Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119510/0DDF5B0883CF11E7838EA84EC4F9AE02/F13A6FB883D011E7948A8052C4F9AE02.roa
File:                     F13A6FB883D011E7948A8052C4F9AE02.roa (raw, json)
Hash identifier:          OHaTxR8tHvS18hDcZnJILMVzVSAyU3o/tIVwAUWjONs=
Subject key identifier:   C3:B5:65:BC:8F:B1:7A:5E:60:2D:FE:D9:E4:86:6D:C5:C6:06:AF:04
Certificate issuer:       /CN=A9119510/serialNumber=8BDF51189A1DBDF968434B5E736AA9ABFD45561C
Certificate serial:       19D9
Authority key identifier: 8B:DF:51:18:9A:1D:BD:F9:68:43:4B:5E:73:6A:A9:AB:FD:45:56:1C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i99RGJodvfloQ0tec2qpq_1FVhw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119510/0DDF5B0883CF11E7838EA84EC4F9AE02/F13A6FB883D011E7948A8052C4F9AE02.roa
Signing time:             Wed 24 Jun 2026 17:18:59 +0000
ROA not before:           Wed 24 Jun 2026 17:18:59 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     17882
IP address blocks:        43.242.240.0/24 maxlen: 24
                          43.242.241.0/24 maxlen: 24
                          43.242.242.0/24 maxlen: 24
                          43.242.243.0/24 maxlen: 24
                          103.26.192.0/24 maxlen: 24
                          103.26.193.0/24 maxlen: 24
                          103.26.194.0/24 maxlen: 24
                          103.26.195.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9119510/0DDF5B0883CF11E7838EA84EC4F9AE02/i99RGJodvfloQ0tec2qpq_1FVhw.crl
                          rsync://rpki.apnic.net/member_repository/A9119510/0DDF5B0883CF11E7838EA84EC4F9AE02/i99RGJodvfloQ0tec2qpq_1FVhw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i99RGJodvfloQ0tec2qpq_1FVhw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 16:25:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6617 (0x19d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119510, serialNumber=8BDF51189A1DBDF968434B5E736AA9ABFD45561C
        Validity
            Not Before: Jun 24 17:18:59 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c1182-aa21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:19:fc:2d:03:e6:8c:5f:c9:61:11:f0:e9:58:
                    57:6a:0a:1a:35:01:2b:d9:0e:45:20:41:a9:20:e0:
                    fd:f4:91:35:e0:10:4c:92:80:53:f0:a6:9e:92:29:
                    84:9c:74:74:6f:6a:da:2b:f2:e4:7a:00:c9:58:ef:
                    81:81:a2:be:c8:8e:63:b5:11:2b:04:20:9e:b6:0e:
                    d0:96:00:63:a6:ab:94:67:30:fb:89:b3:3d:5a:c4:
                    0b:28:87:61:4f:bc:b2:19:39:69:cb:09:77:87:9e:
                    6e:dc:64:cd:cf:3f:00:ac:5b:ad:de:87:a1:86:83:
                    14:5f:05:21:92:15:ea:08:10:6b:f9:82:8d:8b:b3:
                    11:ab:5b:aa:10:33:83:26:f2:a6:dc:c6:07:c3:b1:
                    0f:b6:54:80:5b:4e:82:92:ed:df:32:95:06:f8:2e:
                    5d:f0:46:74:4c:cd:8f:67:59:e7:02:f4:da:88:aa:
                    cb:fd:6e:6a:08:70:58:c8:15:25:fa:e8:17:02:ec:
                    67:bb:7b:d9:24:93:2b:01:79:cd:9d:ee:4e:ea:ef:
                    3d:8d:9b:7a:29:04:1b:a6:3a:3e:a2:b5:fa:b1:f2:
                    ac:3f:f7:82:22:2d:e6:e7:e4:e7:5a:58:65:2e:46:
                    e1:f6:9a:2c:ff:e0:d8:e4:e7:5a:ed:20:a2:0c:82:
                    a6:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B5:65:BC:8F:B1:7A:5E:60:2D:FE:D9:E4:86:6D:C5:C6:06:AF:04
            X509v3 Authority Key Identifier:
                keyid:8B:DF:51:18:9A:1D:BD:F9:68:43:4B:5E:73:6A:A9:AB:FD:45:56:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119510/0DDF5B0883CF11E7838EA84EC4F9AE02/i99RGJodvfloQ0tec2qpq_1FVhw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i99RGJodvfloQ0tec2qpq_1FVhw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119510/0DDF5B0883CF11E7838EA84EC4F9AE02/F13A6FB883D011E7948A8052C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.242.240.0/22
                  103.26.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:d2:0d:95:55:85:c6:16:f8:b1:93:d3:f3:89:8e:78:69:58:
         5f:de:fc:ed:3d:db:14:ff:1b:3f:90:77:58:2a:f2:d8:18:34:
         3d:3f:27:16:ab:20:ef:b6:73:9a:da:c0:dc:50:90:64:2e:87:
         f3:3d:66:fd:a4:71:06:8f:a3:07:ae:43:41:77:84:44:f1:34:
         d8:20:aa:f4:8d:6c:f1:a8:88:48:6d:75:36:8d:cb:d0:bc:c2:
         30:6e:5c:8f:e7:1c:86:8e:3a:df:22:0b:c9:46:75:2d:89:f7:
         f6:14:aa:e1:a6:78:5c:47:21:92:38:e9:79:ed:eb:50:bf:6d:
         5e:a0:a0:25:01:6c:ba:7c:f5:15:a9:01:ec:d4:1e:39:d0:2a:
         0e:96:a8:80:73:08:36:25:6e:fe:f0:2d:b9:8a:e7:24:6a:02:
         5e:4f:25:52:0a:1a:69:c5:f9:ec:45:6a:2f:68:19:6a:ac:26:
         a9:89:07:4b:da:0a:70:2e:47:c2:08:e1:d4:57:46:58:49:d6:
         68:24:00:eb:2a:d8:4b:7c:5d:29:d8:e3:c0:f3:6b:3a:de:31:
         a9:56:4b:29:90:67:bd:c1:1a:5c:f3:c4:f5:83:7d:23:d5:b2:
         2f:d0:04:89:04:17:be:07:05:b0:b7:aa:06:e4:ae:d3:2b:99:
         96:2d:6a:58
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICGdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTk1MTAxMTAvBgNVBAUTKDhCREY1MTE4OUExREJERjk2ODQzNEI1RTczNkFBOUFC
RkQ0NTU2MUMwHhcNMjYwNjI0MTcxODU5WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjMTE4Mi1hYTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkhn8LQPmjF/JYRHw6VhXagoaNQEr2Q5FIEGpIOD99JE14BBMkoBT8KaekimE
nHR0b2raK/LkegDJWO+BgaK+yI5jtRErBCCetg7QlgBjpquUZzD7ibM9WsQLKIdh
T7yyGTlpywl3h55u3GTNzz8ArFut3oehhoMUXwUhkhXqCBBr+YKNi7MRq1uqEDOD
JvKm3MYHw7EPtlSAW06Cku3fMpUG+C5d8EZ0TM2PZ1nnAvTaiKrL/W5qCHBYyBUl
+ugXAuxnu3vZJJMrAXnNne5O6u89jZt6KQQbpjo+orX6sfKsP/eCIi3m5+TnWlhl
Lkbh9pos/+DY5Oda7SCiDIKmxwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFMO1ZbyP
sXpeYC3+2eSGbcXGBq8EMB8GA1UdIwQYMBaAFIvfURiaHb35aENLXnNqqav9RVYc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTUxMC8wRERGNUIwODgz
Q0YxMUU3ODM4RUE4NEVDNEY5QUUwMi9pOTlSR0pvZHZmbG9RMHRlYzJxcHFfMUZW
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2k5OVJHSm9kdmZsb1EwdGVjMnFwcV8xRlZody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTk1MTAvMERERjVCMDg4M0NGMTFFNzgzOEVBODRFQzRGOUFFMDIvRjEzQTZGQjg4
M0QwMTFFNzk0OEE4MDUyQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQCK/LwAwQCZxrAMA0GCSqGSIb3DQEBCwUAA4IBAQBE0g2VVYXGFvix
k9PziY54aVhf3vztPdsU/xs/kHdYKvLYGDQ9PycWqyDvtnOa2sDcUJBkLofzPWb9
pHEGj6MHrkNBd4RE8TTYIKr0jWzxqIhIbXU2jcvQvMIwblyP5xyGjjrfIgvJRnUt
iff2FKrhpnhcRyGSOOl57etQv21eoKAlAWy6fPUVqQHs1B450CoOlqiAcwg2JW7+
8C25iuckagJeTyVSChppxfnsRWovaBlqrCapiQdL2gpwLkfCCOHUV0ZYSdZoJADr
KthLfF0p2OPA82s63jGpVkspkGe9wRpc88T1g30j1bIv0ASJBBe+BwWwt6oG5K7T
K5mWLWpY
-----END CERTIFICATE-----
Generated at Sat Jul 18 07:11:32 2026 by rpki-client