Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/6D610A58F23711EEA11AA759C4F9AE02.roa
File:                     6D610A58F23711EEA11AA759C4F9AE02.roa (raw, json)
Hash identifier:          H955n/7dglZtqfdGojSNMJAFJkmI9QdbLn1Kqy9frW8=
Subject key identifier:   B7:95:1E:77:85:DF:4D:EA:5C:C5:21:B7:BD:9B:89:87:2B:83:1E:8A
Certificate issuer:       /CN=A9122D51/serialNumber=C4C67EBB6B2DDC6924BBB9655E7E0F8218530C65
Certificate serial:       01B1
Authority key identifier: C4:C6:7E:BB:6B:2D:DC:69:24:BB:B9:65:5E:7E:0F:82:18:53:0C:65
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xMZ-u2st3Gkku7llXn4PghhTDGU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/6D610A58F23711EEA11AA759C4F9AE02.roa
Signing time:             Sun 05 Jul 2026 05:30:55 +0000
ROA not before:           Sun 05 Jul 2026 05:30:55 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     136900
IP address blocks:        103.190.18.0/23 maxlen: 23
                          103.190.18.0/24 maxlen: 24
                          103.190.19.0/24 maxlen: 24
                          2400:8ba0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/xMZ-u2st3Gkku7llXn4PghhTDGU.crl
                          rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/xMZ-u2st3Gkku7llXn4PghhTDGU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xMZ-u2st3Gkku7llXn4PghhTDGU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 05:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 433 (0x1b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9122D51, serialNumber=C4C67EBB6B2DDC6924BBB9655E7E0F8218530C65
        Validity
            Not Before: Jul  5 05:30:55 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a49ec0f-d81b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:44:cb:e4:20:28:55:91:8e:aa:1a:83:a8:2b:
                    4d:2b:1c:8b:94:c3:78:b9:80:08:8a:5c:cf:b2:20:
                    1a:3f:fc:b7:fd:03:d1:b7:c1:93:e8:03:4a:e2:bb:
                    a9:b4:51:99:ab:7e:1e:47:00:cf:b9:c5:0e:c9:8a:
                    ae:02:41:a1:b2:b5:d7:bb:e5:65:dd:38:7f:11:aa:
                    60:e2:d9:49:ec:ac:8a:08:9d:cb:1e:b5:ec:70:cf:
                    7b:4b:e0:cd:95:f9:6e:08:3b:93:4d:6f:ed:c4:d4:
                    01:0a:d8:ea:85:b7:84:31:28:1e:a0:00:ad:26:84:
                    2e:7b:d1:3a:5f:55:72:f1:56:55:e7:c6:6b:66:b7:
                    cc:c5:df:ea:5d:df:56:e8:d1:7f:f4:b5:6b:83:e0:
                    d2:6a:fc:f2:18:d2:43:bd:0a:a5:79:b3:d2:b5:0a:
                    8f:6b:dc:8f:e7:e2:df:94:c0:b1:7e:96:60:9f:e5:
                    1a:2f:f4:2b:21:52:de:48:89:46:6c:4c:e2:ab:6e:
                    34:3e:08:77:80:cd:56:2e:40:6c:4f:1f:e2:c0:14:
                    cf:92:a7:38:3e:96:10:62:5f:02:7d:85:ec:6d:41:
                    31:62:54:62:af:94:ec:40:2a:ff:01:7b:db:1b:8f:
                    7d:65:ba:5a:16:c2:73:2a:30:b8:e1:b7:40:fd:c2:
                    27:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:95:1E:77:85:DF:4D:EA:5C:C5:21:B7:BD:9B:89:87:2B:83:1E:8A
            X509v3 Authority Key Identifier:
                keyid:C4:C6:7E:BB:6B:2D:DC:69:24:BB:B9:65:5E:7E:0F:82:18:53:0C:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/xMZ-u2st3Gkku7llXn4PghhTDGU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xMZ-u2st3Gkku7llXn4PghhTDGU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122D51/EAE5FCAAF23611EE8C8B9758C4F9AE02/6D610A58F23711EEA11AA759C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.18.0/23
                IPv6:
                  2400:8ba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b9:4e:5c:6f:86:b9:ac:b2:d7:4d:45:76:f1:75:fc:55:24:f4:
         5f:3e:64:af:ea:06:73:0c:59:a8:92:e9:06:87:af:e9:8b:93:
         67:c9:fb:5c:cd:78:f0:8d:7c:07:54:02:1b:87:91:9a:6d:31:
         0f:44:6d:42:24:5f:c2:e9:32:29:b6:01:dc:94:a6:10:37:0d:
         f5:1c:81:2f:12:02:64:e0:bf:49:87:2f:8b:9e:2b:fc:76:ff:
         69:e0:2c:74:30:c0:4e:21:b8:bb:f1:8c:ad:12:12:8d:96:06:
         3a:c9:26:0a:d8:ff:8d:f6:1f:9a:b0:75:84:57:02:d7:60:f9:
         46:99:76:d8:4d:44:58:43:53:d2:2b:b3:0d:80:fb:9e:af:a0:
         10:a2:40:40:9c:cf:1b:db:e1:88:23:28:a4:fd:11:a6:08:1b:
         36:f1:41:96:6c:d4:c1:31:1b:ea:a5:68:6b:b5:ae:0b:96:1f:
         e2:d2:90:3a:95:ed:47:49:62:59:0d:36:23:87:57:78:4d:49:
         4d:e4:96:53:d7:f5:7a:67:2a:cb:3c:c9:37:61:cc:33:82:1d:
         61:8a:b0:67:f9:3f:e6:a7:7d:aa:92:9f:ed:1b:77:e2:4c:cc:
         27:d0:95:a9:56:a2:60:ee:8b:c8:d5:76:23:94:e2:d1:42:3e:
         ab:bc:c1:88
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICAbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjJENTExMTAvBgNVBAUTKEM0QzY3RUJCNkIyRERDNjkyNEJCQjk2NTVFN0UwRjgy
MTg1MzBDNjUwHhcNMjYwNzA1MDUzMDU1WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5ZWMwZi1kODFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkTL5CAoVZGOqhqDqCtNKxyLlMN4uYAIilzPsiAaP/y3/QPRt8GT6ANK4rup
tFGZq34eRwDPucUOyYquAkGhsrXXu+Vl3Th/Eapg4tlJ7KyKCJ3LHrXscM97S+DN
lfluCDuTTW/txNQBCtjqhbeEMSgeoACtJoQue9E6X1Vy8VZV58ZrZrfMxd/qXd9W
6NF/9LVrg+DSavzyGNJDvQqlebPStQqPa9yP5+LflMCxfpZgn+UaL/QrIVLeSIlG
bEziq240Pgh3gM1WLkBsTx/iwBTPkqc4PpYQYl8CfYXsbUExYlRir5TsQCr/AXvb
G499ZbpaFsJzKjC44bdA/cInxwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFLeVHneF
303qXMUht72biYcrgx6KMB8GA1UdIwQYMBaAFMTGfrtrLdxpJLu5ZV5+D4IYUwxl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkQ1MS9FQUU1RkNBQUYy
MzYxMUVFOEM4Qjk3NThDNEY5QUUwMi94TVotdTJzdDNHa2t1N2xsWG40UGdoaFRE
R1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hNWi11MnN0M0dra3U3bGxYbjRQZ2hoVERHVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjJENTEvRUFFNUZDQUFGMjM2MTFFRThDOEI5NzU4QzRGOUFFMDIvNkQ2MTBBNThG
MjM3MTFFRUExMUFBNzU5QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZ74SMA0EAgACMAcDBQAkAIugMA0GCSqGSIb3DQEBCwUAA4IBAQC5
TlxvhrmsstdNRXbxdfxVJPRfPmSv6gZzDFmokukGh6/pi5NnyftczXjwjXwHVAIb
h5GabTEPRG1CJF/C6TIptgHclKYQNw31HIEvEgJk4L9Jhy+Lniv8dv9p4Cx0MMBO
Ibi78YytEhKNlgY6ySYK2P+N9h+asHWEVwLXYPlGmXbYTURYQ1PSK7MNgPuer6AQ
okBAnM8b2+GIIyik/RGmCBs28UGWbNTBMRvqpWhrta4Llh/i0pA6le1HSWJZDTYj
h1d4TUlN5JZT1/V6ZyrLPMk3Ycwzgh1hirBn+T/mp32qkp/tG3fiTMwn0JWpVqJg
7ovI1XYjlOLRQj6rvMGI
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:24:50 2026 by rpki-client