Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A73AF738366311EEB376DC3AC4F9AE02.roa
File:                     A73AF738366311EEB376DC3AC4F9AE02.roa (raw, json)
Hash identifier:          zRfuMytYhcWLnLllRW7K+1aNo30L+FW1LetFjIoJ3yQ=
Subject key identifier:   90:0B:D6:45:F2:31:22:20:91:6D:ED:C4:FF:FA:87:1B:49:AE:E9:09
Certificate issuer:       /CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
Certificate serial:       0293
Authority key identifier: 48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A73AF738366311EEB376DC3AC4F9AE02.roa
Signing time:             Mon 22 Jun 2026 06:33:35 +0000
ROA not before:           Mon 22 Jun 2026 06:33:34 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     137977
IP address blocks:        119.110.200.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl
                          rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:37:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 659 (0x293)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919536C, serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
        Validity
            Not Before: Jun 22 06:33:34 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a38d73e-e883
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:57:6d:76:49:30:ce:f1:2b:91:bd:a5:c4:a3:
                    29:5c:69:c7:d9:da:f9:5f:67:44:b5:cd:81:e4:56:
                    80:97:9d:db:56:74:81:7f:fd:d9:0f:c7:22:79:2b:
                    0c:bd:2c:a1:d2:bb:76:fe:2d:2e:97:17:3d:cb:e3:
                    ab:7e:9a:6e:5e:31:06:89:f3:62:02:59:ac:03:1e:
                    a1:2e:3e:82:9d:20:c4:f6:3c:88:4c:62:6a:70:66:
                    4e:05:0f:3a:13:e4:71:26:5d:1e:28:f4:cb:b3:d5:
                    37:67:91:e0:a5:c5:e2:7c:d1:ec:f9:60:85:c1:76:
                    fa:89:55:a6:46:62:30:68:4d:b2:56:09:62:9b:23:
                    a5:06:28:0b:22:26:14:c7:df:15:18:f9:c2:1b:cc:
                    75:bc:51:e3:2d:68:2a:96:79:84:cf:63:15:2b:1b:
                    7f:d3:b3:57:34:30:1a:99:4f:49:51:fa:26:02:5d:
                    75:c6:be:1e:99:f0:ed:e6:fd:37:90:a4:8f:54:9e:
                    49:f8:90:22:5c:4d:15:1b:c4:ce:fc:90:d0:92:41:
                    27:71:e1:37:50:e8:60:15:39:60:0f:f3:25:d0:3c:
                    f7:84:8d:f4:75:0b:67:29:04:ab:2a:6e:ed:5d:31:
                    fe:51:45:0a:a2:ee:6c:76:c5:4d:13:8d:73:35:3c:
                    28:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:0B:D6:45:F2:31:22:20:91:6D:ED:C4:FF:FA:87:1B:49:AE:E9:09
            X509v3 Authority Key Identifier:
                keyid:48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A73AF738366311EEB376DC3AC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.110.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:b1:73:60:b5:48:73:9b:09:4b:5b:62:d6:05:6f:fe:1d:5b:
         d8:80:0e:6e:f5:41:c9:59:23:e7:7d:0c:57:be:a2:a9:83:f7:
         5d:9d:b9:8a:ec:c4:ca:07:f5:31:85:41:d0:60:a8:81:4a:21:
         ee:91:3c:cf:64:2c:ab:eb:c0:df:a6:cd:e2:d3:7e:40:29:42:
         fd:d2:93:d8:c6:d4:7c:24:25:97:e8:7a:76:7c:ee:6e:57:1b:
         d3:a7:78:21:f4:2b:8b:7b:40:b6:27:4a:8c:4f:00:07:6c:63:
         2f:11:f7:83:3d:1e:01:57:28:c8:c9:36:80:94:5d:06:60:97:
         e5:9d:6b:dc:42:02:6d:bc:15:a3:f0:8e:79:de:45:50:b1:1d:
         58:83:c8:7e:01:3b:44:11:d1:58:a8:19:ca:07:73:9d:eb:de:
         96:4a:53:0e:0d:a5:32:ab:0f:54:ac:eb:8e:a2:23:77:16:48:
         2f:9e:b9:03:04:af:16:80:83:a8:e3:4a:c5:cc:b0:4e:79:a5:
         b6:55:84:b6:08:0a:cf:1f:de:c7:2e:fe:a0:72:9e:0b:06:1f:
         58:a7:f4:9c:af:7f:15:84:26:07:8f:84:66:57:ac:ae:df:65:
         e1:9c:3a:24:15:45:e9:74:d6:66:b1:39:95:e2:d6:e0:62:49:
         f7:b7:15:01
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICApMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzNkMxMTAvBgNVBAUTKDQ4ODk3MDUwNjI2NEVGOTZEODFFQzEyRTZBQkQyNTZE
QjMwRkRDRkEwHhcNMjYwNjIyMDYzMzM0WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTM4ZDczZS1lODgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoFdtdkkwzvErkb2lxKMpXGnH2dr5X2dEtc2B5FaAl53bVnSBf/3ZD8cieSsM
vSyh0rt2/i0ulxc9y+OrfppuXjEGifNiAlmsAx6hLj6CnSDE9jyITGJqcGZOBQ86
E+RxJl0eKPTLs9U3Z5HgpcXifNHs+WCFwXb6iVWmRmIwaE2yVglimyOlBigLIiYU
x98VGPnCG8x1vFHjLWgqlnmEz2MVKxt/07NXNDAamU9JUfomAl11xr4emfDt5v03
kKSPVJ5J+JAiXE0VG8TO/JDQkkEnceE3UOhgFTlgD/Ml0Dz3hI30dQtnKQSrKm7t
XTH+UUUKou5sdsVNE41zNTwobwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFJAL1kXy
MSIgkW3txP/6hxtJrukJMB8GA1UdIwQYMBaAFEiJcFBiZO+W2B7BLmq9JW2zD9z6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTM2Qy83RTREODQ2MDM2
NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9TSWx3VUdKazc1YllIc0V1YXIwbGJiTVAz
UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NJbHdVR0prNzViWUhzRXVhcjBsYmJNUDNQby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTUzNkMvN0U0RDg0NjAzNjYwMTFFRTg4RTBGNTMwQzRGOUFFMDIvQTczQUY3Mzgz
NjYzMTFFRUIzNzZEQzNBQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAd27IMA0GCSqGSIb3DQEBCwUAA4IBAQA0sXNgtUhzmwlLW2LWBW/+
HVvYgA5u9UHJWSPnfQxXvqKpg/ddnbmK7MTKB/UxhUHQYKiBSiHukTzPZCyr68Df
ps3i035AKUL90pPYxtR8JCWX6Hp2fO5uVxvTp3gh9CuLe0C2J0qMTwAHbGMvEfeD
PR4BVyjIyTaAlF0GYJflnWvcQgJtvBWj8I553kVQsR1Yg8h+ATtEEdFYqBnKB3Od
696WSlMODaUyqw9UrOuOoiN3FkgvnrkDBK8WgIOo40rFzLBOeaW2VYS2CArPH97H
Lv6gcp4LBh9Yp/Scr38VhCYHj4RmV6yu32XhnDokFUXpdNZmsTmV4tbgYkn3txUB
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:20:19 2026 by rpki-client