Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/627A2B5C6E8211EFA8F9497EC4F9AE02.roa
File:                     627A2B5C6E8211EFA8F9497EC4F9AE02.roa (raw, json)
Hash identifier:          Uwp4dPnIj4nwTdPjgAwQ5O2+/EKHU7iq246nqLcdCkc=
Subject key identifier:   C8:68:05:DA:22:1F:6B:86:AC:D6:74:E4:02:3C:E0:83:A4:B2:77:F4
Certificate issuer:       /CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
Certificate serial:       028F
Authority key identifier: 48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/627A2B5C6E8211EFA8F9497EC4F9AE02.roa
Signing time:             Mon 22 Jun 2026 06:33:28 +0000
ROA not before:           Mon 22 Jun 2026 06:33:28 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     133956
IP address blocks:        2400:6280:194::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl
                          rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:37:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 655 (0x28f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919536C, serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
        Validity
            Not Before: Jun 22 06:33:28 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a38d738-f520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bd:12:77:4b:04:c6:70:14:67:ec:e6:06:94:
                    9f:fb:79:89:45:84:a2:26:89:57:18:34:b2:72:ed:
                    08:8c:12:52:20:55:5c:cc:b5:d0:3a:70:84:ac:49:
                    8f:24:24:4e:52:d5:57:af:51:35:d0:8c:b1:c0:54:
                    1a:aa:b3:48:34:00:b7:ac:08:0f:d5:ea:4e:ee:e0:
                    b1:16:38:36:a3:b8:59:c4:52:58:6b:fd:53:d0:b5:
                    e0:74:71:1a:e8:cd:45:cf:92:24:f1:1f:86:8e:3c:
                    bb:24:d0:be:1a:90:af:d9:4b:86:7a:84:0e:3b:53:
                    27:57:f9:76:12:f0:3d:06:2d:59:9f:59:f8:e5:a9:
                    3b:36:5f:37:bc:2d:b4:8a:73:4e:17:25:d0:48:9d:
                    97:8f:45:fc:f0:5e:c4:ea:2d:ff:70:d0:17:5b:1d:
                    48:30:0c:e9:72:31:14:4e:cd:89:b1:5f:f8:6c:9c:
                    88:47:2f:c0:19:fc:ba:d9:91:98:b7:65:f2:36:9f:
                    b5:a8:84:9a:3d:16:83:23:fd:91:cc:fb:38:f3:1d:
                    1d:43:4d:b1:4c:96:ec:a6:b4:15:3c:72:87:49:bd:
                    36:33:88:7c:9d:05:8d:02:9e:98:3d:47:55:37:75:
                    cb:04:16:ee:ba:73:28:ad:d4:84:5c:ec:6e:29:ea:
                    e4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:68:05:DA:22:1F:6B:86:AC:D6:74:E4:02:3C:E0:83:A4:B2:77:F4
            X509v3 Authority Key Identifier:
                keyid:48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/627A2B5C6E8211EFA8F9497EC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:6280:194::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:1f:44:eb:96:6c:3a:f1:38:f8:a4:45:c0:63:25:39:c0:a0:
         74:27:fd:34:70:07:b9:1c:fb:36:37:be:0f:71:23:57:69:d2:
         15:74:06:4e:09:af:f5:6a:f2:ac:e0:10:2b:fd:c0:9e:32:75:
         d7:80:f2:25:84:72:21:79:37:cc:5a:1c:c5:3a:c1:30:07:c3:
         b9:55:1b:98:2d:f2:a2:40:3e:08:13:1e:92:4a:21:f8:0c:15:
         a2:ce:95:1c:a3:cf:73:4a:81:b7:a7:d6:96:61:47:5b:59:1a:
         95:61:2e:d2:01:95:74:15:2b:26:3a:e4:f3:c3:9a:b3:89:13:
         63:6e:fa:06:38:02:72:7a:18:22:5e:19:6b:0d:8e:12:1f:6e:
         a4:da:99:84:45:fa:4d:6a:f8:54:e5:f3:e7:9b:00:be:23:eb:
         c6:44:0c:da:0b:a5:bc:f8:08:fa:b0:e9:f1:84:99:3b:ce:55:
         70:45:46:bc:90:2d:d7:4a:97:e0:e5:68:c4:6f:f0:6e:12:da:
         d2:0a:4b:3c:13:9c:03:26:05:5c:bf:49:ed:29:cb:2b:fa:03:
         33:4b:d2:7b:c0:a4:32:dc:11:2d:22:35:41:df:b3:83:eb:8d:
         52:79:f1:0f:f9:4a:83:22:fa:a0:d0:25:9b:00:2f:5c:f0:9c:
         6d:44:23:ae
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzNkMxMTAvBgNVBAUTKDQ4ODk3MDUwNjI2NEVGOTZEODFFQzEyRTZBQkQyNTZE
QjMwRkRDRkEwHhcNMjYwNjIyMDYzMzI4WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTM4ZDczOC1mNTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAor0Sd0sExnAUZ+zmBpSf+3mJRYSiJolXGDSycu0IjBJSIFVczLXQOnCErEmP
JCROUtVXr1E10IyxwFQaqrNINAC3rAgP1epO7uCxFjg2o7hZxFJYa/1T0LXgdHEa
6M1Fz5Ik8R+Gjjy7JNC+GpCv2UuGeoQOO1MnV/l2EvA9Bi1Zn1n45ak7Nl83vC20
inNOFyXQSJ2Xj0X88F7E6i3/cNAXWx1IMAzpcjEUTs2JsV/4bJyIRy/AGfy62ZGY
t2XyNp+1qISaPRaDI/2RzPs48x0dQ02xTJbsprQVPHKHSb02M4h8nQWNAp6YPUdV
N3XLBBbuunMordSEXOxuKerkRwIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFMhoBdoi
H2uGrNZ05AI84IOksnf0MB8GA1UdIwQYMBaAFEiJcFBiZO+W2B7BLmq9JW2zD9z6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTM2Qy83RTREODQ2MDM2
NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9TSWx3VUdKazc1YllIc0V1YXIwbGJiTVAz
UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NJbHdVR0prNzViWUhzRXVhcjBsYmJNUDNQby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTUzNkMvN0U0RDg0NjAzNjYwMTFFRTg4RTBGNTMwQzRGOUFFMDIvNjI3QTJCNUM2
RTgyMTFFRkE4Rjk0OTdFQzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJABigAGUMA0GCSqGSIb3DQEBCwUAA4IBAQB8H0Trlmw68Tj4pEXA
YyU5wKB0J/00cAe5HPs2N74PcSNXadIVdAZOCa/1avKs4BAr/cCeMnXXgPIlhHIh
eTfMWhzFOsEwB8O5VRuYLfKiQD4IEx6SSiH4DBWizpUco89zSoG3p9aWYUdbWRqV
YS7SAZV0FSsmOuTzw5qziRNjbvoGOAJyehgiXhlrDY4SH26k2pmERfpNavhU5fPn
mwC+I+vGRAzaC6W8+Aj6sOnxhJk7zlVwRUa8kC3XSpfg5WjEb/BuEtrSCks8E5wD
JgVcv0ntKcsr+gMzS9J7wKQy3BEtIjVB37OD641SefEP+UqDIvqg0CWbAC9c8Jxt
RCOu
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:21:24 2026 by rpki-client