Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911580A/878E986ED4DE11ECBCFCE722C4F9AE02/BC6E83E0D4E411EC976A7E55C4F9AE02.roa
File:                     BC6E83E0D4E411EC976A7E55C4F9AE02.roa (raw, json)
Hash identifier:          fEkscTOPczLjdNokDvAYNFJrvZePwXKN3ANl82TsKZk=
Subject key identifier:   F8:11:76:7B:9C:CB:63:12:7A:E8:EF:1D:83:5D:E7:E0:43:48:D0:31
Certificate issuer:       /CN=A911580A/serialNumber=7304775C1CE385ACA40405864EA9B9ABFEDE91B3
Certificate serial:       03E0
Authority key identifier: 73:04:77:5C:1C:E3:85:AC:A4:04:05:86:4E:A9:B9:AB:FE:DE:91:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwR3XBzjhaykBAWGTqm5q_7ekbM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911580A/878E986ED4DE11ECBCFCE722C4F9AE02/BC6E83E0D4E411EC976A7E55C4F9AE02.roa
Signing time:             Tue 07 Jul 2026 01:27:04 +0000
ROA not before:           Tue 07 Jul 2026 01:27:04 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     134732
IP address blocks:        103.187.94.0/23 maxlen: 23
                          103.187.94.0/24 maxlen: 24
                          103.187.95.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911580A/878E986ED4DE11ECBCFCE722C4F9AE02/cwR3XBzjhaykBAWGTqm5q_7ekbM.crl
                          rsync://rpki.apnic.net/member_repository/A911580A/878E986ED4DE11ECBCFCE722C4F9AE02/cwR3XBzjhaykBAWGTqm5q_7ekbM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwR3XBzjhaykBAWGTqm5q_7ekbM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 01:10:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 992 (0x3e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911580A, serialNumber=7304775C1CE385ACA40405864EA9B9ABFEDE91B3
        Validity
            Not Before: Jul  7 01:27:04 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a4c55e8-cc65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6a:7e:7a:ca:1f:67:6e:d1:87:cf:07:f3:df:
                    90:de:09:b9:a8:af:92:e4:a5:a1:0e:0f:41:a8:51:
                    0b:fa:d6:a1:37:2f:10:cc:9a:7f:c3:02:8d:11:fc:
                    d0:ab:ae:e7:21:ce:9d:fc:e1:b3:05:66:0c:51:0b:
                    03:b3:54:c1:0c:18:5e:9d:a0:8b:bb:4f:a3:cb:68:
                    e8:a5:fc:4e:fd:18:6c:39:dc:e2:af:43:31:06:41:
                    90:20:64:46:ad:80:74:58:d8:a7:0d:b0:f0:73:2e:
                    ee:9f:03:28:cb:21:e8:6e:6a:70:2e:a8:ac:25:cd:
                    c8:5d:82:a6:87:61:f6:62:f3:e5:9c:53:35:c1:af:
                    aa:6e:c6:35:51:0d:3f:4c:66:39:c3:f1:72:92:6c:
                    99:56:62:a5:5a:ac:f3:69:3b:fe:1c:0c:9f:f5:66:
                    89:08:01:4a:12:cd:d6:f0:a2:2d:02:f3:64:ec:39:
                    35:73:c2:5a:a3:13:4d:5b:63:1c:00:0a:8b:1f:00:
                    70:79:58:0a:9f:9d:12:33:45:78:2e:fe:7e:b0:37:
                    f5:25:3e:38:e3:3c:eb:73:d7:80:01:75:bd:1d:db:
                    60:16:ef:30:c8:d8:92:14:69:e7:0c:1c:f1:72:01:
                    81:00:f0:ae:76:48:84:44:37:78:1a:04:d8:d2:42:
                    ae:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:11:76:7B:9C:CB:63:12:7A:E8:EF:1D:83:5D:E7:E0:43:48:D0:31
            X509v3 Authority Key Identifier:
                keyid:73:04:77:5C:1C:E3:85:AC:A4:04:05:86:4E:A9:B9:AB:FE:DE:91:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911580A/878E986ED4DE11ECBCFCE722C4F9AE02/cwR3XBzjhaykBAWGTqm5q_7ekbM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwR3XBzjhaykBAWGTqm5q_7ekbM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911580A/878E986ED4DE11ECBCFCE722C4F9AE02/BC6E83E0D4E411EC976A7E55C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.187.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bd:69:12:9b:ff:74:f4:7d:34:c6:86:5d:fe:fd:15:f8:59:cc:
         0f:8f:fb:1f:53:25:64:80:51:1a:c5:2c:ab:e2:24:0c:e2:e4:
         f3:a3:20:43:a9:25:e1:b9:69:c9:6d:11:e1:d5:c8:27:08:d0:
         5b:2f:1b:63:6c:34:32:66:ae:6a:cd:5e:9d:ce:39:6e:5b:6a:
         ff:a9:48:24:60:32:57:27:56:cb:21:72:34:0a:89:7e:81:56:
         78:1d:5d:0c:e0:00:1b:1b:14:23:e6:55:0a:60:ee:a6:39:e2:
         ee:dc:4b:3c:91:5a:52:2d:94:59:24:cb:91:79:1d:73:66:94:
         ef:57:23:a7:c4:a7:35:c5:7b:75:9c:4a:94:de:dc:11:21:b6:
         05:a9:03:05:f5:e2:26:50:53:bc:2e:d9:22:3d:03:f5:0a:46:
         df:03:e6:f1:e8:28:fb:d1:e7:e3:2a:96:46:93:29:86:3f:a7:
         a6:98:fa:a4:4f:d4:b3:c8:be:0e:ab:67:4a:6b:3d:88:c5:61:
         cf:65:c8:b9:cc:15:87:38:a7:d7:e4:5d:1f:3b:1f:12:e4:bc:
         dc:9d:1c:41:f0:3d:21:d1:6b:ef:0a:e6:53:9a:68:a2:29:30:
         2a:24:84:81:d8:94:61:bb:bb:aa:38:09:8d:20:ad:3d:18:a0:
         1b:3a:3c:00
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICA+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTU4MEExMTAvBgNVBAUTKDczMDQ3NzVDMUNFMzg1QUNBNDA0MDU4NjRFQTlCOUFC
RkVERTkxQjMwHhcNMjYwNzA3MDEyNzA0WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjNTVlOC1jYzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoWp+esofZ27Rh88H89+Q3gm5qK+S5KWhDg9BqFEL+tahNy8QzJp/wwKNEfzQ
q67nIc6d/OGzBWYMUQsDs1TBDBhenaCLu0+jy2jopfxO/RhsOdzir0MxBkGQIGRG
rYB0WNinDbDwcy7unwMoyyHobmpwLqisJc3IXYKmh2H2YvPlnFM1wa+qbsY1UQ0/
TGY5w/FykmyZVmKlWqzzaTv+HAyf9WaJCAFKEs3W8KItAvNk7Dk1c8JaoxNNW2Mc
AAqLHwBweVgKn50SM0V4Lv5+sDf1JT444zzrc9eAAXW9HdtgFu8wyNiSFGnnDBzx
cgGBAPCudkiERDd4GgTY0kKuFQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPgRdnuc
y2MSeujvHYNd5+BDSNAxMB8GA1UdIwQYMBaAFHMEd1wc44WspAQFhk6puav+3pGz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTgwQS84NzhFOTg2RUQ0
REUxMUVDQkNGQ0U3MjJDNEY5QUUwMi9jd1IzWEJ6amhheWtCQVdHVHFtNXFfN2Vr
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N3UjNYQnpqaGF5a0JBV0dUcW01cV83ZWtiTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTU4MEEvODc4RTk4NkVENERFMTFFQ0JDRkNFNzIyQzRGOUFFMDIvQkM2RTgzRTBE
NEU0MTFFQzk3NkE3RTU1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ7teMA0GCSqGSIb3DQEBCwUAA4IBAQC9aRKb/3T0fTTGhl3+/RX4
WcwPj/sfUyVkgFEaxSyr4iQM4uTzoyBDqSXhuWnJbRHh1cgnCNBbLxtjbDQyZq5q
zV6dzjluW2r/qUgkYDJXJ1bLIXI0Col+gVZ4HV0M4AAbGxQj5lUKYO6mOeLu3Es8
kVpSLZRZJMuReR1zZpTvVyOnxKc1xXt1nEqU3twRIbYFqQMF9eImUFO8LtkiPQP1
CkbfA+bx6Cj70efjKpZGkymGP6emmPqkT9SzyL4Oq2dKaz2IxWHPZci5zBWHOKfX
5F0fOx8S5LzcnRxB8D0h0WvvCuZTmmiiKTAqJISB2JRhu7uqOAmNIK09GKAbOjwA
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:14:15 2026 by rpki-client