Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/8EEE648AE63811EB91D48033C4F9AE02.roa
File:                     8EEE648AE63811EB91D48033C4F9AE02.roa (raw, json)
Hash identifier:          TmhPKiWm/UW/+IU6pO/3fWv32TwJDDiTp7ZwTLIEVr8=
Subject key identifier:   8F:83:35:31:F7:7F:26:56:C1:E1:AC:C5:DA:25:66:3B:D7:90:73:BE
Certificate issuer:       /CN=A911911C/serialNumber=F457EF8C19AA0976CE0459A5FF709C5DCA4FC7D6
Certificate serial:       36A3
Authority key identifier: F4:57:EF:8C:19:AA:09:76:CE:04:59:A5:FF:70:9C:5D:CA:4F:C7:D6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/8EEE648AE63811EB91D48033C4F9AE02.roa
Signing time:             Fri 10 Jul 2026 15:10:31 +0000
ROA not before:           Fri 10 Jul 2026 15:10:30 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     17974
IP address blocks:        36.91.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.crl
                          rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 14:23:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13987 (0x36a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911911C, serialNumber=F457EF8C19AA0976CE0459A5FF709C5DCA4FC7D6
        Validity
            Not Before: Jul 10 15:10:30 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a510b66-3340
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:88:1a:5e:ce:8b:08:53:24:36:0e:fb:2a:7c:
                    0f:9d:7f:32:50:95:77:f1:64:5e:bc:93:50:bc:dd:
                    ef:37:66:7c:ba:9c:b9:51:62:eb:df:22:7a:e8:1a:
                    be:dc:0a:43:b4:97:8c:31:24:17:07:8d:64:b1:a8:
                    36:b7:38:e4:80:1f:9e:88:ff:0f:65:b3:20:84:7b:
                    cb:bb:68:6c:2d:b1:ce:6b:55:93:a0:b2:54:85:9c:
                    a9:09:28:85:3a:6e:99:14:6d:ae:34:4c:c3:e4:73:
                    60:81:af:f3:39:d3:ba:cd:a6:1f:f7:a9:f4:35:d4:
                    a6:57:b0:7e:dd:74:dc:91:b7:30:8e:ee:6f:4d:ab:
                    89:33:42:aa:11:1c:50:24:2a:ea:7a:cb:79:3d:7e:
                    82:69:3e:a0:65:89:37:8a:ad:37:5b:ac:55:78:ad:
                    6f:40:3f:13:9b:db:6e:be:8d:0c:02:64:40:d1:1a:
                    ff:78:b7:75:84:5a:f3:ba:76:31:41:fc:04:d4:e6:
                    c5:cc:31:21:0a:93:d9:0a:49:99:c5:ea:b1:83:17:
                    56:b0:8e:de:3e:92:02:08:57:68:a3:96:99:b2:00:
                    a2:ae:12:3a:a1:15:e4:8a:f4:61:4f:1b:32:2f:f0:
                    df:64:63:96:15:70:10:5a:92:04:83:bc:40:e1:83:
                    f9:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:83:35:31:F7:7F:26:56:C1:E1:AC:C5:DA:25:66:3B:D7:90:73:BE
            X509v3 Authority Key Identifier:
                keyid:F4:57:EF:8C:19:AA:09:76:CE:04:59:A5:FF:70:9C:5D:CA:4F:C7:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FfvjBmqCXbOBFml_3CcXcpPx9Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911911C/BBC54BA41D8311E28E7E2DD908B02CD2/8EEE648AE63811EB91D48033C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.91.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         92:c7:e8:c0:04:3e:e2:43:27:9d:ff:e9:98:ad:05:86:5a:d8:
         3c:43:ed:e4:8d:6a:ed:f2:fd:6f:80:cd:70:a3:9a:ef:a6:7b:
         12:a2:a7:f5:0d:c1:d0:7b:a7:3d:b2:5f:72:ee:1f:28:91:ca:
         85:45:35:78:b0:c1:6c:21:22:fd:d4:33:9a:fd:a3:51:a5:fb:
         f5:e3:3a:b3:1e:99:3a:49:2c:e5:57:40:66:2a:a2:29:0c:4f:
         44:ba:b7:38:9b:a0:27:88:51:1d:7e:a3:cc:35:0e:8f:ca:7b:
         1d:91:ad:8b:1d:5d:9f:06:04:27:4f:01:f0:3e:0a:e5:8d:80:
         5d:5c:40:ca:56:41:5e:42:cd:e0:b2:bc:9e:25:c3:d9:71:28:
         d9:ca:0c:4b:a0:59:f8:41:ae:4e:c3:5a:d9:8e:05:76:53:42:
         8d:0c:79:61:29:be:47:8e:25:3f:5b:40:53:d2:be:45:ae:91:
         bc:e6:2c:01:5e:51:6a:e7:c1:33:b8:5c:99:56:2f:cb:f4:be:
         f7:09:b1:d7:13:74:34:01:18:86:8f:7c:6f:38:fd:20:17:bf:
         3e:0c:3e:71:da:a2:db:87:e0:73:d7:c2:66:6e:e0:88:1f:5a:
         d3:41:84:64:fc:d4:26:5a:90:96:9e:d6:35:36:d3:ca:da:34:
         a7:dc:18:18
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICNqMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkxMUMxMTAvBgNVBAUTKEY0NTdFRjhDMTlBQTA5NzZDRTA0NTlBNUZGNzA5QzVE
Q0E0RkM3RDYwHhcNMjYwNzEwMTUxMDMwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTUxMGI2Ni0zMzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx4gaXs6LCFMkNg77KnwPnX8yUJV38WRevJNQvN3vN2Z8upy5UWLr3yJ66Bq+
3ApDtJeMMSQXB41ksag2tzjkgB+eiP8PZbMghHvLu2hsLbHOa1WToLJUhZypCSiF
Om6ZFG2uNEzD5HNgga/zOdO6zaYf96n0NdSmV7B+3XTckbcwju5vTauJM0KqERxQ
JCrqest5PX6CaT6gZYk3iq03W6xVeK1vQD8Tm9tuvo0MAmRA0Rr/eLd1hFrzunYx
QfwE1ObFzDEhCpPZCkmZxeqxgxdWsI7ePpICCFdoo5aZsgCirhI6oRXkivRhTxsy
L/DfZGOWFXAQWpIEg7xA4YP5HwIDAQABo4ICXzCCAlswHQYDVR0OBBYEFI+DNTH3
fyZWweGsxdolZjvXkHO+MB8GA1UdIwQYMBaAFPRX74wZqgl2zgRZpf9wnF3KT8fW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTExQy9CQkM1NEJBNDFE
ODMxMUUyOEU3RTJERDkwOEIwMkNEMi85RmZ2akJtcUNYYk9CRm1sXzNDY1hjcFB4
OVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGZnZqQm1xQ1hiT0JGbWxfM0NjWGNwUHg5WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkxMUMvQkJDNTRCQTQxRDgzMTFFMjhFN0UyREQ5MDhCMDJDRDIvOEVFRTY0OEFF
NjM4MTFFQjkxRDQ4MDMzQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAJFswDQYJKoZIhvcNAQELBQADggEBAJLH6MAEPuJDJ53/6ZitBYZa
2DxD7eSNau3y/W+AzXCjmu+mexKip/UNwdB7pz2yX3LuHyiRyoVFNXiwwWwhIv3U
M5r9o1Gl+/XjOrMemTpJLOVXQGYqoikMT0S6tziboCeIUR1+o8w1Do/Kex2RrYsd
XZ8GBCdPAfA+CuWNgF1cQMpWQV5CzeCyvJ4lw9lxKNnKDEugWfhBrk7DWtmOBXZT
Qo0MeWEpvkeOJT9bQFPSvkWukbzmLAFeUWrnwTO4XJlWL8v0vvcJsdcTdDQBGIaP
fG84/SAXvz4MPnHaotuH4HPXwmZu4IgfWtNBhGT81CZakJae1jU208raNKfcGBg=
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:25:43 2026 by rpki-client