Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9114382/44B5FA1C0AC011F0B58F8247C4F9AE02/59136C26FFB911F09F6B6297696F56BC.roa
File:                     59136C26FFB911F09F6B6297696F56BC.roa (raw, json)
Hash identifier:          /VCvroFhx6z1l88pSltO1q8+Wyrj5tu4h/G9D4tqaXY=
Subject key identifier:   64:D1:57:83:B0:EA:5A:A0:A9:E9:13:45:0F:84:93:81:6E:9A:D7:F8
Certificate issuer:       /CN=A9114382/serialNumber=76887469D6410BE468077587847EEAA080B42272
Certificate serial:       FF
Authority key identifier: 76:88:74:69:D6:41:0B:E4:68:07:75:87:84:7E:EA:A0:80:B4:22:72
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/doh0adZBC-RoB3WHhH7qoIC0InI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9114382/44B5FA1C0AC011F0B58F8247C4F9AE02/59136C26FFB911F09F6B6297696F56BC.roa
Signing time:             Mon 01 Jun 2026 07:35:21 +0000
ROA not before:           Mon 01 Jun 2026 07:35:21 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     56265
IP address blocks:        103.3.236.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9114382/44B5FA1C0AC011F0B58F8247C4F9AE02/doh0adZBC-RoB3WHhH7qoIC0InI.crl
                          rsync://rpki.apnic.net/member_repository/A9114382/44B5FA1C0AC011F0B58F8247C4F9AE02/doh0adZBC-RoB3WHhH7qoIC0InI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/doh0adZBC-RoB3WHhH7qoIC0InI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 05:54:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 255 (0xff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9114382, serialNumber=76887469D6410BE468077587847EEAA080B42272
        Validity
            Not Before: Jun  1 07:35:21 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=6a1d3639-f780
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2e:f7:c7:0b:32:a5:08:a5:ac:23:ea:db:98:
                    c8:c9:41:d9:d0:e0:91:a1:fe:6c:6e:34:d2:51:8d:
                    69:18:42:04:1e:19:80:0d:f3:f6:89:82:ec:96:75:
                    74:44:3d:33:b2:26:49:2e:52:2c:4a:97:c9:94:a9:
                    b9:d5:0a:52:b1:7e:2c:83:87:30:02:fa:08:95:32:
                    21:e8:5c:d8:35:58:4a:e9:04:15:b6:cd:66:18:9f:
                    f6:54:8f:d9:5e:e9:3e:4c:72:34:b2:fb:f7:5d:8c:
                    41:e3:1d:19:8c:6a:00:a9:1b:85:74:81:a7:75:d7:
                    6c:86:38:55:d3:00:11:7c:58:3a:04:4d:58:ee:df:
                    0f:89:54:e6:53:9c:c3:6c:24:38:53:9c:ac:80:5c:
                    53:fd:66:60:f4:a2:da:01:0b:4e:26:47:69:00:1d:
                    1c:dd:ac:a7:7c:f8:48:8d:6a:da:b6:a1:6a:06:f7:
                    35:b4:05:d3:54:db:00:30:a6:aa:f7:49:61:e1:21:
                    16:43:5c:dc:f3:ec:3a:47:0c:8b:e6:68:27:70:4a:
                    f7:be:7b:bd:de:44:47:b0:c2:2e:0b:0f:04:8f:78:
                    6e:70:f3:ae:ac:a8:25:2b:b7:27:22:c4:83:08:61:
                    30:11:c0:e2:27:82:24:3a:9b:32:e1:b7:b0:28:09:
                    df:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:D1:57:83:B0:EA:5A:A0:A9:E9:13:45:0F:84:93:81:6E:9A:D7:F8
            X509v3 Authority Key Identifier:
                keyid:76:88:74:69:D6:41:0B:E4:68:07:75:87:84:7E:EA:A0:80:B4:22:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9114382/44B5FA1C0AC011F0B58F8247C4F9AE02/doh0adZBC-RoB3WHhH7qoIC0InI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/doh0adZBC-RoB3WHhH7qoIC0InI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114382/44B5FA1C0AC011F0B58F8247C4F9AE02/59136C26FFB911F09F6B6297696F56BC.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.3.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:9b:50:86:4b:19:3c:8d:d5:dd:4d:b0:71:7c:8d:c6:45:6c:
         c9:95:32:6f:27:b8:a9:a7:0b:b3:ae:f9:bb:73:21:c1:07:a2:
         e3:02:64:63:2b:ae:9c:7d:92:62:15:b9:86:00:65:5f:7e:05:
         bf:1e:ac:37:5a:a4:cb:61:7b:9e:3a:29:88:87:57:3b:76:5b:
         7a:b5:cd:16:94:80:c5:f4:a3:9b:e5:39:5d:09:e9:e0:eb:d8:
         8e:91:78:e9:74:05:d5:38:9a:e4:71:a3:42:35:0c:ab:e0:85:
         2f:ca:86:15:59:38:8e:3d:11:9f:db:8b:28:d3:f4:1e:46:de:
         12:15:0b:1f:66:04:c9:73:8b:49:1d:94:b3:2d:50:27:05:45:
         f0:33:fd:3a:8a:d8:fd:fc:bc:89:8c:fe:56:88:39:d6:ee:ca:
         bd:e4:ea:73:15:24:55:91:b4:bf:56:a4:d6:b4:f1:25:5e:f6:
         99:08:72:0c:47:7c:a1:9f:bf:d6:86:31:f9:d2:1e:70:16:35:
         1d:a5:d8:03:b6:8f:35:2f:61:68:b6:fe:62:b6:b5:48:00:38:
         74:08:02:fc:e8:b2:f8:37:73:55:8b:4f:16:30:81:17:03:56:
         44:4e:f4:e1:a2:6d:84:7c:51:a3:8f:f9:7b:40:28:b5:71:1e:
         d4:b7:53:49
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTQzODIxMTAvBgNVBAUTKDc2ODg3NDY5RDY0MTBCRTQ2ODA3NzU4Nzg0N0VFQUEw
ODBCNDIyNzIwHhcNMjYwNjAxMDczNTIxWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFkMzYzOS1mNzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAry73xwsypQilrCPq25jIyUHZ0OCRof5sbjTSUY1pGEIEHhmADfP2iYLslnV0
RD0zsiZJLlIsSpfJlKm51QpSsX4sg4cwAvoIlTIh6FzYNVhK6QQVts1mGJ/2VI/Z
Xuk+THI0svv3XYxB4x0ZjGoAqRuFdIGndddshjhV0wARfFg6BE1Y7t8PiVTmU5zD
bCQ4U5ysgFxT/WZg9KLaAQtOJkdpAB0c3aynfPhIjWratqFqBvc1tAXTVNsAMKaq
90lh4SEWQ1zc8+w6RwyL5mgncEr3vnu93kRHsMIuCw8Ej3hucPOurKglK7cnIsSD
CGEwEcDiJ4IkOpsy4bewKAnfDwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGTRV4Ow
6lqgqekTRQ+Ek4Fumtf4MB8GA1UdIwQYMBaAFHaIdGnWQQvkaAd1h4R+6qCAtCJy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDM4Mi80NEI1RkExQzBB
QzAxMUYwQjU4RjgyNDdDNEY5QUUwMi9kb2gwYWRaQkMtUm9CM1dIaEg3cW9JQzBJ
bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RvaDBhZFpCQy1Sb0IzV0hoSDdxb0lDMEluSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTQzODIvNDRCNUZBMUMwQUMwMTFGMEI1OEY4MjQ3QzRGOUFFMDIvNTkxMzZDMjZG
RkI5MTFGMDlGNkI2Mjk3Njk2RjU2QkMucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZwPsMA0GCSqGSIb3DQEBCwUAA4IBAQBRm1CGSxk8jdXdTbBxfI3G
RWzJlTJvJ7ippwuzrvm7cyHBB6LjAmRjK66cfZJiFbmGAGVffgW/Hqw3WqTLYXue
OimIh1c7dlt6tc0WlIDF9KOb5TldCeng69iOkXjpdAXVOJrkcaNCNQyr4IUvyoYV
WTiOPRGf24so0/QeRt4SFQsfZgTJc4tJHZSzLVAnBUXwM/06itj9/LyJjP5WiDnW
7sq95OpzFSRVkbS/VqTWtPElXvaZCHIMR3yhn7/WhjH50h5wFjUdpdgDto81L2Fo
tv5itrVIADh0CAL86LL4N3NVi08WMIEXA1ZETvThom2EfFGjj/l7QCi1cR7Ut1NJ
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:24:53 2026 by rpki-client