Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/8C1F014E911411EF84279055C4F9AE02.roa
File:                     8C1F014E911411EF84279055C4F9AE02.roa (raw, json)
Hash identifier:          s6vSkxLA2BmYKE9MQCxEAZSPb/w8Cy/hDqrNsJ/5JFs=
Subject key identifier:   56:28:9F:CD:75:54:87:2F:77:C6:30:36:42:E2:C9:C1:C3:B2:A8:87
Certificate issuer:       /CN=A913F6DE/serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
Certificate serial:       0C26
Authority key identifier: 5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/8C1F014E911411EF84279055C4F9AE02.roa
Signing time:             Tue 08 Jul 2025 19:28:46 +0000
ROA not before:           Tue 08 Jul 2025 19:28:46 +0000
ROA not after:            Wed 30 Sep 2026 00:00:00 +0000
asID:                     131464
IP address blocks:        103.69.148.0/22 maxlen: 22
                          103.69.148.0/23 maxlen: 23
                          103.69.148.0/24 maxlen: 24
                          103.69.149.0/24 maxlen: 24
                          103.69.150.0/23 maxlen: 23
                          103.69.150.0/24 maxlen: 24
                          103.69.151.0/24 maxlen: 24
                          180.149.232.0/22 maxlen: 22
                          180.149.232.0/23 maxlen: 23
                          180.149.232.0/24 maxlen: 24
                          180.149.233.0/24 maxlen: 24
                          180.149.234.0/23 maxlen: 23
                          180.149.234.0/24 maxlen: 24
                          180.149.235.0/24 maxlen: 24
                          2405:f280::/32 maxlen: 32
                          2405:f280::/33 maxlen: 33
                          2405:f280::/34 maxlen: 34
                          2405:f280::/35 maxlen: 35
                          2405:f280::/36 maxlen: 36
                          2405:f280:1::/48 maxlen: 48
                          2405:f280:3::/48 maxlen: 48
                          2405:f280:14::/48 maxlen: 48
                          2405:f280:34::/48 maxlen: 48
                          2405:f280:5c::/48 maxlen: 48
                          2405:f280:192::/48 maxlen: 48
                          2405:f280:1000::/36 maxlen: 36
                          2405:f280:1000::/48 maxlen: 48
                          2405:f280:1001::/48 maxlen: 48
                          2405:f280:1038::/48 maxlen: 48
                          2405:f280:1039::/48 maxlen: 48
                          2405:f280:2000::/35 maxlen: 35
                          2405:f280:2000::/36 maxlen: 36
                          2405:f280:3000::/36 maxlen: 36
                          2405:f280:4000::/34 maxlen: 34
                          2405:f280:4000::/35 maxlen: 35
                          2405:f280:4000::/36 maxlen: 36
                          2405:f280:5000::/36 maxlen: 36
                          2405:f280:6000::/35 maxlen: 35
                          2405:f280:6000::/36 maxlen: 36
                          2405:f280:7000::/36 maxlen: 36
                          2405:f280:8000::/33 maxlen: 33
                          2405:f280:8000::/34 maxlen: 34
                          2405:f280:8000::/35 maxlen: 35
                          2405:f280:8000::/36 maxlen: 36
                          2405:f280:9000::/36 maxlen: 36
                          2405:f280:9000::/48 maxlen: 48
                          2405:f280:9001::/48 maxlen: 48
                          2405:f280:a000::/35 maxlen: 35
                          2405:f280:a000::/36 maxlen: 36
                          2405:f280:b000::/36 maxlen: 36
                          2405:f280:c000::/34 maxlen: 34
                          2405:f280:c000::/35 maxlen: 35
                          2405:f280:c000::/36 maxlen: 36
                          2405:f280:c000::/48 maxlen: 48
                          2405:f280:d000::/36 maxlen: 36
                          2405:f280:e000::/35 maxlen: 35
                          2405:f280:e000::/36 maxlen: 36
                          2405:f280:e000::/48 maxlen: 48
                          2405:f280:e004::/48 maxlen: 48
                          2405:f280:e005::/48 maxlen: 48
                          2405:f280:e006::/48 maxlen: 48
                          2405:f280:e007::/48 maxlen: 48
                          2405:f280:e008::/48 maxlen: 48
                          2405:f280:e009::/48 maxlen: 48
                          2405:f280:e00a::/48 maxlen: 48
                          2405:f280:e00b::/48 maxlen: 48
                          2405:f280:e00c::/48 maxlen: 48
                          2405:f280:e00d::/48 maxlen: 48
                          2405:f280:e034::/48 maxlen: 48
                          2405:f280:ef00::/48 maxlen: 48
                          2405:f280:f000::/36 maxlen: 36
                          2405:f280:ff00::/40 maxlen: 40
                          2405:f280:ff00::/48 maxlen: 48
                          2405:f280:ff01::/48 maxlen: 48
                          2405:f280:ff02::/48 maxlen: 48
                          2405:f280:ff03::/48 maxlen: 48
                          2405:f280:ff04::/48 maxlen: 48
                          2405:f280:ff05::/48 maxlen: 48
                          2405:f280:ff06::/48 maxlen: 48
                          2405:f280:ff07::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl
                          rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 18:58:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3110 (0xc26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913F6DE, serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
        Validity
            Not Before: Jul  8 19:28:46 2025 GMT
            Not After : Sep 30 00:00:00 2026 GMT
        Subject: CN=686d716e-82c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:df:3d:cd:54:b6:93:74:6f:ca:06:29:ab:23:
                    52:8d:73:8a:0b:56:42:1e:74:33:b3:e3:6e:e9:63:
                    31:ff:9e:b3:32:82:a4:4c:57:73:c4:df:66:aa:f3:
                    e4:85:0b:69:8a:95:d1:08:4d:10:ff:c3:c0:7b:7a:
                    14:8b:2d:10:23:85:80:56:80:3e:e5:3e:c2:c5:d5:
                    b5:cf:8f:e1:25:eb:3d:3f:fe:bf:7a:dc:d1:70:25:
                    d5:d0:5c:c2:e5:6c:0e:0c:24:2d:99:74:d7:a4:ec:
                    54:19:9a:cb:13:96:69:de:ee:1f:9f:7e:b5:32:b3:
                    46:71:0f:fe:01:36:d0:6f:42:82:f6:51:e2:02:16:
                    f9:06:20:6e:63:9a:df:a5:50:3f:92:90:dc:11:a3:
                    ee:f5:30:e0:b2:6b:bd:a3:38:f8:86:19:b2:0c:eb:
                    61:93:3e:9f:0f:3b:23:3c:df:78:d9:e0:d8:67:23:
                    9a:8a:6b:81:75:47:fc:c8:64:35:ed:67:64:6e:53:
                    f3:96:15:47:0d:a3:50:4e:73:b6:df:08:d1:10:29:
                    fc:8f:cf:ba:96:f4:02:af:6c:c8:8f:de:9c:dd:97:
                    c4:c9:f2:5b:bc:59:7b:ba:39:0a:a1:40:28:d4:22:
                    fe:a2:f3:3c:46:c6:00:a1:2d:0d:30:e7:a4:7f:37:
                    36:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:28:9F:CD:75:54:87:2F:77:C6:30:36:42:E2:C9:C1:C3:B2:A8:87
            X509v3 Authority Key Identifier:
                keyid:5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/8C1F014E911411EF84279055C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.148.0/22
                  180.149.232.0/22
                IPv6:
                  2405:f280::/32

    Signature Algorithm: sha256WithRSAEncryption
         57:a5:7a:f4:cc:6c:f0:72:1b:9a:19:35:5c:60:27:64:6a:aa:
         a6:a7:f3:d2:5c:80:15:1e:e4:72:05:ea:26:a1:ff:39:54:84:
         c5:5d:35:42:42:5f:6b:4c:f2:a2:dc:5a:a1:a2:97:8b:7c:9e:
         fa:d0:a5:a2:82:b2:fe:0b:87:9d:5f:d3:7b:69:f3:06:2e:d4:
         67:6a:2b:4f:50:01:39:ef:0d:02:07:87:94:f2:08:df:48:62:
         d4:46:68:f1:ff:09:83:89:f6:51:04:cf:19:bb:39:83:c8:ea:
         af:6b:f7:a5:1e:75:2d:6b:85:11:c7:54:52:29:a2:a2:fd:ae:
         f4:03:57:e9:a0:01:ed:e3:bc:79:aa:e6:ae:14:01:1f:a3:e6:
         24:f9:ec:a2:aa:f5:7e:76:dd:4b:3f:f9:ae:34:30:3f:c9:7e:
         48:55:87:ab:2b:0b:f1:31:a7:02:69:dd:d3:5f:7c:2b:f5:3f:
         91:3e:c9:71:3f:42:dc:63:bd:42:9e:89:38:be:53:65:cf:68:
         78:c6:56:17:d5:97:e9:cf:fa:9c:65:e4:c6:14:68:96:88:77:
         2b:be:8f:6b:ee:29:54:08:f0:1a:1c:bd:0d:e2:37:cd:c6:da:
         35:b3:cb:d2:d8:63:40:59:8e:fc:2a:06:46:2e:ff:3d:e6:99:
         d1:c0:d5:8e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDCYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y2REUxMTAvBgNVBAUTKDVENDI4NjgyRTg5RTlGRUQ5NjJCRTlDNDQzMkIzNEM0
NUUyRTA5QzkwHhcNMjUwNzA4MTkyODQ2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZkNzE2ZS04MmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz989zVS2k3RvygYpqyNSjXOKC1ZCHnQzs+Nu6WMx/56zMoKkTFdzxN9mqvPk
hQtpipXRCE0Q/8PAe3oUiy0QI4WAVoA+5T7CxdW1z4/hJes9P/6/etzRcCXV0FzC
5WwODCQtmXTXpOxUGZrLE5Zp3u4fn361MrNGcQ/+ATbQb0KC9lHiAhb5BiBuY5rf
pVA/kpDcEaPu9TDgsmu9ozj4hhmyDOthkz6fDzsjPN942eDYZyOaimuBdUf8yGQ1
7WdkblPzlhVHDaNQTnO23wjRECn8j8+6lvQCr2zIj96c3ZfEyfJbvFl7ujkKoUAo
1CL+ovM8RsYAoS0NMOekfzc2YQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFYon811
VIcvd8YwNkLiycHDsqiHMB8GA1UdIwQYMBaAFF1ChoLonp/tlivpxEMrNMReLgnJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjZERS84N0FBRTc0QTFC
M0ExMUVBQjRDREM2NTlDNEY5QUUwMi9YVUtHZ3VpZW4tMldLLW5FUXlzMHhGNHVD
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hVS0dndWllbi0yV0stbkVReXMweEY0dUNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y2REUvODdBQUU3NEExQjNBMTFFQUI0Q0RDNjU5QzRGOUFFMDIvOEMxRjAxNEU5
MTE0MTFFRjg0Mjc5MDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnRZQDBAK0legwDQQCAAIwBwMFACQF8oAwDQYJKoZIhvcN
AQELBQADggEBAFelevTMbPByG5oZNVxgJ2Rqqqan89JcgBUe5HIF6iah/zlUhMVd
NUJCX2tM8qLcWqGil4t8nvrQpaKCsv4Lh51f03tp8wYu1GdqK09QATnvDQIHh5Ty
CN9IYtRGaPH/CYOJ9lEEzxm7OYPI6q9r96UedS1rhRHHVFIpoqL9rvQDV+mgAe3j
vHmq5q4UAR+j5iT57KKq9X523Us/+a40MD/JfkhVh6srC/ExpwJp3dNffCv1P5E+
yXE/QtxjvUKeiTi+U2XPaHjGVhfVl+nP+pxl5MYUaJaIdyu+j2vuKVQI8BocvQ3i
N83G2jWzy9LYY0BZjvwqBkYu/z3mmdHA1Y4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:22 2025 by rpki-client