Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F06A/F1A9BABC33A411EBAC54852EC4F9AE02/7D232E6033A611EB8B013530C4F9AE02.roa
File:                     7D232E6033A611EB8B013530C4F9AE02.roa (raw, json)
Hash identifier:          +yS7DwxlUPtJ72oZ+pxDKeWkTtpNKShZnq0dZGu2CI8=
Subject key identifier:   53:A0:97:56:C6:3F:B4:EC:7F:16:77:83:BD:8D:CD:48:7F:41:BA:00
Certificate issuer:       /CN=A919F06A/serialNumber=BCB80DE44705CFC4F83978590C9F3FC2E2C2F852
Certificate serial:       0827
Authority key identifier: BC:B8:0D:E4:47:05:CF:C4:F8:39:78:59:0C:9F:3F:C2:E2:C2:F8:52
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vLgN5EcFz8T4OXhZDJ8_wuLC-FI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F06A/F1A9BABC33A411EBAC54852EC4F9AE02/7D232E6033A611EB8B013530C4F9AE02.roa
Signing time:             Thu 02 Jul 2026 22:22:56 +0000
ROA not before:           Thu 02 Jul 2026 22:22:56 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     2497
IP address blocks:        149.234.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919F06A/F1A9BABC33A411EBAC54852EC4F9AE02/vLgN5EcFz8T4OXhZDJ8_wuLC-FI.crl
                          rsync://rpki.apnic.net/member_repository/A919F06A/F1A9BABC33A411EBAC54852EC4F9AE02/vLgN5EcFz8T4OXhZDJ8_wuLC-FI.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vLgN5EcFz8T4OXhZDJ8_wuLC-FI.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 21:28:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2087 (0x827)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F06A, serialNumber=BCB80DE44705CFC4F83978590C9F3FC2E2C2F852
        Validity
            Not Before: Jul  2 22:22:56 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a46e4c0-b6f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fd:15:f4:03:22:0f:28:57:a4:73:67:c1:65:
                    53:a2:1d:e4:a9:eb:78:08:18:fd:99:ff:1e:56:c0:
                    fe:79:f1:e3:cb:10:3a:b3:72:ab:a5:ee:66:d9:85:
                    5d:0a:24:2f:8d:ce:9e:2c:cb:87:f1:52:77:be:39:
                    80:42:f7:ca:8e:99:ee:f7:0f:73:f1:0e:12:29:da:
                    29:3e:c8:e2:2d:2f:19:d3:55:b8:c0:fe:1c:e8:f1:
                    b0:2b:f6:be:6f:e4:43:9c:1e:4d:ca:bd:d3:5c:df:
                    60:55:ae:d0:2f:5e:c3:80:1a:95:91:9f:4b:8b:61:
                    f6:10:7c:b7:f3:86:52:2a:47:01:49:4c:92:52:ca:
                    f6:89:c6:d4:33:8e:1d:b3:10:fc:59:2d:9c:1b:cd:
                    68:0e:97:76:4d:bf:6d:89:a9:fd:ba:3e:b0:e7:0f:
                    9b:44:47:60:9b:4b:56:3f:e8:54:a6:a5:da:5f:42:
                    83:bb:d0:43:2d:24:9d:72:23:e0:9c:f4:38:6d:8f:
                    69:20:9d:b4:b7:f7:ab:1a:64:86:3d:dc:96:74:2c:
                    d5:8e:fc:ac:6d:aa:f8:a3:36:ae:1d:00:1f:96:db:
                    69:f6:24:e8:65:81:19:a1:f3:50:dc:81:68:76:63:
                    29:7a:1c:5d:47:dc:c1:c8:56:a5:3e:12:c6:ce:30:
                    02:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:A0:97:56:C6:3F:B4:EC:7F:16:77:83:BD:8D:CD:48:7F:41:BA:00
            X509v3 Authority Key Identifier:
                keyid:BC:B8:0D:E4:47:05:CF:C4:F8:39:78:59:0C:9F:3F:C2:E2:C2:F8:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F06A/F1A9BABC33A411EBAC54852EC4F9AE02/vLgN5EcFz8T4OXhZDJ8_wuLC-FI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vLgN5EcFz8T4OXhZDJ8_wuLC-FI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F06A/F1A9BABC33A411EBAC54852EC4F9AE02/7D232E6033A611EB8B013530C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.234.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:91:41:cc:25:e2:f0:2c:45:e6:85:12:f7:7a:8c:a3:1e:d0:
         4e:40:46:f5:6c:83:e9:29:7c:b7:64:38:3a:7b:e5:9a:b2:47:
         1c:b0:7e:b7:c4:d4:8b:f0:ca:35:75:0e:91:4e:d9:5d:43:6c:
         9e:67:41:9a:9e:54:2e:0c:90:52:8c:63:cd:40:59:45:64:61:
         e7:09:24:20:df:e5:9b:29:a9:46:0b:73:32:7e:cc:f8:40:6d:
         cf:a7:01:9c:88:af:81:7b:ed:cd:a4:5b:d8:a0:64:2c:5f:c6:
         c1:b3:a8:5a:62:f8:81:bc:66:67:6e:b6:27:49:d0:41:67:98:
         d4:83:27:ad:49:e2:12:4c:3c:a2:ab:46:a0:38:36:0b:c7:8c:
         79:cb:b2:69:13:01:9b:ec:80:c8:a8:54:31:d4:79:d8:51:8e:
         38:f1:9b:8f:b0:a7:ef:e9:07:66:fb:96:cc:52:de:b4:24:b7:
         83:ae:1f:f4:f4:b6:01:a7:6a:65:7e:1c:e0:ab:84:49:47:b4:
         71:1f:09:53:cb:e9:05:f9:0a:6c:62:da:4c:17:8e:bf:d9:ec:
         75:39:79:10:a3:01:d4:e8:0d:53:da:06:a9:1b:90:1c:c6:d1:
         27:37:30:e4:5f:70:e8:48:24:1d:67:4a:8d:c4:7d:08:f9:a9:
         a8:d2:07:bc
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICCCcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwNkExMTAvBgNVBAUTKEJDQjgwREU0NDcwNUNGQzRGODM5Nzg1OTBDOUYzRkMy
RTJDMkY4NTIwHhcNMjYwNzAyMjIyMjU2WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ2ZTRjMC1iNmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx/0V9AMiDyhXpHNnwWVToh3kqet4CBj9mf8eVsD+efHjyxA6s3Krpe5m2YVd
CiQvjc6eLMuH8VJ3vjmAQvfKjpnu9w9z8Q4SKdopPsjiLS8Z01W4wP4c6PGwK/a+
b+RDnB5Nyr3TXN9gVa7QL17DgBqVkZ9Li2H2EHy384ZSKkcBSUySUsr2icbUM44d
sxD8WS2cG81oDpd2Tb9tian9uj6w5w+bREdgm0tWP+hUpqXaX0KDu9BDLSSdciPg
nPQ4bY9pIJ20t/erGmSGPdyWdCzVjvysbar4ozauHQAflttp9iToZYEZofNQ3IFo
dmMpehxdR9zByFalPhLGzjACzwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFFOgl1bG
P7TsfxZ3g72NzUh/QboAMB8GA1UdIwQYMBaAFLy4DeRHBc/E+Dl4WQyfP8LiwvhS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjA2QS9GMUE5QkFCQzMz
QTQxMUVCQUM1NDg1MkVDNEY5QUUwMi92TGdONUVjRno4VDRPWGhaREo4X3d1TEMt
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZMZ041RWNGejhUNE9YaFpESjhfd3VMQy1GSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwNkEvRjFBOUJBQkMzM0E0MTFFQkFDNTQ4NTJFQzRGOUFFMDIvN0QyMzJFNjAz
M0E2MTFFQjhCMDEzNTMwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAleq8MA0GCSqGSIb3DQEBCwUAA4IBAQBpkUHMJeLwLEXmhRL3eoyj
HtBOQEb1bIPpKXy3ZDg6e+WaskccsH63xNSL8Mo1dQ6RTtldQ2yeZ0GanlQuDJBS
jGPNQFlFZGHnCSQg3+WbKalGC3Myfsz4QG3PpwGciK+Be+3NpFvYoGQsX8bBs6ha
YviBvGZnbrYnSdBBZ5jUgyetSeISTDyiq0agODYLx4x5y7JpEwGb7IDIqFQx1HnY
UY448ZuPsKfv6Qdm+5bMUt60JLeDrh/09LYBp2plfhzgq4RJR7RxHwlTy+kF+Qps
YtpMF46/2ex1OXkQowHU6A1T2gapG5AcxtEnNzDkX3DoSCQdZ0qNxH0I+amo0ge8
-----END CERTIFICATE-----
Generated at Mon Jul 6 22:12:26 2026 by rpki-client