Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/F51AC6A6C99A11EFB5D4B020C4F9AE02.roa
File:                     F51AC6A6C99A11EFB5D4B020C4F9AE02.roa (raw, json)
Hash identifier:          Zi/te3DkYZD7Ur8Et0yqHz8Mq+SfZzIYRRKwYI5AslE=
Subject key identifier:   10:C7:6C:E6:E7:89:F6:8E:61:47:68:D1:9F:DD:EA:22:18:11:F1:58
Certificate issuer:       /CN=A911F536/serialNumber=2AE985815A10DD6D04523FC81D8DAFD726BE7816
Certificate serial:       0127
Authority key identifier: 2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/F51AC6A6C99A11EFB5D4B020C4F9AE02.roa
Signing time:             Sat 11 Jul 2026 07:33:26 +0000
ROA not before:           Sat 11 Jul 2026 07:33:26 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     141756
IP address blocks:        160.22.213.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.crl
                          rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:54:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 295 (0x127)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911F536, serialNumber=2AE985815A10DD6D04523FC81D8DAFD726BE7816
        Validity
            Not Before: Jul 11 07:33:26 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a51f1c6-6366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a0:13:11:d4:78:00:ef:0c:c1:1e:6a:ed:98:
                    27:e8:33:24:c6:a3:54:0e:ae:51:c4:c7:ad:bf:bd:
                    08:90:5a:81:35:91:a0:83:96:9c:ef:02:a5:8a:d1:
                    2c:15:19:04:b7:d3:0f:e3:0c:d2:75:99:22:82:1e:
                    f1:ae:2d:b7:15:e2:d3:4d:57:31:d6:33:14:35:bb:
                    05:46:81:24:9c:c0:10:20:0a:d8:7e:10:87:21:66:
                    01:4d:b2:2a:03:bf:3b:04:6e:06:ed:ed:70:2a:c5:
                    aa:f6:1d:3b:b4:a7:56:cc:da:93:5a:3b:db:1d:27:
                    61:61:81:3c:07:2f:9e:2d:31:59:22:c2:72:1c:a0:
                    75:5b:e6:a0:a7:f0:79:14:7a:00:0d:00:3c:af:52:
                    60:1c:4b:45:34:8d:20:b0:e3:86:7e:4b:a7:05:75:
                    7d:ef:1c:d7:d0:63:16:1d:ec:49:d3:31:23:78:74:
                    7b:f1:a5:aa:6d:c5:0e:08:74:f3:5a:ac:ae:c6:1b:
                    6c:a7:b6:fe:51:9b:ca:7d:22:4b:0f:93:45:72:76:
                    36:4f:38:71:f3:b3:b0:d6:b1:42:a9:aa:0f:dd:2c:
                    99:40:32:f0:bc:4d:e5:9d:cd:3a:52:95:05:6a:4e:
                    c3:e3:7d:ea:29:34:d1:20:f2:46:84:b9:93:59:f3:
                    19:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:C7:6C:E6:E7:89:F6:8E:61:47:68:D1:9F:DD:EA:22:18:11:F1:58
            X509v3 Authority Key Identifier:
                keyid:2A:E9:85:81:5A:10:DD:6D:04:52:3F:C8:1D:8D:AF:D7:26:BE:78:16

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/KumFgVoQ3W0EUj_IHY2v1ya-eBY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KumFgVoQ3W0EUj_IHY2v1ya-eBY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F536/9A86DBD0C99A11EFB4CEEF1EC4F9AE02/F51AC6A6C99A11EFB5D4B020C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:fc:8a:ff:50:1c:1a:18:7b:70:97:94:08:f7:bb:25:e4:37:
         5c:3f:4c:3a:a8:6e:02:f5:e5:dd:c7:c0:71:07:89:ed:ca:2e:
         03:d6:06:c2:8c:63:95:69:68:20:9b:6a:47:08:9c:47:cf:67:
         65:a8:4c:49:15:ae:fa:de:21:aa:4c:8f:dc:71:80:51:48:24:
         59:6e:4a:0d:e5:97:d9:10:0c:6a:93:0d:91:b5:bf:c8:74:86:
         a3:01:13:ce:68:ae:78:a5:ca:6c:2d:ff:9e:8c:22:db:31:4f:
         52:37:5c:c1:21:cc:39:8e:cb:99:50:c5:cf:d2:dd:a5:ca:75:
         53:31:5c:5a:e1:67:96:08:7f:4d:34:f2:a2:71:51:02:3f:d1:
         e7:17:b6:19:51:3e:3e:74:4d:70:18:28:7d:ce:b5:63:8c:46:
         b9:99:53:4f:25:d3:22:76:d6:c9:a7:06:65:27:50:d5:15:6f:
         d4:25:2b:e5:b2:fa:97:86:81:7c:c0:62:7b:fa:9b:42:95:94:
         a3:65:1e:d1:e9:f6:f5:a9:68:69:d9:a4:26:d2:ca:1c:ed:4e:
         0f:87:02:9a:f9:48:95:69:27:44:4b:2c:91:5b:02:0e:95:6a:
         52:da:ca:ec:cf:d4:f0:84:98:b6:36:5f:fd:5f:b0:77:45:fb:
         8c:ec:41:68
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUY1MzYxMTAvBgNVBAUTKDJBRTk4NTgxNUExMERENkQwNDUyM0ZDODFEOERBRkQ3
MjZCRTc4MTYwHhcNMjYwNzExMDczMzI2WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTUxZjFjNi02MzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp6ATEdR4AO8MwR5q7Zgn6DMkxqNUDq5RxMetv70IkFqBNZGgg5ac7wKlitEs
FRkEt9MP4wzSdZkigh7xri23FeLTTVcx1jMUNbsFRoEknMAQIArYfhCHIWYBTbIq
A787BG4G7e1wKsWq9h07tKdWzNqTWjvbHSdhYYE8By+eLTFZIsJyHKB1W+agp/B5
FHoADQA8r1JgHEtFNI0gsOOGfkunBXV97xzX0GMWHexJ0zEjeHR78aWqbcUOCHTz
Wqyuxhtsp7b+UZvKfSJLD5NFcnY2Tzhx87Ow1rFCqaoP3SyZQDLwvE3lnc06UpUF
ak7D433qKTTRIPJGhLmTWfMZnwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBDHbObn
ifaOYUdo0Z/d6iIYEfFYMB8GA1UdIwQYMBaAFCrphYFaEN1tBFI/yB2Nr9cmvngW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjUzNi85QTg2REJEMEM5
OUExMUVGQjRDRUVGMUVDNEY5QUUwMi9LdW1GZ1ZvUTNXMEVVal9JSFkydjF5YS1l
QlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0t1bUZnVm9RM1cwRVVqX0lIWTJ2MXlhLWVCWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUY1MzYvOUE4NkRCRDBDOTlBMTFFRkI0Q0VFRjFFQzRGOUFFMDIvRjUxQUM2QTZD
OTlBMTFFRkI1RDRCMDIwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAoBbVMA0GCSqGSIb3DQEBCwUAA4IBAQBm/Ir/UBwaGHtwl5QI97sl
5DdcP0w6qG4C9eXdx8BxB4ntyi4D1gbCjGOVaWggm2pHCJxHz2dlqExJFa763iGq
TI/ccYBRSCRZbkoN5ZfZEAxqkw2Rtb/IdIajARPOaK54pcpsLf+ejCLbMU9SN1zB
Icw5jsuZUMXP0t2lynVTMVxa4WeWCH9NNPKicVECP9HnF7YZUT4+dE1wGCh9zrVj
jEa5mVNPJdMidtbJpwZlJ1DVFW/UJSvlsvqXhoF8wGJ7+ptClZSjZR7R6fb1qWhp
2aQm0soc7U4PhwKa+UiVaSdESyyRWwIOlWpS2srsz9TwhJi2Nl/9X7B3RfuM7EFo
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:30:56 2026 by rpki-client