTJERDkwOEIwMkNEMi85RmZ2akJtcUNYYk9CRm1sXzNDY1hjcFB4
OVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGZnZqQm1xQ1hiT0JGbWxfM0NjWGNwUHg5WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkxMUMvQkJDNTRCQTQxRDgzMTFFMjhFN0UyREQ5MDhCMDJDRDIvNkUzNDBCOUM0
RUE4MTFFRkE1OTNBMjRDQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQAdmHVAwQAtPpQAwQAtPryMA0GCSqGSIb3DQEBCwUAA4IBAQAPY2lF
XXydJad9nzc0mZQocuxKmh16T+SaIL/tCHY8ySFuRi970NP+IA6ghgbYEvUGhS5z
wPaufhBKbPWAXFoKQtuaDNMVGtRS3MLjcw5axmGYfBqbwcL2HjALvBWv7gYG6Nqp
IrpH1egQvCqOjO/ra4f4UTUAf/1cWAIllkZpHGZjNOJ8w1moO+T/4btpIcoOFt76
yery/gYKHimxK81WulbpbkRC/itPt/RwRDrEmNJx4LkXiR1HNFVhsABIWntqxkdu
YXnChthY3mOScyJYv5Fw3+EGYaOKPWN79OIjE0iEnTDdheH4xhXu14xbIpBej4Qa
0e7gTFhIyc12VaSw
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:26:35 2026 by rpki-client