Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/7A180DFACEB611ED8850A727C4F9AE02.roa
File:                     7A180DFACEB611ED8850A727C4F9AE02.roa (raw, json)
Hash identifier:          yOtiPIymSWpxM64MUOZfNcIlCPN62Eex18db57t7CG8=
Subject key identifier:   65:2E:7D:A0:61:B5:5E:50:32:5D:DE:60:B5:84:AA:9E:75:66:85:0E
Certificate issuer:       /CN=A9173CE6/serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Certificate serial:       0790
Authority key identifier: 33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/7A180DFACEB611ED8850A727C4F9AE02.roa
Signing time:             Sat 04 Jul 2026 22:23:27 +0000
ROA not before:           Sat 04 Jul 2026 22:23:27 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     38055
IP address blocks:        210.215.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
                          rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 22:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1936 (0x790)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9173CE6, serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
        Validity
            Not Before: Jul  4 22:23:27 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a4987df-dba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a3:0f:ff:25:5b:e7:5d:57:22:a0:be:6d:85:
                    2c:2c:8a:52:e3:e4:08:05:d2:d9:13:cb:62:c7:f6:
                    64:89:4f:40:72:8f:e5:f4:e2:9c:8d:49:96:c6:d2:
                    71:7d:45:9d:f4:41:81:09:ec:cf:ce:83:2c:c3:28:
                    b2:f1:f4:3d:a6:e9:d0:fc:ad:bb:b2:4c:ff:1c:46:
                    ec:be:38:71:77:ef:70:55:a9:55:43:8d:eb:2b:3a:
                    d3:4c:62:c2:e9:c1:a0:ec:c0:3d:b5:17:af:0e:f6:
                    40:e4:e1:54:3b:46:14:77:ed:24:59:f3:0e:ac:fc:
                    8e:1e:05:d0:52:f4:1d:e1:00:69:b4:52:c3:ef:f8:
                    b1:30:80:9c:3d:d4:79:fd:ed:a0:19:a9:33:4c:48:
                    4f:e6:aa:7e:3e:80:67:d3:b9:58:12:a9:2a:1b:20:
                    05:28:d9:3a:24:16:82:30:8b:be:d6:3b:c7:7a:4a:
                    d8:83:2c:7e:55:36:b7:51:3b:52:bf:e0:e0:04:1b:
                    46:df:02:8a:09:f3:ac:4f:b3:d2:d5:54:3f:36:6e:
                    ef:26:39:42:76:75:7f:57:66:cd:50:cb:0f:b7:0d:
                    eb:68:d5:84:59:af:02:3c:fe:21:c1:59:99:6f:33:
                    f0:c3:06:1c:f9:5b:d0:d4:8e:04:4f:d3:4c:23:b5:
                    e9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:2E:7D:A0:61:B5:5E:50:32:5D:DE:60:B5:84:AA:9E:75:66:85:0E
            X509v3 Authority Key Identifier:
                keyid:33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/7A180DFACEB611ED8850A727C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.215.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:ff:7b:36:8b:5a:0c:37:a7:44:5d:94:af:41:b0:f5:d6:e0:
         c0:c4:77:70:8d:e6:4a:3b:2e:fd:24:60:f8:db:8d:22:06:af:
         a2:bd:7d:9d:12:d3:f6:e5:07:68:e7:b1:bf:0e:bc:fd:99:ec:
         48:5d:7c:65:8b:d1:61:23:41:23:03:9c:2f:58:d1:e9:eb:3e:
         1c:f4:bb:55:26:89:20:d0:dc:58:48:ba:a6:a5:c3:3d:34:67:
         38:45:7d:9d:ff:75:a8:a7:6a:31:78:ef:b7:6d:63:f1:00:bb:
         20:79:e9:cc:01:33:fc:d4:9c:cd:6b:d9:32:ae:0b:25:5a:a4:
         c9:d2:7a:95:ac:8c:73:b2:76:42:6d:7c:1c:d0:bf:6d:d6:2f:
         61:6a:0d:11:b4:2a:bf:ff:a6:0b:a7:bf:e0:a2:b5:15:c0:d1:
         91:ad:f5:78:43:ea:15:43:b4:5b:9f:40:a0:cc:d3:4e:e1:d1:
         d9:16:ff:a8:30:c0:22:b8:bd:52:d9:33:8a:f5:18:84:0c:35:
         7e:f3:93:be:8f:99:a5:7e:ee:90:d5:e3:a1:4e:ce:39:65:5c:
         b5:8b:1c:a6:c7:7a:28:83:83:4b:db:4a:e5:b6:45:3b:ac:24:
         a6:d4:60:d2:74:d5:b9:ca:f5:9c:b0:ce:76:21:4a:35:8a:31:
         e3:1c:81:d8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICB5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDRTYxMTAvBgNVBAUTKDMzMTk1Rjk2QzQ2RDREMjg1RDVCREU0QjBCMDMwRTM4
MzE0RThGQ0IwHhcNMjYwNzA0MjIyMzI3WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5ODdkZi1kYmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr6MP/yVb511XIqC+bYUsLIpS4+QIBdLZE8tix/ZkiU9Aco/l9OKcjUmWxtJx
fUWd9EGBCezPzoMswyiy8fQ9punQ/K27skz/HEbsvjhxd+9wValVQ43rKzrTTGLC
6cGg7MA9tRevDvZA5OFUO0YUd+0kWfMOrPyOHgXQUvQd4QBptFLD7/ixMICcPdR5
/e2gGakzTEhP5qp+PoBn07lYEqkqGyAFKNk6JBaCMIu+1jvHekrYgyx+VTa3UTtS
v+DgBBtG3wKKCfOsT7PS1VQ/Nm7vJjlCdnV/V2bNUMsPtw3raNWEWa8CPP4hwVmZ
bzPwwwYc+VvQ1I4ET9NMI7XpeQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGUufaBh
tV5QMl3eYLWEqp51ZoUOMB8GA1UdIwQYMBaAFDMZX5bEbU0oXVveSwsDDjgxTo/L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NFNi8wRThFMjc4MDdC
RDAxMUVCODVBNjY5ODBDNEY5QUUwMi9NeGxmbHNSdFRTaGRXOTVMQ3dNT09ERk9q
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL014bGZsc1J0VFNoZFc5NUxDd01PT0RGT2o4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNDRTYvMEU4RTI3ODA3QkQwMTFFQjg1QTY2OTgwQzRGOUFFMDIvN0ExODBERkFD
RUI2MTFFRDg4NTBBNzI3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQA0tdOMA0GCSqGSIb3DQEBCwUAA4IBAQBb/3s2i1oMN6dEXZSvQbD1
1uDAxHdwjeZKOy79JGD4240iBq+ivX2dEtP25Qdo57G/Drz9mexIXXxli9FhI0Ej
A5wvWNHp6z4c9LtVJokg0NxYSLqmpcM9NGc4RX2d/3Wop2oxeO+3bWPxALsgeenM
ATP81JzNa9kyrgslWqTJ0nqVrIxzsnZCbXwc0L9t1i9hag0RtCq//6YLp7/gorUV
wNGRrfV4Q+oVQ7Rbn0CgzNNO4dHZFv+oMMAiuL1S2TOK9RiEDDV+85O+j5mlfu6Q
1eOhTs45ZVy1ixymx3oog4NL20rltkU7rCSm1GDSdNW5yvWcsM52IUo1ijHjHIHY
-----END CERTIFICATE-----
Generated at Tue Jul 7 15:47:26 2026 by rpki-client