Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/0B725F44496D11EF9F7F2116C4F9AE02.roa
File:                     0B725F44496D11EF9F7F2116C4F9AE02.roa (raw, json)
Hash identifier:          hxVPrb830azs0lN0PgHfZWp5ALPZT3k8NudZmcYdzUM=
Subject key identifier:   E3:12:C1:AD:0B:5F:62:F2:C6:1E:51:56:48:03:3E:54:61:35:F9:A8
Certificate issuer:       /CN=A91E1604/serialNumber=E2F17737B84C1F67869C03A47F8C419FD420016C
Certificate serial:       0182
Authority key identifier: E2:F1:77:37:B8:4C:1F:67:86:9C:03:A4:7F:8C:41:9F:D4:20:01:6C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/0B725F44496D11EF9F7F2116C4F9AE02.roa
Signing time:             Thu 09 Jul 2026 06:34:35 +0000
ROA not before:           Thu 09 Jul 2026 06:34:35 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     152919
IP address blocks:        2401:a8e0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl
                          rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 05:40:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 386 (0x182)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E1604, serialNumber=E2F17737B84C1F67869C03A47F8C419FD420016C
        Validity
            Not Before: Jul  9 06:34:35 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4f40fb-54ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f4:57:93:3a:28:42:c6:84:cd:fb:ed:e6:bf:
                    e9:32:25:30:34:1c:2c:89:3d:dc:59:00:bf:3f:fb:
                    c6:ad:15:9e:71:43:03:a8:bc:6f:17:aa:a2:00:ab:
                    1b:7e:2c:56:87:93:f5:1d:d6:e1:10:2f:0a:ac:51:
                    35:0e:88:b1:9a:38:0d:be:a6:4b:3a:25:95:87:81:
                    67:a5:9b:73:32:13:d7:d1:c3:cf:0b:a6:3a:f8:cd:
                    0d:0d:c1:78:38:e7:04:48:26:82:19:5d:80:9e:fe:
                    c0:dd:b0:79:f0:b7:ea:bc:55:f6:9c:ab:c4:74:c4:
                    6b:e2:aa:29:43:c5:40:5d:86:87:d0:58:e3:9f:b7:
                    20:f0:22:45:7f:e9:76:94:51:5e:32:5a:7b:8d:2e:
                    1a:7e:bb:3c:31:0f:c6:76:f5:c7:dc:0f:7d:4b:b4:
                    eb:d2:6e:55:7f:72:38:ea:c5:33:9c:ff:55:e7:b3:
                    d5:80:50:e4:13:a1:d8:42:06:80:97:c7:1b:30:26:
                    ad:ac:7a:10:64:70:ad:05:31:8d:15:f5:5b:f6:ef:
                    b2:83:39:2c:dc:b4:4d:97:11:06:09:9e:38:fc:94:
                    cb:5b:45:b4:dc:29:35:dd:1e:67:64:cf:6b:bb:bf:
                    09:91:e3:ae:b3:6e:b9:25:21:75:88:90:d4:22:87:
                    6e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:12:C1:AD:0B:5F:62:F2:C6:1E:51:56:48:03:3E:54:61:35:F9:A8
            X509v3 Authority Key Identifier:
                keyid:E2:F1:77:37:B8:4C:1F:67:86:9C:03:A4:7F:8C:41:9F:D4:20:01:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/0B725F44496D11EF9F7F2116C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:a8e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:25:e9:0b:f6:92:5a:2a:25:ef:35:44:ff:3a:57:51:a9:18:
         ba:38:27:1e:25:70:2f:44:2c:bb:75:da:24:f9:35:d9:e9:1c:
         09:a5:4c:42:91:b1:29:e2:83:b6:1e:83:c0:13:1b:a7:4d:1b:
         e8:03:aa:14:c1:4f:9c:2f:c3:b1:6a:75:f1:ce:e5:f5:2f:5f:
         2e:45:33:a6:82:dc:c5:d2:ff:5e:2f:65:0b:d5:ac:fd:dd:70:
         e1:46:b8:86:5d:63:2b:d1:fa:fb:04:9a:df:4c:f7:bd:dd:75:
         63:97:a0:2e:c2:f9:bf:36:0a:f9:5d:34:fa:92:f2:5f:b0:2d:
         4a:17:78:cf:8a:95:6f:22:a8:01:e1:cf:1c:5b:6d:1c:88:0b:
         10:f0:da:99:83:ba:97:7b:32:2a:98:cc:fb:fb:08:2d:44:49:
         33:b6:cd:d8:e5:c7:ac:c5:e9:23:96:af:fc:b6:a8:77:24:07:
         13:0b:f0:58:0a:2d:2a:f5:a8:47:41:bb:01:27:f4:6e:20:5c:
         31:df:21:d8:91:c0:59:51:d6:3a:25:0d:e7:a2:64:94:50:73:
         aa:3c:8d:87:50:46:a2:b4:50:c8:ab:6b:42:0f:0d:b0:e1:91:
         df:80:11:d4:85:08:16:93:8f:9d:ac:bd:4b:26:36:f7:56:59:
         08:b0:d9:68
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgICAYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTE2MDQxMTAvBgNVBAUTKEUyRjE3NzM3Qjg0QzFGNjc4NjlDMDNBNDdGOEM0MTlG
RDQyMDAxNkMwHhcNMjYwNzA5MDYzNDM1WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRmNDBmYi01NGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw/RXkzooQsaEzfvt5r/pMiUwNBwsiT3cWQC/P/vGrRWecUMDqLxvF6qiAKsb
fixWh5P1HdbhEC8KrFE1DoixmjgNvqZLOiWVh4FnpZtzMhPX0cPPC6Y6+M0NDcF4
OOcESCaCGV2Anv7A3bB58LfqvFX2nKvEdMRr4qopQ8VAXYaH0Fjjn7cg8CJFf+l2
lFFeMlp7jS4afrs8MQ/GdvXH3A99S7Tr0m5Vf3I46sUznP9V57PVgFDkE6HYQgaA
l8cbMCatrHoQZHCtBTGNFfVb9u+ygzks3LRNlxEGCZ44/JTLW0W03Ck13R5nZM9r
u78JkeOus265JSF1iJDUIoduTwIDAQABo4ICYTCCAl0wHQYDVR0OBBYEFOMSwa0L
X2Lyxh5RVkgDPlRhNfmoMB8GA1UdIwQYMBaAFOLxdze4TB9nhpwDpH+MQZ/UIAFs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTYwNC8xMjBDMkM3NDND
RUIxMUVGOTRFMjRGNTlDNEY5QUUwMi80dkYzTjdoTUgyZUduQU9rZjR4Qm45UWdB
V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR2RjNON2hNSDJlR25BT2tmNHhCbjlRZ0FXdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTE2MDQvMTIwQzJDNzQzQ0VCMTFFRjk0RTI0RjU5QzRGOUFFMDIvMEI3MjVGNDQ0
OTZEMTFFRjlGN0YyMTE2QzRGOUFFMDIucm9hMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAGo4DANBgkqhkiG9w0BAQsFAAOCAQEAGiXpC/aSWiol7zVE/zpX
UakYujgnHiVwL0Qsu3XaJPk12ekcCaVMQpGxKeKDth6DwBMbp00b6AOqFMFPnC/D
sWp18c7l9S9fLkUzpoLcxdL/Xi9lC9Ws/d1w4Ua4hl1jK9H6+wSa30z3vd11Y5eg
LsL5vzYK+V00+pLyX7AtShd4z4qVbyKoAeHPHFttHIgLEPDamYO6l3syKpjM+/sI
LURJM7bN2OXHrMXpI5av/LaodyQHEwvwWAotKvWoR0G7ASf0biBcMd8h2JHAWVHW
OiUN56JklFBzqjyNh1BGorRQyKtrQg8NsOGR34AR1IUIFpOPnay9SyY291ZZCLDZ
aA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:21:25 2026 by rpki-client