Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/9CAF31CA5D8111F0A04DD550C4F9AE02.roa
File:                     9CAF31CA5D8111F0A04DD550C4F9AE02.roa (raw, json)
Hash identifier:          ObOITIzgGgqGBPGudigAZ1pn1ycFYqSZSvvOBF2J+iU=
Subject key identifier:   90:C4:97:41:E4:95:6F:9B:A5:6F:EB:8A:46:E3:AF:C5:A5:B3:DF:DC
Certificate issuer:       /CN=A913B510/serialNumber=1A16A391D325170B7B85C4BFC7855A177D347B6E
Certificate serial:       C6
Authority key identifier: 1A:16:A3:91:D3:25:17:0B:7B:85:C4:BF:C7:85:5A:17:7D:34:7B:6E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GhajkdMlFwt7hcS_x4VaF300e24.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/9CAF31CA5D8111F0A04DD550C4F9AE02.roa
Signing time:             Wed 15 Jul 2026 08:34:19 +0000
ROA not before:           Wed 15 Jul 2026 08:34:19 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     149486
IP address blocks:        160.30.16.0/24 maxlen: 24
                          160.30.17.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/GhajkdMlFwt7hcS_x4VaF300e24.crl
                          rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/GhajkdMlFwt7hcS_x4VaF300e24.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GhajkdMlFwt7hcS_x4VaF300e24.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 08:08:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 198 (0xc6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B510, serialNumber=1A16A391D325170B7B85C4BFC7855A177D347B6E
        Validity
            Not Before: Jul 15 08:34:19 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a57460b-7434
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2e:c8:0e:36:6d:0c:05:3f:97:11:eb:34:3a:
                    4c:8a:5c:dc:0e:6e:f5:6f:0f:2f:6f:35:cf:66:40:
                    a7:48:38:00:f1:48:a7:ce:28:3b:e2:4f:bd:23:33:
                    58:81:47:5b:e0:ff:45:92:32:24:f6:f5:c0:05:79:
                    af:b4:94:be:71:4f:b3:f3:bf:6e:5b:8f:9a:23:bf:
                    61:ac:07:0e:12:55:8e:4d:1b:e1:99:f0:ab:7b:e0:
                    77:fe:c1:dd:e9:78:bc:c2:9b:0e:d2:0b:bd:d2:ed:
                    42:b0:56:fe:08:32:b0:e7:65:70:c7:9e:f0:65:5a:
                    1d:1b:61:e8:63:9d:01:55:df:d1:77:3a:7c:7a:53:
                    e5:1b:06:77:50:4c:f7:7a:56:16:3f:82:e6:df:a5:
                    40:06:1d:a5:f6:e0:de:9d:6b:67:75:0d:73:df:46:
                    06:93:91:ee:94:df:ac:0f:40:1e:4c:fc:d8:f2:f3:
                    80:a0:79:01:f9:ca:2d:09:33:e9:06:1d:37:c1:15:
                    e9:ce:05:39:03:0a:28:d9:50:e8:77:ef:da:39:3d:
                    90:e7:2e:be:bf:58:15:15:cf:cf:26:32:5b:54:ba:
                    d4:ba:09:2c:ac:b6:6a:92:41:24:2b:ca:66:9a:31:
                    2c:85:64:15:23:7a:c9:12:61:78:c3:14:9d:70:44:
                    97:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:C4:97:41:E4:95:6F:9B:A5:6F:EB:8A:46:E3:AF:C5:A5:B3:DF:DC
            X509v3 Authority Key Identifier:
                keyid:1A:16:A3:91:D3:25:17:0B:7B:85:C4:BF:C7:85:5A:17:7D:34:7B:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/GhajkdMlFwt7hcS_x4VaF300e24.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GhajkdMlFwt7hcS_x4VaF300e24.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B510/1882D0E65D8111F091226E31C4F9AE02/9CAF31CA5D8111F0A04DD550C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:97:1d:cb:68:ae:c0:4d:53:11:19:dd:b6:86:dd:95:fb:57:
         77:e3:4d:b4:3f:0f:8d:16:8d:8b:a9:5b:c0:33:1c:f3:b0:bb:
         1f:3f:54:35:76:eb:60:ae:a9:1e:89:28:a2:f4:1a:e4:1b:a8:
         19:b4:46:4d:94:34:53:56:0d:b9:5e:b0:f1:15:8c:da:ff:c2:
         c3:15:82:b3:26:db:2c:21:c6:af:a2:ad:ec:9a:03:a9:9b:1b:
         b1:0f:8c:48:97:9d:28:78:87:90:c3:90:c9:ce:cc:0b:65:6f:
         7a:0c:75:c0:3c:6f:fe:d8:db:25:ea:84:5c:de:a6:5d:dd:78:
         23:4c:11:d5:76:57:f7:0f:f5:42:3c:95:37:45:f8:7f:c9:5d:
         51:2e:be:49:cb:21:22:04:ba:d4:84:3a:c6:f9:7b:90:c9:fb:
         b1:78:56:0d:af:60:60:8a:ca:b4:4c:35:22:e0:dc:b0:ad:84:
         3d:d5:98:f9:8a:3d:ea:84:7b:90:7a:34:1f:05:49:cd:93:9d:
         3d:94:37:e9:1e:3f:1c:31:b0:34:98:de:92:87:b9:c9:ff:77:
         bc:02:27:08:ab:03:f4:d6:e9:1d:7a:fb:1a:e8:8f:94:2d:90:
         e6:f8:b5:d6:1b:49:7f:dc:d7:a7:ff:3a:fd:db:af:01:af:cd:
         7b:56:88:d1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I1MTAxMTAvBgNVBAUTKDFBMTZBMzkxRDMyNTE3MEI3Qjg1QzRCRkM3ODU1QTE3
N0QzNDdCNkUwHhcNMjYwNzE1MDgzNDE5WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU3NDYwYi03NDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsi7IDjZtDAU/lxHrNDpMilzcDm71bw8vbzXPZkCnSDgA8Uinzig74k+9IzNY
gUdb4P9FkjIk9vXABXmvtJS+cU+z879uW4+aI79hrAcOElWOTRvhmfCre+B3/sHd
6Xi8wpsO0gu90u1CsFb+CDKw52Vwx57wZVodG2HoY50BVd/Rdzp8elPlGwZ3UEz3
elYWP4Lm36VABh2l9uDenWtndQ1z30YGk5HulN+sD0AeTPzY8vOAoHkB+cotCTPp
Bh03wRXpzgU5Awoo2VDod+/aOT2Q5y6+v1gVFc/PJjJbVLrUugksrLZqkkEkK8pm
mjEshWQVI3rJEmF4wxSdcESX5wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFJDEl0Hk
lW+bpW/rikbjr8Wls9/cMB8GA1UdIwQYMBaAFBoWo5HTJRcLe4XEv8eFWhd9NHtu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjUxMC8xODgyRDBFNjVE
ODExMUYwOTEyMjZFMzFDNEY5QUUwMi9HaGFqa2RNbEZ3dDdoY1NfeDRWYUYzMDBl
MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0doYWprZE1sRnd0N2hjU194NFZhRjMwMGUyNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I1MTAvMTg4MkQwRTY1RDgxMTFGMDkxMjI2RTMxQzRGOUFFMDIvOUNBRjMxQ0E1
RDgxMTFGMEEwNERENTUwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBoB4QMA0GCSqGSIb3DQEBCwUAA4IBAQAglx3LaK7ATVMRGd22ht2V
+1d34020Pw+NFo2LqVvAMxzzsLsfP1Q1dutgrqkeiSii9BrkG6gZtEZNlDRTVg25
XrDxFYza/8LDFYKzJtssIcavoq3smgOpmxuxD4xIl50oeIeQw5DJzswLZW96DHXA
PG/+2Nsl6oRc3qZd3XgjTBHVdlf3D/VCPJU3Rfh/yV1RLr5JyyEiBLrUhDrG+XuQ
yfuxeFYNr2Bgisq0TDUi4NywrYQ91Zj5ij3qhHuQejQfBUnNk509lDfpHj8cMbA0
mN6Sh7nJ/3e8AicIqwP01ukdevsa6I+ULZDm+LXWG0l/3Nen/zr9268Br817VojR
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:14:16 2026 by rpki-client