Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/7AC60C48CEB611ED8850A727C4F9AE02.roa
File:                     7AC60C48CEB611ED8850A727C4F9AE02.roa (raw, json)
Hash identifier:          WBzcS8WqNOR7OFCXitElttUvhLJweHM8ye22np6XMV8=
Subject key identifier:   51:86:71:B5:DC:85:7A:19:36:E6:3C:45:88:80:56:6B:4C:72:48:5B
Certificate issuer:       /CN=A9173CE6/serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Certificate serial:       0791
Authority key identifier: 33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/7AC60C48CEB611ED8850A727C4F9AE02.roa
Signing time:             Sat 04 Jul 2026 22:23:28 +0000
ROA not before:           Sat 04 Jul 2026 22:23:28 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     38465
IP address blocks:        210.215.82.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
                          rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 22:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1937 (0x791)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9173CE6, serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
        Validity
            Not Before: Jul  4 22:23:28 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a4987e0-579c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:01:b1:6f:8d:6b:fa:70:a6:d0:a3:b8:2e:7f:
                    67:df:e4:af:5f:08:63:34:61:e5:ee:21:d8:bc:9d:
                    ee:0e:1d:0a:a7:4b:b6:c5:03:0c:64:73:bc:a7:b9:
                    be:2e:4d:b0:3f:85:b5:43:2e:6d:ab:52:52:1e:96:
                    86:78:78:78:db:b3:c6:fc:12:06:f8:5e:f8:a6:a4:
                    4e:5c:9d:0f:0a:e5:71:cd:6f:76:82:d2:03:25:4f:
                    f4:df:ad:c9:3e:4d:36:91:0f:8f:3f:8e:33:57:64:
                    34:2c:0a:45:41:fe:45:74:c7:d7:e0:42:30:76:0b:
                    02:5f:96:6f:e9:66:ce:22:05:f6:7e:a7:5b:9a:40:
                    0e:3e:0e:d6:1a:4b:c7:70:d8:fa:60:50:e6:55:3a:
                    60:a0:37:88:45:f0:1a:6a:d6:c8:86:eb:f2:c6:fa:
                    49:44:93:42:00:07:38:2c:8e:59:69:05:fd:58:63:
                    e5:b5:4b:ef:dd:ce:6c:a5:9f:75:a6:0e:b4:85:86:
                    a9:cb:4a:2d:58:b0:66:32:ef:3d:2c:63:c4:7a:ee:
                    1b:83:93:1b:d7:75:8e:57:b5:e4:fa:b3:0f:ef:eb:
                    22:79:18:6f:fa:ff:79:10:ff:d0:9d:ab:51:68:bf:
                    c2:26:37:73:8a:0e:b3:86:24:03:78:6a:19:d4:e1:
                    fa:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:86:71:B5:DC:85:7A:19:36:E6:3C:45:88:80:56:6B:4C:72:48:5B
            X509v3 Authority Key Identifier:
                keyid:33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/7AC60C48CEB611ED8850A727C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.215.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:8e:6f:2c:fb:d0:38:7c:df:d8:b3:34:37:45:17:60:14:d6:
         43:fe:f4:35:c0:44:62:a1:6a:08:a6:07:95:cd:c0:98:55:74:
         dc:8b:9d:7c:ea:f0:2e:53:52:87:e5:db:b3:84:77:b6:6e:3c:
         6d:cc:80:59:86:9d:24:16:ee:7d:13:6a:6f:1b:df:11:6b:96:
         a1:d3:8d:e9:4d:5d:27:48:d7:5b:82:85:81:10:94:67:87:a0:
         67:85:47:60:07:ad:99:77:8e:88:d9:e3:69:d1:d4:f4:d0:2f:
         36:e6:40:87:39:e4:a2:bb:1f:17:d7:0e:b9:83:52:57:47:94:
         a3:81:02:19:d5:7c:91:29:8c:d1:55:2d:18:6b:04:d2:2f:44:
         0d:13:e3:6e:0f:74:be:e2:fd:6c:12:cf:1f:01:93:5f:5c:52:
         d4:2a:bd:fc:fa:8c:23:bf:64:c0:ef:42:ae:68:14:d6:ab:a2:
         d6:f3:c8:5d:bc:e8:f6:12:49:f6:4f:fb:3d:b4:74:8c:9f:9c:
         65:78:e6:b7:05:1a:93:43:46:13:61:d5:4a:7a:f3:dd:7c:d7:
         8a:0a:b3:1f:96:fa:a2:cf:14:bd:45:92:04:38:f5:6f:60:a5:
         9d:04:ca:ff:f4:02:a0:23:b6:48:29:14:0e:89:b7:ce:07:25:
         03:67:cb:3d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICB5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDRTYxMTAvBgNVBAUTKDMzMTk1Rjk2QzQ2RDREMjg1RDVCREU0QjBCMDMwRTM4
MzE0RThGQ0IwHhcNMjYwNzA0MjIyMzI4WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5ODdlMC01NzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAywGxb41r+nCm0KO4Ln9n3+SvXwhjNGHl7iHYvJ3uDh0Kp0u2xQMMZHO8p7m+
Lk2wP4W1Qy5tq1JSHpaGeHh427PG/BIG+F74pqROXJ0PCuVxzW92gtIDJU/0363J
Pk02kQ+PP44zV2Q0LApFQf5FdMfX4EIwdgsCX5Zv6WbOIgX2fqdbmkAOPg7WGkvH
cNj6YFDmVTpgoDeIRfAaatbIhuvyxvpJRJNCAAc4LI5ZaQX9WGPltUvv3c5spZ91
pg60hYapy0otWLBmMu89LGPEeu4bg5Mb13WOV7Xk+rMP7+sieRhv+v95EP/QnatR
aL/CJjdzig6zhiQDeGoZ1OH66wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFFGGcbXc
hXoZNuY8RYiAVmtMckhbMB8GA1UdIwQYMBaAFDMZX5bEbU0oXVveSwsDDjgxTo/L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NFNi8wRThFMjc4MDdC
RDAxMUVCODVBNjY5ODBDNEY5QUUwMi9NeGxmbHNSdFRTaGRXOTVMQ3dNT09ERk9q
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL014bGZsc1J0VFNoZFc5NUxDd01PT0RGT2o4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNDRTYvMEU4RTI3ODA3QkQwMTFFQjg1QTY2OTgwQzRGOUFFMDIvN0FDNjBDNDhD
RUI2MTFFRDg4NTBBNzI3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQA0tdSMA0GCSqGSIb3DQEBCwUAA4IBAQBYjm8s+9A4fN/YszQ3RRdg
FNZD/vQ1wERioWoIpgeVzcCYVXTci5186vAuU1KH5duzhHe2bjxtzIBZhp0kFu59
E2pvG98Ra5ah043pTV0nSNdbgoWBEJRnh6BnhUdgB62Zd46I2eNp0dT00C825kCH
OeSiux8X1w65g1JXR5SjgQIZ1XyRKYzRVS0YawTSL0QNE+NuD3S+4v1sEs8fAZNf
XFLUKr38+owjv2TA70KuaBTWq6LW88hdvOj2Ekn2T/s9tHSMn5xleOa3BRqTQ0YT
YdVKevPdfNeKCrMflvqizxS9RZIEOPVvYKWdBMr/9AKgI7ZIKRQOibfOByUDZ8s9
-----END CERTIFICATE-----
Generated at Tue Jul 7 15:47:47 2026 by rpki-client