Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/274C6AEA11F811EFAE75044FC4F9AE02.roa
File:                     274C6AEA11F811EFAE75044FC4F9AE02.roa (raw, json)
Hash identifier:          oy5lyVKTjZWp2gM9krzhRlI88augs0PoeQCxnIqhSao=
Subject key identifier:   47:74:8D:5D:A6:AF:92:9A:E1:11:74:F4:41:5D:4A:38:B8:87:E0:31
Certificate issuer:       /CN=A911B6FB/serialNumber=AD234E3F1EBBADAD019FE09AFFF70E8075AFDE17
Certificate serial:       019F
Authority key identifier: AD:23:4E:3F:1E:BB:AD:AD:01:9F:E0:9A:FF:F7:0E:80:75:AF:DE:17
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSNOPx67ra0Bn-Ca__cOgHWv3hc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/274C6AEA11F811EFAE75044FC4F9AE02.roa
Signing time:             Tue 07 Jul 2026 05:31:54 +0000
ROA not before:           Tue 07 Jul 2026 05:31:54 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     152479
IP address blocks:        103.158.118.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/rSNOPx67ra0Bn-Ca__cOgHWv3hc.crl
                          rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/rSNOPx67ra0Bn-Ca__cOgHWv3hc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSNOPx67ra0Bn-Ca__cOgHWv3hc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 18 Jul 2026 05:05:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 415 (0x19f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B6FB, serialNumber=AD234E3F1EBBADAD019FE09AFFF70E8075AFDE17
        Validity
            Not Before: Jul  7 05:31:54 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a4c8f4a-07d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:86:08:96:91:91:d2:7d:02:cf:f6:12:81:b3:
                    4e:10:20:6a:a2:05:57:af:44:80:56:02:4d:ec:26:
                    8a:fc:4b:41:ba:de:84:1a:dd:b4:0b:2d:34:5d:ac:
                    0a:3a:b7:f1:e4:9d:0d:c1:c1:70:c4:da:d7:5a:73:
                    7a:82:2c:e0:1d:bc:bd:4c:dc:49:73:71:0f:06:3d:
                    33:fc:7c:50:5a:72:fd:26:75:b7:12:09:f8:95:d7:
                    a8:12:a9:99:57:16:34:e8:ae:c1:0a:5c:87:d8:94:
                    44:f5:8c:3c:c7:cc:d5:58:e3:66:55:8e:94:cc:6f:
                    37:9e:6e:b6:02:a2:86:c8:8e:44:6b:02:a6:cd:d7:
                    80:6c:a8:30:29:c1:4b:96:d0:63:96:e3:c9:68:be:
                    f5:ef:82:85:dc:25:10:99:42:f1:cb:ea:f8:ff:61:
                    6b:d3:41:ed:a5:40:a4:44:bf:64:45:88:54:28:5d:
                    c2:34:3f:fc:25:51:7c:d8:63:36:7a:8e:d8:76:36:
                    7c:65:5e:d5:18:c5:88:a8:6f:98:fd:e1:51:c2:35:
                    97:24:94:a7:7e:01:3f:aa:be:5f:4c:60:02:49:6f:
                    ca:44:02:1a:38:e4:39:f2:b7:3d:18:8a:a5:84:e7:
                    02:dd:56:ef:36:3b:34:34:44:62:97:bf:e6:b1:f4:
                    62:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:74:8D:5D:A6:AF:92:9A:E1:11:74:F4:41:5D:4A:38:B8:87:E0:31
            X509v3 Authority Key Identifier:
                keyid:AD:23:4E:3F:1E:BB:AD:AD:01:9F:E0:9A:FF:F7:0E:80:75:AF:DE:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/rSNOPx67ra0Bn-Ca__cOgHWv3hc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSNOPx67ra0Bn-Ca__cOgHWv3hc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B6FB/D9CC9EDE11F711EF93BD944EC4F9AE02/274C6AEA11F811EFAE75044FC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.118.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:71:ca:36:b4:c6:ce:ca:09:83:66:bb:bc:bf:6c:8c:b4:db:
         a4:73:09:c2:cc:86:5e:fa:7b:63:7c:8a:ba:75:36:7f:12:47:
         0f:5a:b3:e9:5a:1f:6c:dc:70:ca:f9:e9:18:86:5e:3d:01:da:
         45:0c:04:aa:28:90:84:e3:f7:45:0b:60:c6:41:ee:93:13:31:
         7f:ab:5f:05:ae:89:8d:e8:92:52:92:a6:3a:cf:21:95:6d:06:
         81:04:32:31:f5:8a:6c:38:01:d5:0a:bf:72:0a:ae:b5:cb:7e:
         b1:d7:90:75:63:84:37:6c:3f:f9:8c:ca:6a:fb:e1:54:93:0d:
         c6:cd:4c:56:c5:2d:09:9a:a6:f4:b6:72:0f:69:87:c4:17:84:
         d8:20:3d:b5:95:2b:f3:6a:8d:f4:54:bf:0f:f0:e7:be:13:a2:
         1d:7a:2b:ca:fe:48:47:53:74:cf:88:c5:7f:98:7b:7f:c5:7d:
         e2:75:ed:d5:f1:26:c1:a7:ef:06:8c:ca:af:cc:0c:04:66:f7:
         9b:02:3e:0c:68:33:bd:1a:8e:79:19:28:ee:01:1d:41:f7:a4:
         96:74:2d:79:7a:46:1e:b5:7f:00:15:e8:15:ac:17:59:b8:5a:
         ac:19:c9:25:07:eb:54:bb:ac:05:7e:58:62:61:be:8b:88:6f:
         b6:46:9f:b2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI2RkIxMTAvBgNVBAUTKEFEMjM0RTNGMUVCQkFEQUQwMTlGRTA5QUZGRjcwRTgw
NzVBRkRFMTcwHhcNMjYwNzA3MDUzMTU0WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjOGY0YS0wN2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA14YIlpGR0n0Cz/YSgbNOECBqogVXr0SAVgJN7CaK/EtBut6EGt20Cy00XawK
Orfx5J0NwcFwxNrXWnN6gizgHby9TNxJc3EPBj0z/HxQWnL9JnW3Egn4ldeoEqmZ
VxY06K7BClyH2JRE9Yw8x8zVWONmVY6UzG83nm62AqKGyI5EawKmzdeAbKgwKcFL
ltBjluPJaL7174KF3CUQmULxy+r4/2Fr00HtpUCkRL9kRYhUKF3CND/8JVF82GM2
eo7YdjZ8ZV7VGMWIqG+Y/eFRwjWXJJSnfgE/qr5fTGACSW/KRAIaOOQ58rc9GIql
hOcC3VbvNjs0NERil7/msfRi1wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFEd0jV2m
r5Ka4RF09EFdSji4h+AxMB8GA1UdIwQYMBaAFK0jTj8eu62tAZ/gmv/3DoB1r94X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjZGQi9EOUNDOUVERTEx
RjcxMUVGOTNCRDk0NEVDNEY5QUUwMi9yU05PUHg2N3JhMEJuLUNhX19jT2dIV3Yz
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JTTk9QeDY3cmEwQm4tQ2FfX2NPZ0hXdjNoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI2RkIvRDlDQzlFREUxMUY3MTFFRjkzQkQ5NDRFQzRGOUFFMDIvMjc0QzZBRUEx
MUY4MTFFRkFFNzUwNDRGQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ552MA0GCSqGSIb3DQEBCwUAA4IBAQA5cco2tMbOygmDZru8v2yM
tNukcwnCzIZe+ntjfIq6dTZ/EkcPWrPpWh9s3HDK+ekYhl49AdpFDASqKJCE4/dF
C2DGQe6TEzF/q18FromN6JJSkqY6zyGVbQaBBDIx9YpsOAHVCr9yCq61y36x15B1
Y4Q3bD/5jMpq++FUkw3GzUxWxS0Jmqb0tnIPaYfEF4TYID21lSvzao30VL8P8Oe+
E6IdeivK/khHU3TPiMV/mHt/xX3ide3V8SbBp+8GjMqvzAwEZvebAj4MaDO9Go55
GSjuAR1B96SWdC15ekYetX8AFegVrBdZuFqsGcklB+tUu6wFflhiYb6LiG+2Rp+y
-----END CERTIFICATE-----
Generated at Sun Jul 12 21:26:28 2026 by rpki-client