Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A6254C72366311EEB376DC3AC4F9AE02.roa
File:                     A6254C72366311EEB376DC3AC4F9AE02.roa (raw, json)
Hash identifier:          jMAtYAvDCn0KufsRhwYKL7BC3XVgzDZQMiWdTFVqcZM=
Subject key identifier:   E4:5F:36:D4:18:D0:C3:2C:93:78:4C:D2:43:06:9B:A2:82:EA:EC:06
Certificate issuer:       /CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
Certificate serial:       0291
Authority key identifier: 48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A6254C72366311EEB376DC3AC4F9AE02.roa
Signing time:             Mon 22 Jun 2026 06:33:31 +0000
ROA not before:           Mon 22 Jun 2026 06:33:31 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     135381
IP address blocks:        2400:6280:11b::/48 maxlen: 48
                          2400:6280:145::/48 maxlen: 48
                          2400:6280:146::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl
                          rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:37:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 657 (0x291)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919536C, serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
        Validity
            Not Before: Jun 22 06:33:31 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a38d73b-da4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:18:13:f9:d1:99:19:76:91:42:c2:7c:59:39:
                    e4:69:fc:66:4b:03:e7:bb:03:13:98:87:4f:5e:a1:
                    60:02:34:c0:f3:cf:10:8d:07:14:23:03:49:f4:94:
                    83:16:f0:9f:2d:e1:e2:7d:23:c2:55:50:ab:8e:49:
                    fc:c5:1d:2d:d9:66:3a:25:fe:ce:42:25:68:f1:24:
                    21:13:a4:9e:d6:34:b0:a3:7e:53:ed:c3:d1:40:15:
                    7a:06:a9:bb:e8:5f:2f:46:4b:bc:bb:c9:27:a5:94:
                    4f:55:2f:17:61:43:86:e5:0c:68:65:ea:9e:79:3c:
                    c2:4c:b4:f9:48:c8:60:b6:4c:90:6f:46:ba:68:c3:
                    9d:cc:10:4e:f7:de:b3:50:5d:ce:95:34:76:85:ec:
                    25:96:8d:7f:b5:3f:40:1c:d5:db:d3:78:06:37:bf:
                    4e:58:49:d4:cc:47:2f:35:3f:97:9f:14:7d:3b:f2:
                    dd:88:c1:71:3d:e1:75:d7:32:55:30:a1:6d:a3:89:
                    33:b6:ba:b6:03:24:1d:a6:d3:bd:a4:d5:56:43:de:
                    8a:f1:53:14:f8:d3:d6:fa:ec:62:e0:47:84:bc:bc:
                    04:f6:2a:56:0e:c1:a7:9c:9f:8e:d5:53:09:9e:35:
                    18:29:69:07:02:e7:ea:74:f1:e2:94:17:8b:76:e3:
                    e7:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:5F:36:D4:18:D0:C3:2C:93:78:4C:D2:43:06:9B:A2:82:EA:EC:06
            X509v3 Authority Key Identifier:
                keyid:48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A6254C72366311EEB376DC3AC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:6280:11b::/48
                  2400:6280:145::-2400:6280:146:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         98:77:11:dd:25:73:8b:9f:dc:58:89:60:3a:a0:4c:18:c6:1c:
         0f:a0:f4:c5:24:c2:08:22:46:82:8d:1f:16:60:77:59:48:1f:
         a1:c9:d2:f0:bd:fd:96:37:31:4a:ab:52:0b:63:fd:bf:bb:79:
         1e:e5:dd:f9:da:97:7b:9a:d6:c0:99:3c:24:2d:9e:61:09:49:
         64:10:60:4f:f0:da:fc:2c:16:e7:e5:a7:46:60:f6:15:3a:67:
         0a:ca:9f:a4:c9:4f:b5:de:a2:63:5a:f2:e3:22:e8:6b:6f:33:
         a6:7a:79:69:25:46:8d:35:5a:41:ee:43:a3:6d:d2:c4:f4:5b:
         69:13:81:4a:3c:f9:20:35:c2:46:f6:37:a4:6e:2a:8f:69:89:
         95:79:f2:c4:40:82:f7:db:3f:c6:31:5e:d5:05:a6:09:a0:f2:
         2d:b1:2a:07:30:d7:d2:6c:ac:c6:19:98:05:ac:50:ef:52:20:
         c9:f0:ad:e0:8c:b8:2d:1d:cc:5b:04:c3:67:19:76:2e:fb:3f:
         5f:49:44:54:86:12:13:ed:f4:bc:f3:31:bf:65:0f:e7:41:27:
         34:82:80:03:f2:b7:5e:61:68:e2:8c:bf:bc:79:80:9a:c3:02:
         49:28:82:47:00:b7:29:a2:0f:84:20:f3:4b:7e:ff:8e:10:8b:
         02:62:b1:bc
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgICApEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzNkMxMTAvBgNVBAUTKDQ4ODk3MDUwNjI2NEVGOTZEODFFQzEyRTZBQkQyNTZE
QjMwRkRDRkEwHhcNMjYwNjIyMDYzMzMxWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTM4ZDczYi1kYTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxxgT+dGZGXaRQsJ8WTnkafxmSwPnuwMTmIdPXqFgAjTA888QjQcUIwNJ9JSD
FvCfLeHifSPCVVCrjkn8xR0t2WY6Jf7OQiVo8SQhE6Se1jSwo35T7cPRQBV6Bqm7
6F8vRku8u8knpZRPVS8XYUOG5QxoZeqeeTzCTLT5SMhgtkyQb0a6aMOdzBBO996z
UF3OlTR2hewllo1/tT9AHNXb03gGN79OWEnUzEcvNT+XnxR9O/LdiMFxPeF11zJV
MKFto4kztrq2AyQdptO9pNVWQ96K8VMU+NPW+uxi4EeEvLwE9ipWDsGnnJ+O1VMJ
njUYKWkHAufqdPHilBeLduPnXwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFORfNtQY
0MMsk3hM0kMGm6KC6uwGMB8GA1UdIwQYMBaAFEiJcFBiZO+W2B7BLmq9JW2zD9z6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTM2Qy83RTREODQ2MDM2
NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9TSWx3VUdKazc1YllIc0V1YXIwbGJiTVAz
UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NJbHdVR0prNzViWUhzRXVhcjBsYmJNUDNQby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTUzNkMvN0U0RDg0NjAzNjYwMTFFRTg4RTBGNTMwQzRGOUFFMDIvQTYyNTRDNzIz
NjYzMTFFRUIzNzZEQzNBQzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAj
BAIAAjAdAwcAJABigAEbMBIDBwAkAGKAAUUDBwAkAGKAAUYwDQYJKoZIhvcNAQEL
BQADggEBAJh3Ed0lc4uf3FiJYDqgTBjGHA+g9MUkwggiRoKNHxZgd1lIH6HJ0vC9
/ZY3MUqrUgtj/b+7eR7l3fnal3ua1sCZPCQtnmEJSWQQYE/w2vwsFuflp0Zg9hU6
ZwrKn6TJT7XeomNa8uMi6GtvM6Z6eWklRo01WkHuQ6Nt0sT0W2kTgUo8+SA1wkb2
N6RuKo9piZV58sRAgvfbP8YxXtUFpgmg8i2xKgcw19JsrMYZmAWsUO9SIMnwreCM
uC0dzFsEw2cZdi77P19JRFSGEhPt9LzzMb9lD+dBJzSCgAPyt15haOKMv7x5gJrD
AkkogkcAtymiD4Qg80t+/44QiwJisbw=
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:21:12 2026 by rpki-client