Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/1086CEC42ACA11EE88AEAE19C4F9AE02.roa
File:                     1086CEC42ACA11EE88AEAE19C4F9AE02.roa (raw, json)
Hash identifier:          RpjUJKKJgD70N/wkyssWhxel6X/Ka6no31psFzNbWNw=
Subject key identifier:   B1:19:52:76:DC:30:48:76:7A:06:65:CB:71:4E:75:41:DF:CE:91:F7
Certificate issuer:       /CN=A9144436/serialNumber=CC69231C1CA15BCE00EE8D45D3CCFFDE452D4B92
Certificate serial:       158F
Authority key identifier: CC:69:23:1C:1C:A1:5B:CE:00:EE:8D:45:D3:CC:FF:DE:45:2D:4B:92
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGkjHByhW84A7o1F08z_3kUtS5I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/1086CEC42ACA11EE88AEAE19C4F9AE02.roa
Signing time:             Wed 24 Jun 2026 17:19:45 +0000
ROA not before:           Wed 24 Jun 2026 17:19:45 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     137862
IP address blocks:        103.115.240.0/23 maxlen: 23
                          103.115.240.0/24 maxlen: 24
                          103.115.241.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/zGkjHByhW84A7o1F08z_3kUtS5I.crl
                          rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/zGkjHByhW84A7o1F08z_3kUtS5I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGkjHByhW84A7o1F08z_3kUtS5I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 09 Jul 2026 16:51:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5519 (0x158f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9144436, serialNumber=CC69231C1CA15BCE00EE8D45D3CCFFDE452D4B92
        Validity
            Not Before: Jun 24 17:19:45 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c11b0-b2df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:30:a2:2d:6d:e7:fb:81:ed:a7:29:05:a9:d3:
                    b1:cb:45:72:ed:ce:59:ab:fe:d0:14:6f:b1:bc:70:
                    d5:10:df:00:e4:46:bb:17:97:a0:52:68:86:2b:97:
                    37:c1:23:4c:0c:d9:04:0b:96:56:a2:87:85:ff:db:
                    44:b5:26:f6:c2:9d:2a:df:ac:b2:6f:4b:13:67:88:
                    ac:53:a4:9f:7b:b2:fd:fc:cd:fe:7e:ab:92:1a:18:
                    23:3a:a1:95:9b:a5:3b:ab:59:8e:19:cd:26:07:70:
                    d3:2d:ef:32:0b:75:d7:5c:51:19:68:24:bc:33:9a:
                    2b:e5:35:96:98:a7:54:23:20:68:43:e9:a4:2e:be:
                    5e:be:9e:42:0d:85:4f:fc:1e:ed:f0:a1:ab:90:d4:
                    b9:4a:5c:a5:b3:13:95:7b:87:8d:cd:f0:e4:94:e3:
                    d0:4f:73:93:46:03:3b:80:18:b7:03:b1:f3:73:93:
                    a6:47:23:4f:1d:c8:45:1f:64:66:bd:70:8b:54:48:
                    f9:3c:48:6b:3e:90:4f:d6:ff:9c:4c:7f:8f:bf:2a:
                    f2:98:d9:2f:90:67:1a:b3:26:c5:8f:41:89:23:37:
                    de:79:5a:f7:4d:4c:b7:a8:df:bf:5a:d0:4c:a6:78:
                    09:d6:b1:4d:7a:2c:d5:84:cb:31:46:b5:91:74:28:
                    36:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:19:52:76:DC:30:48:76:7A:06:65:CB:71:4E:75:41:DF:CE:91:F7
            X509v3 Authority Key Identifier:
                keyid:CC:69:23:1C:1C:A1:5B:CE:00:EE:8D:45:D3:CC:FF:DE:45:2D:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/zGkjHByhW84A7o1F08z_3kUtS5I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGkjHByhW84A7o1F08z_3kUtS5I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/1086CEC42ACA11EE88AEAE19C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c2:1d:9a:11:56:be:66:87:27:12:33:75:1b:5c:7f:c2:d3:db:
         24:6c:a0:8c:45:42:a9:ce:f4:b8:12:31:4b:9c:ce:cc:22:02:
         ad:ac:00:33:ec:d6:50:0a:0e:4e:7b:83:c8:d3:f1:f2:71:7e:
         18:6e:01:cf:04:41:25:9f:fb:6f:34:45:27:d5:af:bf:0c:a1:
         02:df:61:85:da:47:fe:ff:6c:5d:33:c0:04:66:1a:64:1e:22:
         b1:3f:3f:29:e7:7e:60:ca:75:33:b0:82:c4:6a:34:eb:a2:20:
         e8:66:05:76:af:e4:36:18:fc:d7:ec:46:7e:91:ee:7e:0c:ad:
         ae:72:1f:5e:3a:a0:c3:cb:e0:95:56:b5:9e:90:c7:1a:bc:d4:
         91:aa:e1:1c:9a:0e:ae:54:f2:fa:a6:0f:c8:e8:63:8d:74:f8:
         b7:a1:0c:b5:a9:b1:27:b8:94:61:b7:f5:23:6d:04:dd:6c:8b:
         e0:fa:94:0c:2e:26:a2:f6:53:cf:1c:b2:73:c3:ee:c9:c8:e8:
         09:61:89:9a:d5:85:f9:76:9e:ba:3e:2b:69:70:66:09:39:b7:
         65:f2:bb:21:b0:f8:fd:49:22:06:d1:2c:b8:fa:0a:b6:c0:da:
         2a:c0:76:be:48:03:45:a2:02:f0:2a:00:20:ce:7d:d7:a4:86:
         25:60:fd:31
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICFY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDQ0MzYxMTAvBgNVBAUTKENDNjkyMzFDMUNBMTVCQ0UwMEVFOEQ0NUQzQ0NGRkRF
NDUyRDRCOTIwHhcNMjYwNjI0MTcxOTQ1WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjMTFiMC1iMmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDCiLW3n+4HtpykFqdOxy0Vy7c5Zq/7QFG+xvHDVEN8A5Ea7F5egUmiGK5c3
wSNMDNkEC5ZWooeF/9tEtSb2wp0q36yyb0sTZ4isU6Sfe7L9/M3+fquSGhgjOqGV
m6U7q1mOGc0mB3DTLe8yC3XXXFEZaCS8M5or5TWWmKdUIyBoQ+mkLr5evp5CDYVP
/B7t8KGrkNS5SlylsxOVe4eNzfDklOPQT3OTRgM7gBi3A7Hzc5OmRyNPHchFH2Rm
vXCLVEj5PEhrPpBP1v+cTH+PvyrymNkvkGcasybFj0GJIzfeeVr3TUy3qN+/WtBM
pngJ1rFNeizVhMsxRrWRdCg26QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFLEZUnbc
MEh2egZly3FOdUHfzpH3MB8GA1UdIwQYMBaAFMxpIxwcoVvOAO6NRdPM/95FLUuS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDQzNi82NDA3RTA2NjY1
RTkxMUU4QjUyN0EzMjNDNEY5QUUwMi96R2tqSEJ5aFc4NEE3bzFGMDh6XzNrVXRT
NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pHa2pIQnloVzg0QTdvMUYwOHpfM2tVdFM1SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDQ0MzYvNjQwN0UwNjY2NUU5MTFFOEI1MjdBMzIzQzRGOUFFMDIvMTA4NkNFQzQy
QUNBMTFFRTg4QUVBRTE5QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ3PwMA0GCSqGSIb3DQEBCwUAA4IBAQDCHZoRVr5mhycSM3UbXH/C
09skbKCMRUKpzvS4EjFLnM7MIgKtrAAz7NZQCg5Oe4PI0/HycX4YbgHPBEEln/tv
NEUn1a+/DKEC32GF2kf+/2xdM8AEZhpkHiKxPz8p535gynUzsILEajTroiDoZgV2
r+Q2GPzX7EZ+ke5+DK2uch9eOqDDy+CVVrWekMcavNSRquEcmg6uVPL6pg/I6GON
dPi3oQy1qbEnuJRht/UjbQTdbIvg+pQMLiai9lPPHLJzw+7JyOgJYYma1YX5dp66
PitpcGYJObdl8rshsPj9SSIG0Sy4+gq2wNoqwHa+SANFogLwKgAgzn3XpIYlYP0x
-----END CERTIFICATE-----
Generated at Fri Jul 3 21:47:39 2026 by rpki-client