Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9134309/D41FA32C3EE311F0B9398442C4F9AE02/13CC532280EC11F0A973810CC4F9AE02.roa
File:                     13CC532280EC11F0A973810CC4F9AE02.roa (raw, json)
Hash identifier:          JqgQRdLeaIMLexLk5Sg27CS93/2/7D3KXGP9opjlvo0=
Subject key identifier:   58:4E:04:8D:EA:56:FC:A7:F4:01:CD:D3:5A:6E:2B:F7:80:3C:FB:BE
Certificate issuer:       /CN=A9134309/serialNumber=077BCD663B0E63BDF5E9B809AF71AEF1E5ADF63B
Certificate serial:       D3
Authority key identifier: 07:7B:CD:66:3B:0E:63:BD:F5:E9:B8:09:AF:71:AE:F1:E5:AD:F6:3B
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/B3vNZjsOY7316bgJr3Gu8eWt9js.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9134309/D41FA32C3EE311F0B9398442C4F9AE02/13CC532280EC11F0A973810CC4F9AE02.roa
Signing time:             Fri 19 Jun 2026 07:37:44 +0000
ROA not before:           Fri 19 Jun 2026 07:37:44 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     153879
IP address blocks:        165.99.35.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9134309/D41FA32C3EE311F0B9398442C4F9AE02/B3vNZjsOY7316bgJr3Gu8eWt9js.crl
                          rsync://rpki.apnic.net/member_repository/A9134309/D41FA32C3EE311F0B9398442C4F9AE02/B3vNZjsOY7316bgJr3Gu8eWt9js.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/B3vNZjsOY7316bgJr3Gu8eWt9js.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 07:37:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 211 (0xd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9134309, serialNumber=077BCD663B0E63BDF5E9B809AF71AEF1E5ADF63B
        Validity
            Not Before: Jun 19 07:37:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6a34f1c8-f106
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6e:c7:fd:92:b8:17:7f:f8:1f:de:76:ac:49:
                    c5:33:8c:a9:12:b4:f8:4f:fd:0f:af:f5:11:80:cd:
                    b8:84:52:a8:4c:76:cb:14:f0:45:09:38:fb:7a:87:
                    f5:db:14:ed:5e:49:03:b9:1b:35:bf:0a:21:d1:b1:
                    d6:aa:00:19:89:7b:e9:17:2e:b6:3f:69:3f:4e:71:
                    6c:11:d1:7f:be:92:83:85:52:28:6e:9a:8d:d9:7c:
                    a0:a1:b9:ee:f2:35:48:c1:34:62:58:4b:26:68:94:
                    65:75:3a:bc:c9:7d:8d:b0:a1:b9:ce:bc:2f:7c:b5:
                    46:7a:38:da:95:d5:5c:91:2b:02:a9:3a:2d:59:18:
                    18:6f:06:13:6f:53:c1:d9:4d:5d:02:80:47:e5:84:
                    84:d1:f5:2f:fc:9d:af:6c:a2:97:cc:23:93:91:8e:
                    0a:34:8d:08:62:e3:4f:f9:eb:3c:05:cc:cc:6f:44:
                    f3:10:43:32:dc:b2:4b:ba:9e:a9:d8:d8:1f:fc:28:
                    54:17:c1:86:dc:27:ad:d2:25:67:8b:bf:c5:27:aa:
                    55:b5:ff:a6:6c:6a:0a:2c:5a:93:89:fd:5a:72:8c:
                    0c:ff:7b:eb:0d:72:49:fb:c7:90:52:a0:62:8f:b0:
                    68:11:a1:f3:4d:29:9b:08:ea:61:d3:b1:d2:b9:fe:
                    3f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:4E:04:8D:EA:56:FC:A7:F4:01:CD:D3:5A:6E:2B:F7:80:3C:FB:BE
            X509v3 Authority Key Identifier:
                keyid:07:7B:CD:66:3B:0E:63:BD:F5:E9:B8:09:AF:71:AE:F1:E5:AD:F6:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9134309/D41FA32C3EE311F0B9398442C4F9AE02/B3vNZjsOY7316bgJr3Gu8eWt9js.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/B3vNZjsOY7316bgJr3Gu8eWt9js.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134309/D41FA32C3EE311F0B9398442C4F9AE02/13CC532280EC11F0A973810CC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.99.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:b7:8c:24:2c:98:b9:84:a7:43:44:48:be:98:0e:08:ac:3a:
         60:c9:2b:d9:27:37:f5:2c:a8:07:c0:f9:05:e2:7c:d3:cb:57:
         da:0f:56:7d:c3:cc:78:dc:81:17:4f:c0:97:30:32:b2:2d:25:
         a8:62:81:1a:ef:30:e7:4c:c0:6f:d6:3a:fe:ff:ac:1f:e4:c9:
         0a:29:3b:e5:f1:c2:df:0e:1b:af:0a:3a:8d:e8:cc:75:b4:b9:
         cd:71:55:f1:3e:0a:6c:03:9c:c0:7f:55:92:77:b6:db:1d:18:
         b3:7d:83:cb:cb:9c:2d:1c:0d:81:69:15:71:30:11:bc:d5:18:
         3d:e8:92:3b:f3:7a:3b:13:3c:74:72:5f:e1:de:38:c0:38:52:
         2e:21:56:d2:1d:cc:29:5a:fa:e9:15:c4:34:bd:80:df:bc:ab:
         f2:07:b1:7b:39:cd:9a:d8:cb:0b:e7:22:ac:3c:41:7e:bf:4d:
         e6:f6:1c:a8:24:10:e9:93:19:d3:e4:d1:aa:9a:7e:ce:3a:3b:
         fb:c1:f1:9d:bd:63:0b:6c:66:52:97:bb:c7:57:c5:38:6e:a5:
         6b:67:88:4c:2f:b1:a0:4f:a3:75:96:6e:ab:a0:48:41:ff:ce:
         d0:46:35:f1:85:c4:12:5d:fa:38:2b:43:27:a2:83:f6:c6:e6:
         e2:2b:60:b8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICANMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQzMDkxMTAvBgNVBAUTKDA3N0JDRDY2M0IwRTYzQkRGNUU5QjgwOUFGNzFBRUYx
RTVBREY2M0IwHhcNMjYwNjE5MDczNzQ0WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTM0ZjFjOC1mMTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzm7H/ZK4F3/4H952rEnFM4ypErT4T/0Pr/URgM24hFKoTHbLFPBFCTj7eof1
2xTtXkkDuRs1vwoh0bHWqgAZiXvpFy62P2k/TnFsEdF/vpKDhVIobpqN2Xygobnu
8jVIwTRiWEsmaJRldTq8yX2NsKG5zrwvfLVGejjaldVckSsCqTotWRgYbwYTb1PB
2U1dAoBH5YSE0fUv/J2vbKKXzCOTkY4KNI0IYuNP+es8BczMb0TzEEMy3LJLup6p
2Ngf/ChUF8GG3Cet0iVni7/FJ6pVtf+mbGoKLFqTif1acowM/3vrDXJJ+8eQUqBi
j7BoEaHzTSmbCOph07HSuf4/hwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFFhOBI3q
Vvyn9AHN01puK/eAPPu+MB8GA1UdIwQYMBaAFAd7zWY7DmO99em4Ca9xrvHlrfY7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDMwOS9ENDFGQTMyQzNF
RTMxMUYwQjkzOTg0NDJDNEY5QUUwMi9CM3ZOWmpzT1k3MzE2YmdKcjNHdThlV3Q5
anMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0Izdk5aanNPWTczMTZiZ0pyM0d1OGVXdDlqcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQzMDkvRDQxRkEzMkMzRUUzMTFGMEI5Mzk4NDQyQzRGOUFFMDIvMTNDQzUzMjI4
MEVDMTFGMEE5NzM4MTBDQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQApWMjMA0GCSqGSIb3DQEBCwUAA4IBAQBYt4wkLJi5hKdDREi+mA4I
rDpgySvZJzf1LKgHwPkF4nzTy1faD1Z9w8x43IEXT8CXMDKyLSWoYoEa7zDnTMBv
1jr+/6wf5MkKKTvl8cLfDhuvCjqN6Mx1tLnNcVXxPgpsA5zAf1WSd7bbHRizfYPL
y5wtHA2BaRVxMBG81Rg96JI783o7Ezx0cl/h3jjAOFIuIVbSHcwpWvrpFcQ0vYDf
vKvyB7F7Oc2a2MsL5yKsPEF+v03m9hyoJBDpkxnT5NGqmn7OOjv7wfGdvWMLbGZS
l7vHV8U4bqVrZ4hML7GgT6N1lm6roEhB/87QRjXxhcQSXfo4K0MnooP2xubiK2C4
-----END CERTIFICATE-----
Generated at Sat Jul 4 02:12:49 2026 by rpki-client