Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9110795/992969FAE6AE11E7800A7C63C4F9AE02/F439D662AAAE11E8B3984735C4F9AE02.roa
File:                     F439D662AAAE11E8B3984735C4F9AE02.roa (raw, json)
Hash identifier:          qgEM8tgcBEY4om6MtgXnx1pYzFwPcAM4LBil0v/++zg=
Subject key identifier:   76:D1:C7:AF:20:08:34:B9:29:02:5F:44:22:8E:72:01:E6:09:8C:1D
Certificate issuer:       /CN=A9110795/serialNumber=870AE59A4B38DAFC6A31ABE329CCF878FDF72A8C
Certificate serial:       180F
Authority key identifier: 87:0A:E5:9A:4B:38:DA:FC:6A:31:AB:E3:29:CC:F8:78:FD:F7:2A:8C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwrlmks42vxqMavjKcz4eP33Kow.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9110795/992969FAE6AE11E7800A7C63C4F9AE02/F439D662AAAE11E8B3984735C4F9AE02.roa
Signing time:             Thu 02 Jul 2026 17:17:13 +0000
ROA not before:           Thu 02 Jul 2026 17:17:13 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     138156
IP address blocks:        103.91.206.0/24 maxlen: 24
                          103.91.207.0/24 maxlen: 24
                          2401:1240:206::/48 maxlen: 48
                          2401:1240:207::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9110795/992969FAE6AE11E7800A7C63C4F9AE02/hwrlmks42vxqMavjKcz4eP33Kow.crl
                          rsync://rpki.apnic.net/member_repository/A9110795/992969FAE6AE11E7800A7C63C4F9AE02/hwrlmks42vxqMavjKcz4eP33Kow.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwrlmks42vxqMavjKcz4eP33Kow.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 16:36:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6159 (0x180f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9110795, serialNumber=870AE59A4B38DAFC6A31ABE329CCF878FDF72A8C
        Validity
            Not Before: Jul  2 17:17:13 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=6a469d18-ad0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b1:be:3c:89:23:32:70:66:7f:ba:45:70:2e:
                    41:3a:42:4c:19:00:13:71:d7:43:74:83:ff:2b:3a:
                    5e:84:0e:9c:0a:a7:37:f4:4b:5a:2a:7d:cd:fb:4b:
                    48:10:30:9e:3d:88:2c:00:eb:50:f9:c2:a9:12:d3:
                    d1:30:63:bb:08:02:68:56:0a:ba:ea:cd:b3:b4:8e:
                    f3:98:ed:73:44:b7:ea:92:7a:af:8d:5d:43:72:5a:
                    f5:f6:a4:94:dd:67:24:d9:6c:75:1d:46:97:fa:9e:
                    08:83:33:8e:b9:27:2c:d3:be:b7:8b:d2:d6:41:30:
                    f7:45:0e:42:72:29:5f:88:2f:cd:47:12:24:1d:ae:
                    35:18:e4:56:d3:e2:b4:9f:d4:2a:f7:17:70:b8:dd:
                    0f:92:d3:57:bf:e5:36:2e:ff:26:bd:c2:42:95:d4:
                    8f:00:61:6c:5f:30:a7:19:81:30:bb:a1:32:7b:40:
                    a2:8e:b5:ad:65:fb:81:4d:c5:87:1a:97:2d:09:ab:
                    66:eb:95:d8:4e:43:07:84:f3:cb:e4:33:54:0c:d7:
                    62:34:76:4e:c9:6b:34:44:f9:f9:b8:a3:3d:d9:19:
                    72:ba:91:21:42:ad:39:ea:4d:ee:d6:be:cf:f9:37:
                    2b:f9:fa:89:22:57:7f:ad:a8:da:ca:85:ba:20:94:
                    16:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D1:C7:AF:20:08:34:B9:29:02:5F:44:22:8E:72:01:E6:09:8C:1D
            X509v3 Authority Key Identifier:
                keyid:87:0A:E5:9A:4B:38:DA:FC:6A:31:AB:E3:29:CC:F8:78:FD:F7:2A:8C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9110795/992969FAE6AE11E7800A7C63C4F9AE02/hwrlmks42vxqMavjKcz4eP33Kow.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwrlmks42vxqMavjKcz4eP33Kow.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110795/992969FAE6AE11E7800A7C63C4F9AE02/F439D662AAAE11E8B3984735C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.91.206.0/23
                IPv6:
                  2401:1240:206::/47

    Signature Algorithm: sha256WithRSAEncryption
         a2:c4:ac:26:15:61:78:8c:60:51:dd:83:32:a2:dd:05:22:29:
         ad:d4:7e:a5:f1:32:a7:ca:8e:a7:24:c1:d0:d1:f3:29:69:5d:
         b2:db:b1:b4:88:18:3f:f2:fc:dd:ca:68:e1:f8:a9:bc:75:7c:
         3c:fe:6b:8a:05:75:16:64:fc:f1:c0:51:e2:7d:50:70:fe:87:
         e7:23:42:21:7b:36:9d:ff:95:d5:bb:6d:3c:2e:4d:0f:95:0b:
         32:48:7c:f4:f8:0a:4b:2e:8c:ff:88:d0:cb:e7:92:cc:a7:a9:
         c1:52:42:27:fe:ad:9a:40:bd:29:c9:35:b5:d3:96:44:67:13:
         84:09:4b:b9:67:20:f4:4d:35:ff:4e:d9:23:41:74:3e:b9:72:
         65:3c:9d:a5:30:f5:95:29:6c:2d:77:3e:82:56:e7:72:21:01:
         d9:7a:19:0a:94:67:8d:e2:8c:a4:ec:4d:2f:e9:4a:1d:5e:a8:
         3b:95:2f:2f:cc:e0:23:64:11:59:50:41:07:88:53:3a:4a:36:
         5d:fc:57:18:b5:23:c8:b6:d8:ed:08:67:24:96:be:e4:7c:7b:
         c4:48:d8:f1:e6:36:b6:b7:25:d9:b9:7d:1d:ef:16:e0:63:2b:
         a1:4e:5d:07:28:77:4a:11:29:85:83:40:98:87:bd:11:3b:c5:
         c0:ce:5d:e1
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICGA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTA3OTUxMTAvBgNVBAUTKDg3MEFFNTlBNEIzOERBRkM2QTMxQUJFMzI5Q0NGODc4
RkRGNzJBOEMwHhcNMjYwNzAyMTcxNzEzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ2OWQxOC1hZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr7G+PIkjMnBmf7pFcC5BOkJMGQATcddDdIP/KzpehA6cCqc39EtaKn3N+0tI
EDCePYgsAOtQ+cKpEtPRMGO7CAJoVgq66s2ztI7zmO1zRLfqknqvjV1Dclr19qSU
3Wck2Wx1HUaX+p4IgzOOuScs0763i9LWQTD3RQ5CcilfiC/NRxIkHa41GORW0+K0
n9Qq9xdwuN0PktNXv+U2Lv8mvcJCldSPAGFsXzCnGYEwu6Eye0CijrWtZfuBTcWH
GpctCatm65XYTkMHhPPL5DNUDNdiNHZOyWs0RPn5uKM92RlyupEhQq056k3u1r7P
+Tcr+fqJIld/rajayoW6IJQWywIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFHbRx68g
CDS5KQJfRCKOcgHmCYwdMB8GA1UdIwQYMBaAFIcK5ZpLONr8ajGr4ynM+Hj99yqM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMDc5NS85OTI5NjlGQUU2
QUUxMUU3ODAwQTdDNjNDNEY5QUUwMi9od3JsbWtzNDJ2eHFNYXZqS2N6NGVQMzNL
b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h3cmxta3M0MnZ4cU1hdmpLY3o0ZVAzM0tvdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTA3OTUvOTkyOTY5RkFFNkFFMTFFNzgwMEE3QzYzQzRGOUFFMDIvRjQzOUQ2NjJB
QUFFMTFFOEIzOTg0NzM1QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQBZ1vOMA8EAgACMAkDBwEkARJAAgYwDQYJKoZIhvcNAQELBQADggEB
AKLErCYVYXiMYFHdgzKi3QUiKa3UfqXxMqfKjqckwdDR8ylpXbLbsbSIGD/y/N3K
aOH4qbx1fDz+a4oFdRZk/PHAUeJ9UHD+h+cjQiF7Np3/ldW7bTwuTQ+VCzJIfPT4
CksujP+I0MvnksynqcFSQif+rZpAvSnJNbXTlkRnE4QJS7lnIPRNNf9O2SNBdD65
cmU8naUw9ZUpbC13PoJW53IhAdl6GQqUZ43ijKTsTS/pSh1eqDuVLy/M4CNkEVlQ
QQeIUzpKNl38Vxi1I8i22O0IZySWvuR8e8RI2PHmNra3Jdm5fR3vFuBjK6FOXQco
d0oRKYWDQJiHvRE7xcDOXeE=
-----END CERTIFICATE-----
Generated at Fri Jul 17 12:18:29 2026 by rpki-client