Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913814E/80C95AAE5F2711EDB1D5FA3DC4F9AE02/D479653E5F2911EDB481A53EC4F9AE02.roa
File:                     D479653E5F2911EDB481A53EC4F9AE02.roa (raw, json)
Hash identifier:          cBSNwUp1ty95RJVAcjn2qIdEHHmRG0/43TIWKpupexs=
Subject key identifier:   80:D4:88:A8:EA:99:97:0B:B0:A7:CD:31:B2:C4:B2:43:A6:A9:AD:0D
Certificate issuer:       /CN=A913814E/serialNumber=CA3803699AD5B0906C00797A3A1E9CD95B6591B1
Certificate serial:       02B0
Authority key identifier: CA:38:03:69:9A:D5:B0:90:6C:00:79:7A:3A:1E:9C:D9:5B:65:91:B1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yjgDaZrVsJBsAHl6Oh6c2VtlkbE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913814E/80C95AAE5F2711EDB1D5FA3DC4F9AE02/D479653E5F2911EDB481A53EC4F9AE02.roa
Signing time:             Wed 01 Jul 2026 03:27:35 +0000
ROA not before:           Wed 01 Jul 2026 03:27:35 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     135405
IP address blocks:        103.217.156.0/24 maxlen: 24
                          103.217.157.0/24 maxlen: 24
                          103.217.158.0/24 maxlen: 24
                          103.217.159.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913814E/80C95AAE5F2711EDB1D5FA3DC4F9AE02/yjgDaZrVsJBsAHl6Oh6c2VtlkbE.crl
                          rsync://rpki.apnic.net/member_repository/A913814E/80C95AAE5F2711EDB1D5FA3DC4F9AE02/yjgDaZrVsJBsAHl6Oh6c2VtlkbE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yjgDaZrVsJBsAHl6Oh6c2VtlkbE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 02:10:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 688 (0x2b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913814E, serialNumber=CA3803699AD5B0906C00797A3A1E9CD95B6591B1
        Validity
            Not Before: Jul  1 03:27:35 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a448927-c934
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:89:c2:15:61:80:80:78:4e:32:36:7d:ae:e0:
                    dd:33:fd:cd:3f:24:f7:0b:ea:e7:22:8c:d6:5a:fd:
                    78:17:25:12:30:88:f1:e4:14:94:0e:08:6a:ba:52:
                    3e:e5:58:8a:96:3a:12:43:d4:07:6e:46:9e:e5:c4:
                    a7:03:9f:87:5d:de:a1:f3:72:3a:36:8a:ac:e7:03:
                    03:b1:96:44:c4:d5:dd:90:6e:65:2a:80:4a:de:f6:
                    05:2d:cd:f1:7e:cd:0b:88:46:f6:aa:a0:49:21:a8:
                    14:1a:d3:32:bb:bc:6a:88:4e:07:9e:62:d0:2f:34:
                    eb:86:7e:bb:d0:1e:82:ce:6f:66:4f:53:1e:61:0e:
                    76:ee:b3:cd:58:50:34:d6:be:94:e0:9a:bf:09:a9:
                    f3:8e:de:ae:12:77:1c:bc:13:69:b7:ff:f0:52:3f:
                    ae:73:81:ba:3b:70:79:58:d7:4b:c7:07:c0:cf:0c:
                    c3:ff:b6:34:fe:6e:cc:be:57:0d:10:67:c9:fb:2f:
                    44:83:fd:47:f1:76:84:df:b2:ed:67:d7:90:62:4b:
                    67:af:9f:71:9b:ac:1f:2a:81:f1:88:94:ba:ce:66:
                    d9:53:8c:90:41:fd:30:00:84:04:dd:b3:1e:fd:2a:
                    4a:d9:da:c0:3f:ec:05:7f:03:84:f0:d9:e0:fd:59:
                    a7:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:D4:88:A8:EA:99:97:0B:B0:A7:CD:31:B2:C4:B2:43:A6:A9:AD:0D
            X509v3 Authority Key Identifier:
                keyid:CA:38:03:69:9A:D5:B0:90:6C:00:79:7A:3A:1E:9C:D9:5B:65:91:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913814E/80C95AAE5F2711EDB1D5FA3DC4F9AE02/yjgDaZrVsJBsAHl6Oh6c2VtlkbE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yjgDaZrVsJBsAHl6Oh6c2VtlkbE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913814E/80C95AAE5F2711EDB1D5FA3DC4F9AE02/D479653E5F2911EDB481A53EC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.217.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:53:37:08:b5:30:09:25:b2:cf:eb:ca:fa:eb:87:5a:a5:ca:
         56:b3:af:07:8c:5c:12:c6:f5:f9:0e:fa:9b:15:ea:20:f0:5c:
         43:81:ca:98:d0:98:8d:fe:b5:8f:c6:35:04:8f:84:8c:c4:34:
         1f:93:fe:8b:8e:37:7c:79:27:83:2f:c1:83:7b:99:cd:b7:bf:
         17:46:a5:20:d4:74:cc:aa:61:a7:df:bc:44:c3:60:44:95:ee:
         92:32:7e:37:45:fc:48:42:8a:b5:83:20:d1:cc:2e:4e:7d:8b:
         66:0f:47:ea:98:2f:60:28:0c:02:2d:d1:cc:d9:42:1a:38:8f:
         b9:79:11:63:9f:3f:a5:2b:6c:e7:3e:1f:e0:09:a0:e3:da:a0:
         fa:9e:47:3b:b0:b3:65:c3:c6:9a:fd:33:11:c6:0c:f1:40:99:
         4d:a7:fa:2d:35:d5:ea:a1:fb:81:42:f8:7b:73:53:42:ed:3a:
         d8:dc:37:10:a4:79:68:24:6e:c7:05:05:06:11:d2:36:d2:ba:
         9a:17:5b:1f:fd:83:14:13:1d:ee:4b:02:44:43:b3:26:eb:aa:
         f5:74:b9:c4:b2:25:b3:10:87:88:63:ae:92:04:e1:c0:d8:f3:
         98:15:93:f4:6b:71:15:b9:eb:a6:5a:77:ae:c6:60:47:96:df:
         5d:d9:b3:e8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICArAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgxNEUxMTAvBgNVBAUTKENBMzgwMzY5OUFENUIwOTA2QzAwNzk3QTNBMUU5Q0Q5
NUI2NTkxQjEwHhcNMjYwNzAxMDMyNzM1WhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0ODkyNy1jOTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYnCFWGAgHhOMjZ9ruDdM/3NPyT3C+rnIozWWv14FyUSMIjx5BSUDghqulI+
5ViKljoSQ9QHbkae5cSnA5+HXd6h83I6Noqs5wMDsZZExNXdkG5lKoBK3vYFLc3x
fs0LiEb2qqBJIagUGtMyu7xqiE4HnmLQLzTrhn670B6Czm9mT1MeYQ527rPNWFA0
1r6U4Jq/Canzjt6uEnccvBNpt//wUj+uc4G6O3B5WNdLxwfAzwzD/7Y0/m7MvlcN
EGfJ+y9Eg/1H8XaE37LtZ9eQYktnr59xm6wfKoHxiJS6zmbZU4yQQf0wAIQE3bMe
/SpK2drAP+wFfwOE8Nng/Vmn1QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFIDUiKjq
mZcLsKfNMbLEskOmqa0NMB8GA1UdIwQYMBaAFMo4A2ma1bCQbAB5ejoenNlbZZGx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODE0RS84MEM5NUFBRTVG
MjcxMUVEQjFENUZBM0RDNEY5QUUwMi95amdEYVpyVnNKQnNBSGw2T2g2YzJWdGxr
YkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lqZ0RhWnJWc0pCc0FIbDZPaDZjMlZ0bGtiRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzgxNEUvODBDOTVBQUU1RjI3MTFFREIxRDVGQTNEQzRGOUFFMDIvRDQ3OTY1M0U1
RjI5MTFFREI0ODFBNTNFQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZ9mcMA0GCSqGSIb3DQEBCwUAA4IBAQA/UzcItTAJJbLP68r664da
pcpWs68HjFwSxvX5DvqbFeog8FxDgcqY0JiN/rWPxjUEj4SMxDQfk/6Ljjd8eSeD
L8GDe5nNt78XRqUg1HTMqmGn37xEw2BEle6SMn43RfxIQoq1gyDRzC5OfYtmD0fq
mC9gKAwCLdHM2UIaOI+5eRFjnz+lK2znPh/gCaDj2qD6nkc7sLNlw8aa/TMRxgzx
QJlNp/otNdXqofuBQvh7c1NC7TrY3DcQpHloJG7HBQUGEdI20rqaF1sf/YMUEx3u
SwJEQ7Mm66r1dLnEsiWzEIeIY66SBOHA2POYFZP0a3EVueumWneuxmBHlt9d2bPo
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:58:07 2026 by rpki-client