Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/F9722F8255C411E9A0FEF781C4F9AE02.roa
File:                     F9722F8255C411E9A0FEF781C4F9AE02.roa (raw, json)
Hash identifier:          Pj58dNaZu/U/JcWFr9d0FmcQsI/n3fUrfDxW8/v49HY=
Subject key identifier:   C4:9C:33:E4:A9:70:D5:65:27:C5:E0:05:8F:FD:93:7B:21:E1:9C:5C
Certificate issuer:       /CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A
Certificate serial:       2ADC
Authority key identifier: 9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/F9722F8255C411E9A0FEF781C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 15:11:58 +0000
ROA not before:           Tue 30 Jun 2026 15:11:58 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     7575
IP address blocks:        138.44.0.0/16 maxlen: 24
                          160.250.178.0/23 maxlen: 24
                          192.203.235.0/24 maxlen: 24
                          192.207.33.0/24 maxlen: 24
                          192.207.113.0/24 maxlen: 24
                          192.207.161.0/24 maxlen: 24
                          192.231.212.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl
                          rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 13 Jul 2026 14:24:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10972 (0x2adc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EF19E, serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A
        Validity
            Not Before: Jun 30 15:11:58 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a43dcbe-9e57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:a3:72:2a:d8:ff:07:60:04:b3:f9:ff:65:c7:
                    32:5a:b0:b6:eb:61:40:73:0a:2e:1a:6f:19:21:a8:
                    fb:fc:da:ac:c6:1e:52:32:95:41:68:7b:3b:f0:34:
                    5d:20:d6:cc:e5:42:a9:25:f0:32:fa:4a:93:54:35:
                    0a:41:db:f1:f5:1c:50:24:7e:d8:b0:60:d8:16:36:
                    ea:e2:03:7c:58:03:83:9a:6e:89:e6:5a:fa:75:b8:
                    85:0d:df:8c:ca:e2:42:41:9d:de:82:e3:93:59:5c:
                    23:2a:21:d3:f4:be:7c:28:03:a9:ec:89:af:f3:a9:
                    93:12:d2:00:4e:a9:2d:bc:3e:cd:85:1f:3b:85:23:
                    52:71:c6:46:08:66:e9:e6:8b:01:fc:5e:1e:c8:9a:
                    9f:3f:fa:a1:94:55:63:6d:2e:ac:55:53:2d:1c:9c:
                    4c:42:fa:57:2c:0d:48:8a:6c:6d:a3:d4:45:cb:75:
                    d8:4c:c3:b0:66:00:c1:a8:62:15:70:1e:f5:a5:92:
                    b0:f8:2a:3b:86:a7:f2:61:8a:ad:0c:85:fe:c0:b0:
                    ac:4d:0e:11:22:c2:f0:13:7c:3c:b4:a7:fa:19:6c:
                    8c:8d:9b:10:dc:64:65:f8:b6:9b:49:c4:a5:2d:a9:
                    ef:45:d7:19:82:70:45:09:a5:e6:ae:28:07:82:2a:
                    23:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:9C:33:E4:A9:70:D5:65:27:C5:E0:05:8F:FD:93:7B:21:E1:9C:5C
            X509v3 Authority Key Identifier:
                keyid:9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/F9722F8255C411E9A0FEF781C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.44.0.0/16
                  160.250.178.0/23
                  192.203.235.0/24
                  192.207.33.0/24
                  192.207.113.0/24
                  192.207.161.0/24
                  192.231.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:f1:70:33:a3:41:9a:87:d3:5c:0f:37:51:2a:c0:cb:04:2b:
         43:a9:7d:da:f3:d0:8e:45:36:8a:14:2c:c7:27:65:c7:ef:f4:
         11:4f:d4:ce:6a:7f:92:b6:91:d8:db:9e:9b:38:b3:00:15:08:
         78:27:b3:98:f8:5f:5d:09:10:b0:66:fa:8e:a5:8c:05:78:e7:
         5c:dc:c7:0b:80:4a:2b:23:cd:6f:7d:5b:2c:37:f7:06:be:09:
         a2:c2:79:77:88:7f:30:21:39:f6:b0:dc:09:ab:bb:ae:24:fa:
         0c:28:85:be:7c:42:30:01:a4:2c:5e:2a:35:88:6d:cc:d0:52:
         b1:84:38:da:1a:2d:01:d4:f0:9b:57:b9:88:55:7a:58:67:87:
         22:48:f5:c9:d4:04:ee:d7:1b:ce:f8:53:54:6c:75:77:21:9f:
         4f:6c:52:c4:96:13:ba:58:92:96:39:4f:45:a6:0b:c5:d0:24:
         95:12:f5:9d:39:83:d9:fb:81:88:5b:20:01:2f:8b:82:ae:5d:
         57:1e:75:f4:77:c9:17:88:4a:08:e6:80:07:82:20:12:e1:1f:
         37:09:23:1d:79:d6:69:3b:21:0e:c2:50:53:b4:60:c1:8c:a6:
         e7:42:6c:bd:a4:f7:5e:79:23:db:62:a4:be:28:3a:58:21:6f:
         3b:82:95:19
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgICKtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYxOUUxMTAvBgNVBAUTKDlFMUYxOUE3RTE4RDhCQ0VEMjNFRjJFREFCMTlFODU0
MzhFN0YwOEEwHhcNMjYwNjMwMTUxMTU4WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQzZGNiZS05ZTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8KNyKtj/B2AEs/n/ZccyWrC262FAcwouGm8ZIaj7/Nqsxh5SMpVBaHs78DRd
INbM5UKpJfAy+kqTVDUKQdvx9RxQJH7YsGDYFjbq4gN8WAODmm6J5lr6dbiFDd+M
yuJCQZ3eguOTWVwjKiHT9L58KAOp7Imv86mTEtIATqktvD7NhR87hSNSccZGCGbp
5osB/F4eyJqfP/qhlFVjbS6sVVMtHJxMQvpXLA1Iimxto9RFy3XYTMOwZgDBqGIV
cB71pZKw+Co7hqfyYYqtDIX+wLCsTQ4RIsLwE3w8tKf6GWyMjZsQ3GRl+LabScSl
LanvRdcZgnBFCaXmrigHgiojKwIDAQABo4ICgzCCAn8wHQYDVR0OBBYEFMScM+Sp
cNVlJ8XgBY/9k3sh4ZxcMB8GA1UdIwQYMBaAFJ4fGafhjYvO0j7y7asZ6FQ45/CK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS9BOTNFOTkzRTM0
MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4N1NQdkx0cXhub1ZEam44
SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL25oOFpwLUdOaTg3U1B2THRxeG5vVkRqbjhJby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYxOUUvQTkzRTk5M0UzNDBEMTFFNDlFQzk4MTYzQzRGOUFFMDIvRjk3MjJGODI1
NUM0MTFFOUEwRkVGNzgxQzRGOUFFMDIucm9hMEIGCCsGAQUFBwEHAQH/BDMwMTAv
BAIAATApAwMAiiwDBAGg+rIDBADAy+sDBADAzyEDBADAz3EDBADAz6EDBADA59Qw
DQYJKoZIhvcNAQELBQADggEBAJbxcDOjQZqH01wPN1EqwMsEK0Opfdrz0I5FNooU
LMcnZcfv9BFP1M5qf5K2kdjbnps4swAVCHgns5j4X10JELBm+o6ljAV451zcxwuA
SisjzW99Wyw39wa+CaLCeXeIfzAhOfaw3Amru64k+gwohb58QjABpCxeKjWIbczQ
UrGEONoaLQHU8JtXuYhVelhnhyJI9cnUBO7XG874U1RsdXchn09sUsSWE7pYkpY5
T0WmC8XQJJUS9Z05g9n7gYhbIAEvi4KuXVcedfR3yReISgjmgAeCIBLhHzcJIx15
1mk7IQ7CUFO0YMGMpudCbL2k9155I9tipL4oOlghbzuClRk=
-----END CERTIFICATE-----
Generated at Mon Jul 6 23:16:13 2026 by rpki-client