Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/0722D856931111EDB92FFC5FC4F9AE02.roa
File:                     0722D856931111EDB92FFC5FC4F9AE02.roa (raw, json)
Hash identifier:          tijk8+7R5ocWBvWHdRRYG7JX5+4WVVnKF/vJ0GQ6668=
Subject key identifier:   FC:94:48:AF:EC:63:90:E2:5F:7F:AA:C8:25:6D:4A:D3:5D:DF:68:C7
Certificate issuer:       /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial:       273F
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/0722D856931111EDB92FFC5FC4F9AE02.roa
Signing time:             Tue 30 Jun 2026 18:21:56 +0000
ROA not before:           Tue 30 Jun 2026 18:21:56 +0000
ROA not after:            Sat 31 Oct 2026 00:00:00 +0000
asID:                     141384
IP address blocks:        2001:df0:5580::/52 maxlen: 52
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
                          rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 17:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10047 (0x273f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B805, serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
        Validity
            Not Before: Jun 30 18:21:56 2026 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=6a440944-cb44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bf:26:f2:01:6b:df:b0:1a:f8:64:54:9f:d9:
                    a3:81:d2:ad:ed:c6:06:b1:30:3e:00:9f:31:79:c4:
                    85:41:f5:ac:80:43:14:e2:a8:68:7c:ca:d9:6d:eb:
                    f7:f9:28:1d:ae:6b:4b:b0:4b:25:3b:c1:34:e5:2c:
                    35:88:27:65:ed:83:4d:e9:ab:95:a1:f9:2c:32:79:
                    44:60:7d:da:39:a9:10:9f:e5:55:22:7c:0d:2c:d6:
                    1b:1e:20:6d:e0:49:e8:93:00:86:5c:78:8e:9f:01:
                    59:92:80:39:7c:22:0b:80:04:98:db:b6:8d:b0:ab:
                    d6:b8:5d:f8:d8:f8:bb:4e:5e:10:8d:96:b7:76:c0:
                    2b:db:81:59:4d:28:58:d5:20:b1:3a:a3:de:44:02:
                    0e:78:cb:f3:8e:e4:67:7b:70:54:e0:ea:a9:de:b7:
                    e3:35:c3:74:fe:ba:d4:52:ea:82:05:d8:6a:c3:83:
                    34:12:73:8e:dd:c8:63:1b:e3:6f:0c:6f:f9:80:18:
                    d2:81:b3:07:e2:99:6e:cf:28:1a:69:7d:5a:fd:c2:
                    77:cf:d6:27:56:19:fb:89:40:f4:d9:07:e0:9c:e4:
                    73:5a:dd:58:0f:f4:25:41:26:59:95:6a:2a:ff:49:
                    9a:2a:73:51:f0:26:d3:da:50:7a:86:19:39:71:9c:
                    37:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:94:48:AF:EC:63:90:E2:5F:7F:AA:C8:25:6D:4A:D3:5D:DF:68:C7
            X509v3 Authority Key Identifier:
                keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/0722D856931111EDB92FFC5FC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:5580::/52

    Signature Algorithm: sha256WithRSAEncryption
         29:e0:59:9b:53:92:c4:c1:20:af:46:4c:cb:0a:86:1b:52:0d:
         46:b2:84:3a:4c:a9:99:1a:ad:f2:ae:f6:73:02:12:34:85:af:
         46:14:a5:82:d5:b7:94:1b:da:cc:57:91:a0:9f:4b:9b:28:93:
         a2:5b:d5:72:66:26:64:5e:8a:33:12:92:d1:30:5c:70:81:b1:
         46:d3:75:c2:a6:be:d5:2a:2e:ed:ff:60:37:fe:29:dc:aa:cd:
         4c:fb:e7:ed:f7:58:af:e6:51:cf:61:cb:c3:a8:9c:00:f3:17:
         8f:34:34:b2:b8:f8:4c:d1:b6:39:8a:09:d8:ca:46:d8:7b:81:
         c7:06:6c:d2:61:de:01:67:9e:a5:1a:72:37:de:c1:0f:7a:3d:
         50:52:58:34:f5:d9:20:2e:70:2c:ee:ad:63:7e:98:1f:bf:14:
         f6:7c:b8:60:11:c0:ce:4a:67:ad:9b:a8:f7:5b:f4:34:54:74:
         0e:f0:5a:01:fb:98:66:d0:19:b5:b6:e5:4f:19:c9:40:94:ac:
         6c:16:28:fe:85:13:18:5d:0a:8a:c3:71:2e:ec:7a:c8:f3:88:
         bc:4e:30:74:8c:76:f6:85:81:a6:6f:74:38:1a:aa:45:1d:92:
         09:58:d4:6b:8e:1d:55:9f:25:00:aa:61:2e:30:b5:a4:b0:30:
         cb:2d:8a:c6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgICJz8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjYwNjMwMTgyMTU2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0MDk0NC1jYjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn78m8gFr37Aa+GRUn9mjgdKt7cYGsTA+AJ8xecSFQfWsgEMU4qhofMrZbev3
+SgdrmtLsEslO8E05Sw1iCdl7YNN6auVofksMnlEYH3aOakQn+VVInwNLNYbHiBt
4EnokwCGXHiOnwFZkoA5fCILgASY27aNsKvWuF342Pi7Tl4QjZa3dsAr24FZTShY
1SCxOqPeRAIOeMvzjuRne3BU4Oqp3rfjNcN0/rrUUuqCBdhqw4M0EnOO3chjG+Nv
DG/5gBjSgbMH4pluzygaaX1a/cJ3z9YnVhn7iUD02QfgnORzWt1YD/QlQSZZlWoq
/0maKnNR8CbT2lB6hhk5cZw3RwIDAQABo4ICZDCCAmAwHQYDVR0OBBYEFPyUSK/s
Y5DiX3+qyCVtStNd32jHMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvMDcyMkQ4NTY5
MzExMTFFREI5MkZGQzVGQzRGOUFFMDIucm9hMCMGCCsGAQUFBwEHAQH/BBQwEjAQ
BAIAAjAKAwgEIAEN8FWAADANBgkqhkiG9w0BAQsFAAOCAQEAKeBZm1OSxMEgr0ZM
ywqGG1INRrKEOkypmRqt8q72cwISNIWvRhSlgtW3lBvazFeRoJ9LmyiTolvVcmYm
ZF6KMxKS0TBccIGxRtN1wqa+1Sou7f9gN/4p3KrNTPvn7fdYr+ZRz2HLw6icAPMX
jzQ0srj4TNG2OYoJ2MpG2HuBxwZs0mHeAWeepRpyN97BD3o9UFJYNPXZIC5wLO6t
Y36YH78U9ny4YBHAzkpnrZuo91v0NFR0DvBaAfuYZtAZtbblTxnJQJSsbBYo/oUT
GF0KisNxLux6yPOIvE4wdIx29oWBpm90OBqqRR2SCVjUa44dVZ8lAKphLjC1pLAw
yy2Kxg==
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:38:23 2026 by rpki-client