Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/7CB2221C91E111F09C322980C4F9AE02.roa
File:                     7CB2221C91E111F09C322980C4F9AE02.roa (raw, json)
Hash identifier:          gGX0+IJAB9Y8HK43VnoArGvarnNirkBuquyKdR9qJ+Y=
Subject key identifier:   0D:29:7A:B9:A0:9C:C4:32:CC:3E:89:BF:65:6C:FB:27:AC:E2:56:8B
Certificate issuer:       /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial:       1428
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/7CB2221C91E111F09C322980C4F9AE02.roa
Signing time:             Wed 15 Jul 2026 06:43:24 +0000
ROA not before:           Wed 15 Jul 2026 06:43:24 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     13335
IP address blocks:        203.116.108.0/24 maxlen: 24
                          203.117.8.0/24 maxlen: 24
                          203.117.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
                          rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 17:09:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5160 (0x1428)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
        Validity
            Not Before: Jul 15 06:43:24 2026 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=6a572c0c-62f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:65:e5:4e:2a:3e:1b:a1:83:fa:b4:ac:7b:be:
                    77:fc:03:e5:b7:1a:20:bd:a9:8d:0f:00:09:42:69:
                    d4:a1:68:63:8b:c2:3b:c2:3a:67:51:1d:f0:d2:a0:
                    aa:43:79:09:78:cd:44:c0:2a:14:3c:e6:e9:8d:d3:
                    ca:ba:0f:3f:d8:a2:27:66:b5:d4:a3:40:3d:ab:09:
                    59:17:dc:13:fa:27:31:a3:94:83:06:30:46:04:09:
                    e3:6a:b5:7d:4a:a8:4f:d7:43:90:22:73:4b:77:2e:
                    0a:a1:7e:8d:7b:6b:3f:d3:c4:89:5b:9f:6c:8d:19:
                    76:c4:c1:07:98:07:26:85:b9:32:35:e8:52:ae:42:
                    7c:e2:20:fa:50:43:63:ed:ac:20:12:a6:fb:0d:3f:
                    f5:26:c0:bc:f4:48:7b:d7:67:2e:85:57:e8:5a:d5:
                    6c:dd:4b:55:07:91:08:14:64:cb:11:70:3b:fd:d0:
                    8f:46:db:d4:c7:64:90:55:76:77:ab:12:21:f9:c9:
                    74:5d:2d:33:c3:6e:1a:9d:77:0e:41:06:73:ff:ef:
                    bf:e8:27:74:9c:70:cc:b4:48:61:4e:55:fa:60:28:
                    56:3d:3e:d8:73:e2:51:6d:8f:89:ca:5e:2b:79:63:
                    d4:c6:bd:ee:2e:8f:ba:6e:46:61:c3:f1:ac:89:80:
                    a8:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:29:7A:B9:A0:9C:C4:32:CC:3E:89:BF:65:6C:FB:27:AC:E2:56:8B
            X509v3 Authority Key Identifier:
                keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/7CB2221C91E111F09C322980C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.116.108.0/24
                  203.117.8.0/24
                  203.117.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:37:20:77:55:e8:47:83:b9:dd:0e:51:13:71:81:32:ad:e8:
         37:e1:5e:18:66:4c:1c:cf:5c:2c:0a:8c:62:cb:11:8e:8b:c2:
         e2:85:fe:86:91:d0:01:d3:5c:da:5d:87:b7:0c:2b:29:e3:2b:
         b2:8d:d4:c5:86:e8:dd:6b:45:03:5d:a8:1f:3a:2e:be:fd:d2:
         82:67:6d:87:32:b6:ec:90:cf:2d:be:47:cb:8e:58:fe:61:3e:
         5c:5c:11:42:a1:80:56:e5:7b:db:ef:3e:e7:8d:59:c6:0e:ef:
         ce:6b:37:9e:8d:13:e4:97:7d:f0:62:de:03:80:09:a8:04:29:
         d9:06:aa:5a:45:3f:91:67:04:c2:fb:e8:00:60:d9:46:04:fc:
         fd:84:26:38:e3:7e:26:83:13:8c:ed:b8:b6:5b:42:3d:5e:dd:
         03:88:17:9f:79:21:f6:7b:3e:45:c0:6f:1c:a0:41:c1:0b:31:
         a8:e2:c9:78:80:c8:40:4d:a1:50:c4:40:15:39:58:d2:1b:b6:
         a8:dd:e7:69:32:c4:c6:ef:a8:76:12:67:6e:51:2e:e9:26:81:
         dc:dc:2d:b3:6a:24:75:ab:1a:61:b3:5c:98:d3:b9:83:cd:83:
         93:d1:5b:db:0d:c3:af:5a:79:6c:d7:5c:8e:96:6b:60:f2:57:
         0f:b0:e6:69
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICFCgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjYwNzE1MDY0MzI0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU3MmMwYy02MmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAk2XlTio+G6GD+rSse753/APltxogvamNDwAJQmnUoWhji8I7wjpnUR3w0qCq
Q3kJeM1EwCoUPObpjdPKug8/2KInZrXUo0A9qwlZF9wT+icxo5SDBjBGBAnjarV9
SqhP10OQInNLdy4KoX6Ne2s/08SJW59sjRl2xMEHmAcmhbkyNehSrkJ84iD6UENj
7awgEqb7DT/1JsC89Eh712cuhVfoWtVs3UtVB5EIFGTLEXA7/dCPRtvUx2SQVXZ3
qxIh+cl0XS0zw24anXcOQQZz/++/6Cd0nHDMtEhhTlX6YChWPT7Yc+JRbY+Jyl4r
eWPUxr3uLo+6bkZhw/GsiYCo/wIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFA0permg
nMQyzD6Jv2Vs+yes4laLMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvN0NCMjIyMUM5
MUUxMTFGMDlDMzIyOTgwQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQAy3RsAwQAy3UIAwQAy3U1MA0GCSqGSIb3DQEBCwUAA4IBAQCINyB3
VehHg7ndDlETcYEyreg34V4YZkwcz1wsCoxiyxGOi8Lihf6GkdAB01zaXYe3DCsp
4yuyjdTFhujda0UDXagfOi6+/dKCZ22HMrbskM8tvkfLjlj+YT5cXBFCoYBW5Xvb
7z7njVnGDu/OazeejRPkl33wYt4DgAmoBCnZBqpaRT+RZwTC++gAYNlGBPz9hCY4
434mgxOM7bi2W0I9Xt0DiBefeSH2ez5FwG8coEHBCzGo4sl4gMhATaFQxEAVOVjS
G7ao3edpMsTG76h2EmduUS7pJoHc3C2zaiR1qxphs1yY07mDzYOT0VvbDcOvWnls
11yOlmtg8lcPsOZp
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:49:08 2026 by rpki-client