Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/7BAB9AF01B3D11EE903BB536C4F9AE02.roa
File:                     7BAB9AF01B3D11EE903BB536C4F9AE02.roa (raw, json)
Hash identifier:          sI6tR4a2HYfJurDOPfrB4Umd60Gjw1lCZTz+9gBI5MI=
Subject key identifier:   4E:26:83:09:9A:03:93:1A:74:74:D3:81:C0:94:38:7A:31:E0:ED:7C
Certificate issuer:       /CN=A919EE77/serialNumber=B781A2E7D91EDCA8B030DE3EA89FA4FAF1791F21
Certificate serial:       0884
Authority key identifier: B7:81:A2:E7:D9:1E:DC:A8:B0:30:DE:3E:A8:9F:A4:FA:F1:79:1F:21
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/7BAB9AF01B3D11EE903BB536C4F9AE02.roa
Signing time:             Sat 04 Jul 2026 21:22:25 +0000
ROA not before:           Sat 04 Jul 2026 21:22:25 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     133448
IP address blocks:        119.42.33.0/24 maxlen: 24
                          119.42.35.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.crl
                          rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 21:09:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2180 (0x884)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EE77, serialNumber=B781A2E7D91EDCA8B030DE3EA89FA4FAF1791F21
        Validity
            Not Before: Jul  4 21:22:25 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a497991-d69d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b3:34:c7:7f:cf:df:59:07:f9:82:86:7c:40:
                    bf:4f:a8:1b:09:23:05:17:b3:4c:31:f4:bd:80:b1:
                    20:d6:3f:a5:0f:00:9a:6f:9b:af:39:7a:a1:04:3d:
                    bd:3c:1f:33:ff:99:f3:c7:f8:75:f0:cc:94:68:3c:
                    4c:e6:7f:68:a9:b7:d5:3c:5e:cf:51:7e:fb:59:03:
                    83:a3:0d:46:20:43:98:df:8a:68:00:d9:37:3f:9e:
                    42:c8:ea:b0:29:49:40:d9:63:64:0f:ce:57:51:40:
                    04:d8:cf:ab:5a:df:11:0a:e9:1c:77:df:5f:1e:03:
                    df:19:98:11:23:99:79:85:49:05:54:1b:11:42:35:
                    c0:36:a9:96:4a:8e:46:5d:77:47:cb:a0:cd:c6:79:
                    5e:cf:ed:a0:0b:36:28:a6:5d:89:33:dd:19:14:2f:
                    8e:a1:b0:5d:2c:93:23:1a:d9:2d:3b:43:d3:60:08:
                    82:0c:c3:c5:8a:81:58:5b:fa:c3:c7:b5:36:85:ce:
                    fc:82:f2:bc:75:85:a7:66:f9:2c:7c:94:a0:24:23:
                    75:c2:94:48:ae:30:be:da:b0:89:ce:a2:30:a6:8c:
                    f5:d6:7d:d1:d3:9e:09:cf:28:49:2a:c0:fd:db:bb:
                    87:cd:75:e4:e1:f1:c3:7c:b2:aa:82:25:d3:e8:2d:
                    ae:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:26:83:09:9A:03:93:1A:74:74:D3:81:C0:94:38:7A:31:E0:ED:7C
            X509v3 Authority Key Identifier:
                keyid:B7:81:A2:E7:D9:1E:DC:A8:B0:30:DE:3E:A8:9F:A4:FA:F1:79:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t4Gi59ke3KiwMN4-qJ-k-vF5HyE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EE77/D9BE07BA0CED11EBA7F1115BC4F9AE02/7BAB9AF01B3D11EE903BB536C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.42.33.0/24
                  119.42.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:8a:a3:3a:e6:2e:79:e4:20:81:ef:25:81:58:86:7d:b7:75:
         be:38:41:71:9a:0d:bd:aa:20:51:07:e7:2a:ae:52:c3:d0:57:
         9c:a9:85:f9:5f:23:f4:c2:8b:ee:03:fa:35:cd:71:34:47:4f:
         61:64:2a:f3:f1:f7:05:11:50:2b:1c:61:bb:a5:93:0d:9a:e1:
         ed:a6:8e:ca:4a:4a:10:4a:02:22:9d:f7:86:a7:c4:00:2b:3a:
         dd:22:db:17:99:2c:d4:e6:e8:87:93:98:97:fc:3d:40:fd:e6:
         e5:d3:95:bb:ae:9d:cb:ee:e6:de:83:4d:a2:64:6f:60:f3:9b:
         f0:04:a2:45:d1:96:46:5b:37:c4:96:96:21:4c:98:e0:6b:f8:
         25:7a:9f:9b:f9:2f:ce:22:ec:7c:48:3d:5b:c7:49:8b:2f:c4:
         94:5c:54:3a:64:40:5a:f9:8d:dc:f3:fb:62:01:10:5a:fe:b0:
         05:ea:a9:b5:9e:2e:59:1e:70:74:76:d4:dc:94:04:d1:03:2a:
         61:48:8e:0c:e2:0d:93:79:96:c1:e3:c7:74:7e:77:0c:16:13:
         92:f8:24:34:aa:88:13:44:70:a6:89:9b:60:72:5b:b9:61:66:
         b7:f2:c8:72:38:a8:33:31:52:4c:61:70:97:36:e4:14:2c:3e:
         ad:3f:cf:2d
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICCIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVFNzcxMTAvBgNVBAUTKEI3ODFBMkU3RDkxRURDQThCMDMwREUzRUE4OUZBNEZB
RjE3OTFGMjEwHhcNMjYwNzA0MjEyMjI1WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5Nzk5MS1kNjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLM0x3/P31kH+YKGfEC/T6gbCSMFF7NMMfS9gLEg1j+lDwCab5uvOXqhBD29
PB8z/5nzx/h18MyUaDxM5n9oqbfVPF7PUX77WQODow1GIEOY34poANk3P55CyOqw
KUlA2WNkD85XUUAE2M+rWt8RCukcd99fHgPfGZgRI5l5hUkFVBsRQjXANqmWSo5G
XXdHy6DNxnlez+2gCzYopl2JM90ZFC+OobBdLJMjGtktO0PTYAiCDMPFioFYW/rD
x7U2hc78gvK8dYWnZvksfJSgJCN1wpRIrjC+2rCJzqIwpoz11n3R054JzyhJKsD9
27uHzXXk4fHDfLKqgiXT6C2u4wIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFE4mgwma
A5MadHTTgcCUOHox4O18MB8GA1UdIwQYMBaAFLeBoufZHtyosDDePqifpPrxeR8h
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUU3Ny9EOUJFMDdCQTBD
RUQxMUVCQTdGMTExNUJDNEY5QUUwMi90NEdpNTlrZTNLaXdNTjQtcUotay12RjVI
eUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q0R2k1OWtlM0tpd01ONC1xSi1rLXZGNUh5RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVFNzcvRDlCRTA3QkEwQ0VEMTFFQkE3RjExMTVCQzRGOUFFMDIvN0JBQjlBRjAx
QjNEMTFFRTkwM0JCNTM2QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAdyohAwQAdyojMA0GCSqGSIb3DQEBCwUAA4IBAQBviqM65i555CCB
7yWBWIZ9t3W+OEFxmg29qiBRB+cqrlLD0FecqYX5XyP0wovuA/o1zXE0R09hZCrz
8fcFEVArHGG7pZMNmuHtpo7KSkoQSgIinfeGp8QAKzrdItsXmSzU5uiHk5iX/D1A
/ebl05W7rp3L7ubeg02iZG9g85vwBKJF0ZZGWzfElpYhTJjga/glep+b+S/OIux8
SD1bx0mLL8SUXFQ6ZEBa+Y3c8/tiARBa/rAF6qm1ni5ZHnB0dtTclATRAyphSI4M
4g2TeZbB48d0fncMFhOS+CQ0qogTRHCmiZtgclu5YWa38shyOKgzMVJMYXCXNuQU
LD6tP88t
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:27:46 2026 by rpki-client