Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B50D/EF8E3DAC7BBC11EF92EE1A66C4F9AE02/EABF54FA7BC111EFA1A45E4BC4F9AE02.roa
File:                     EABF54FA7BC111EFA1A45E4BC4F9AE02.roa (raw, json)
Hash identifier:          qRotpQiH1hmqyyBpvm78nHm3IxwzhVSg2FeFF2SGe/A=
Subject key identifier:   E1:AB:8D:53:50:EC:60:BA:CA:BB:A9:A9:EA:47:62:68:65:B4:46:58
Certificate issuer:       /CN=A915B50D/serialNumber=586F933176F6545435BB0697FE5F982A2093941B
Certificate serial:       0158
Authority key identifier: 58:6F:93:31:76:F6:54:54:35:BB:06:97:FE:5F:98:2A:20:93:94:1B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WG-TMXb2VFQ1uwaX_l-YKiCTlBs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B50D/EF8E3DAC7BBC11EF92EE1A66C4F9AE02/EABF54FA7BC111EFA1A45E4BC4F9AE02.roa
Signing time:             Sun 05 Jul 2026 06:32:08 +0000
ROA not before:           Sun 05 Jul 2026 06:32:08 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     153042
IP address blocks:        2001:df3:fcc0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915B50D/EF8E3DAC7BBC11EF92EE1A66C4F9AE02/WG-TMXb2VFQ1uwaX_l-YKiCTlBs.crl
                          rsync://rpki.apnic.net/member_repository/A915B50D/EF8E3DAC7BBC11EF92EE1A66C4F9AE02/WG-TMXb2VFQ1uwaX_l-YKiCTlBs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WG-TMXb2VFQ1uwaX_l-YKiCTlBs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 344 (0x158)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B50D, serialNumber=586F933176F6545435BB0697FE5F982A2093941B
        Validity
            Not Before: Jul  5 06:32:08 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a49fa67-030b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:42:07:a6:ee:3a:d7:0b:0e:88:eb:e6:6b:3d:
                    ca:8f:38:e8:8b:6c:e4:78:6a:f8:70:b6:03:cb:8f:
                    3c:05:3a:10:5e:7b:0a:bc:40:82:32:82:e5:28:e0:
                    41:27:85:ce:fa:d4:37:72:c0:48:f8:3b:b8:0d:0b:
                    f9:c4:a8:06:2e:89:dd:35:42:fa:c3:c2:ec:62:15:
                    c0:e4:80:11:b9:dc:f0:a1:4e:d7:6e:7d:13:11:1d:
                    ea:86:31:de:45:ec:04:6b:a2:cb:80:67:4b:ca:f8:
                    c6:83:6e:c6:e2:0c:b5:bf:54:86:49:ff:58:11:46:
                    13:6b:68:10:95:e1:d0:05:8a:35:55:5d:dc:ec:a9:
                    f0:53:00:a5:f3:3e:b4:ed:6d:c8:e4:64:8c:0e:25:
                    c8:f8:99:40:94:8a:04:53:70:02:63:29:11:ea:4f:
                    d3:05:27:30:b1:58:20:f0:e3:78:b7:26:3d:48:43:
                    64:43:b4:8f:30:67:0b:8a:1d:67:4b:13:47:2b:61:
                    5f:7a:8a:84:24:4c:02:3b:02:6e:fe:69:5e:72:b2:
                    c1:17:be:5a:67:23:f0:93:7e:c6:06:30:1a:41:8f:
                    c4:3c:dc:ca:2f:39:ef:ef:53:ae:06:f8:5c:4d:ce:
                    8a:c1:9a:16:ea:cd:db:f9:f5:be:9a:95:4a:08:85:
                    68:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:AB:8D:53:50:EC:60:BA:CA:BB:A9:A9:EA:47:62:68:65:B4:46:58
            X509v3 Authority Key Identifier:
                keyid:58:6F:93:31:76:F6:54:54:35:BB:06:97:FE:5F:98:2A:20:93:94:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B50D/EF8E3DAC7BBC11EF92EE1A66C4F9AE02/WG-TMXb2VFQ1uwaX_l-YKiCTlBs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WG-TMXb2VFQ1uwaX_l-YKiCTlBs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B50D/EF8E3DAC7BBC11EF92EE1A66C4F9AE02/EABF54FA7BC111EFA1A45E4BC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:fcc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:77:81:86:d4:8b:e7:ee:fd:63:84:23:88:17:9e:99:d3:b0:
         c5:5a:2b:29:cf:52:8d:19:fa:d9:d7:7f:6d:8b:d9:6c:41:05:
         c6:31:b9:c0:b6:cb:d1:23:5c:49:05:b7:e6:46:01:08:c3:1a:
         9e:18:e8:fe:54:3f:8c:55:60:73:57:5f:ba:91:d7:40:ce:ee:
         0e:8a:31:ea:07:dd:78:4a:72:dc:25:93:db:a2:ef:b1:37:77:
         df:78:06:d8:f8:28:cc:20:e0:cb:52:94:2f:06:7e:e5:3b:88:
         6c:28:7b:5d:29:bc:76:f4:0a:80:0b:6e:d1:cf:7b:6f:c9:76:
         93:6c:ba:c5:e7:01:31:ef:83:75:48:bb:49:37:f4:d2:8b:f7:
         a9:5e:63:ca:f6:dd:4d:a7:8e:2d:76:20:fa:b7:17:25:5b:e5:
         b8:5c:8f:95:48:6b:e5:6d:5e:9f:d7:72:08:2a:70:35:7a:6e:
         64:a8:2a:08:7b:84:eb:be:9a:d6:f9:17:32:0b:0f:12:68:85:
         d8:aa:c3:b3:6f:4d:6d:fe:0c:14:d6:e6:c1:9d:10:6e:12:fa:
         9f:39:9c:00:bc:ed:fa:91:7a:07:d8:1c:85:3d:d4:45:59:38:
         98:21:67:05:ea:e9:e7:93:eb:c3:1f:1f:4b:ec:9d:50:85:bc:
         2e:4e:1a:3f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICAVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI1MEQxMTAvBgNVBAUTKDU4NkY5MzMxNzZGNjU0NTQzNUJCMDY5N0ZFNUY5ODJB
MjA5Mzk0MUIwHhcNMjYwNzA1MDYzMjA4WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5ZmE2Ny0wMzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzUIHpu461wsOiOvmaz3Kjzjoi2zkeGr4cLYDy488BToQXnsKvECCMoLlKOBB
J4XO+tQ3csBI+Du4DQv5xKgGLondNUL6w8LsYhXA5IARudzwoU7Xbn0TER3qhjHe
RewEa6LLgGdLyvjGg27G4gy1v1SGSf9YEUYTa2gQleHQBYo1VV3c7KnwUwCl8z60
7W3I5GSMDiXI+JlAlIoEU3ACYykR6k/TBScwsVgg8ON4tyY9SENkQ7SPMGcLih1n
SxNHK2FfeoqEJEwCOwJu/mlecrLBF75aZyPwk37GBjAaQY/EPNzKLznv71OuBvhc
Tc6KwZoW6s3b+fW+mpVKCIVorQIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFOGrjVNQ
7GC6yrupqepHYmhltEZYMB8GA1UdIwQYMBaAFFhvkzF29lRUNbsGl/5fmCogk5Qb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjUwRC9FRjhFM0RBQzdC
QkMxMUVGOTJFRTFBNjZDNEY5QUUwMi9XRy1UTVhiMlZGUTF1d2FYX2wtWUtpQ1Rs
QnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dHLVRNWGIyVkZRMXV3YVhfbC1ZS2lDVGxCcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUI1MEQvRUY4RTNEQUM3QkJDMTFFRjkyRUUxQTY2QzRGOUFFMDIvRUFCRjU0RkE3
QkMxMTFFRkExQTQ1RTRCQzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAEN8/zAMA0GCSqGSIb3DQEBCwUAA4IBAQCRd4GG1Ivn7v1jhCOI
F56Z07DFWispz1KNGfrZ139ti9lsQQXGMbnAtsvRI1xJBbfmRgEIwxqeGOj+VD+M
VWBzV1+6kddAzu4OijHqB914SnLcJZPbou+xN3ffeAbY+CjMIODLUpQvBn7lO4hs
KHtdKbx29AqAC27Rz3tvyXaTbLrF5wEx74N1SLtJN/TSi/epXmPK9t1Np44tdiD6
txclW+W4XI+VSGvlbV6f13IIKnA1em5kqCoIe4TrvprW+RcyCw8SaIXYqsOzb01t
/gwU1ubBnRBuEvqfOZwAvO36kXoH2ByFPdRFWTiYIWcF6unnk+vDHx9L7J1Qhbwu
Tho/
-----END CERTIFICATE-----
Generated at Sat Jul 18 07:15:20 2026 by rpki-client