Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/59D3C5822AF711EE8EDEA185C4F9AE02.roa
File:                     59D3C5822AF711EE8EDEA185C4F9AE02.roa (raw, json)
Hash identifier:          0nNrNCZxO5NCWKsCOYrw7NVk3Cc7PuquXVWOm8fdGaU=
Subject key identifier:   21:D3:0E:40:AF:3F:A1:A7:36:FF:9E:AF:D5:5B:1B:91:31:AF:D0:D9
Certificate issuer:       /CN=A9144436/serialNumber=CC69231C1CA15BCE00EE8D45D3CCFFDE452D4B92
Certificate serial:       158E
Authority key identifier: CC:69:23:1C:1C:A1:5B:CE:00:EE:8D:45:D3:CC:FF:DE:45:2D:4B:92
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGkjHByhW84A7o1F08z_3kUtS5I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/59D3C5822AF711EE8EDEA185C4F9AE02.roa
Signing time:             Wed 24 Jun 2026 17:19:42 +0000
ROA not before:           Wed 24 Jun 2026 17:19:42 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     131464
IP address blocks:        103.115.242.0/23 maxlen: 23
                          103.115.242.0/24 maxlen: 24
                          103.115.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/zGkjHByhW84A7o1F08z_3kUtS5I.crl
                          rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/zGkjHByhW84A7o1F08z_3kUtS5I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGkjHByhW84A7o1F08z_3kUtS5I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 09 Jul 2026 16:51:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5518 (0x158e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9144436, serialNumber=CC69231C1CA15BCE00EE8D45D3CCFFDE452D4B92
        Validity
            Not Before: Jun 24 17:19:42 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c11ae-097a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:24:4a:8c:28:14:5a:58:2a:85:24:45:e6:f1:
                    6a:92:cd:cf:28:67:40:92:98:0a:8e:39:9f:9c:32:
                    54:0f:0d:34:9a:5c:29:e1:b9:b9:89:cd:31:3c:00:
                    b0:e2:da:b4:24:25:d2:f9:21:06:cd:37:61:1a:a2:
                    31:c1:76:64:98:70:c0:00:53:0e:e9:54:57:34:46:
                    e3:19:45:6f:af:97:32:b7:41:9b:1f:63:a1:20:15:
                    b6:f1:cc:4f:ae:2b:a3:a7:3a:b7:f7:e5:77:49:07:
                    c3:73:0a:2b:88:f4:6c:c5:c5:fd:59:2c:ff:65:a7:
                    f5:7a:99:9c:5e:30:7e:9c:cc:2f:47:4d:ea:c4:fb:
                    ee:eb:60:19:72:b0:5e:3c:01:47:fe:66:34:17:04:
                    19:99:1a:05:18:16:b8:86:c1:ee:6b:eb:13:d9:44:
                    5a:c8:cc:46:39:21:13:28:8e:8d:3e:af:8d:d9:63:
                    d7:a2:65:40:f6:cc:72:ca:d1:fc:f4:8e:1a:fb:3e:
                    4b:dc:49:41:1b:3a:74:91:2c:43:5e:8a:dd:64:27:
                    16:5f:67:21:8a:5a:90:d8:1b:47:fe:bf:fd:4c:77:
                    e7:df:8a:7b:71:68:1e:4e:d9:91:15:54:d7:22:3e:
                    48:62:3d:e6:63:0a:b0:7a:08:cc:ba:8c:0a:6a:c6:
                    43:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D3:0E:40:AF:3F:A1:A7:36:FF:9E:AF:D5:5B:1B:91:31:AF:D0:D9
            X509v3 Authority Key Identifier:
                keyid:CC:69:23:1C:1C:A1:5B:CE:00:EE:8D:45:D3:CC:FF:DE:45:2D:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/zGkjHByhW84A7o1F08z_3kUtS5I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zGkjHByhW84A7o1F08z_3kUtS5I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144436/6407E06665E911E8B527A323C4F9AE02/59D3C5822AF711EE8EDEA185C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:fa:b8:22:3b:29:13:2d:b6:7f:3c:43:1b:75:18:ff:8a:26:
         6c:ad:b4:f5:d6:64:d6:be:b2:14:af:a5:c8:92:ff:07:7a:da:
         74:26:6b:8b:1e:ce:72:09:2d:d0:87:27:1d:d6:3a:f5:b3:0e:
         1a:d6:ee:03:5f:b2:3b:84:df:54:b1:b9:e0:02:d8:2e:9d:70:
         94:b9:b0:8d:5d:70:62:2a:a8:1d:b8:07:4e:40:17:42:0e:5c:
         b8:4f:bc:48:4b:54:a8:71:99:ed:2a:95:9c:a7:3d:4f:54:df:
         c4:b4:39:77:c4:85:58:36:fa:5e:be:05:77:92:5d:5c:bb:fb:
         5b:11:00:4d:8f:20:c2:7e:2a:65:f8:96:cd:91:a7:3a:5f:47:
         4d:1d:8a:6f:05:55:35:28:1a:ed:83:a2:eb:12:c4:67:ff:ee:
         fd:84:a9:52:c0:bd:50:09:fc:08:71:eb:95:97:0e:6b:ab:ef:
         24:e2:06:1c:f4:db:36:76:f4:f3:61:60:6d:b6:93:78:53:d4:
         dc:9e:89:f1:e7:42:f0:59:e2:3b:4e:fe:72:db:2e:ad:f5:7a:
         f8:f8:eb:54:6f:aa:a5:ee:4f:c0:f0:79:ca:20:12:73:c5:23:
         27:03:5d:1f:98:ef:3a:e0:c9:db:25:85:54:dc:7b:28:7b:11:
         69:c3:69:f1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICFY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDQ0MzYxMTAvBgNVBAUTKENDNjkyMzFDMUNBMTVCQ0UwMEVFOEQ0NUQzQ0NGRkRF
NDUyRDRCOTIwHhcNMjYwNjI0MTcxOTQyWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjMTFhZS0wOTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApiRKjCgUWlgqhSRF5vFqks3PKGdAkpgKjjmfnDJUDw00mlwp4bm5ic0xPACw
4tq0JCXS+SEGzTdhGqIxwXZkmHDAAFMO6VRXNEbjGUVvr5cyt0GbH2OhIBW28cxP
riujpzq39+V3SQfDcworiPRsxcX9WSz/Zaf1epmcXjB+nMwvR03qxPvu62AZcrBe
PAFH/mY0FwQZmRoFGBa4hsHua+sT2URayMxGOSETKI6NPq+N2WPXomVA9sxyytH8
9I4a+z5L3ElBGzp0kSxDXordZCcWX2chilqQ2BtH/r/9THfn34p7cWgeTtmRFVTX
Ij5IYj3mYwqwegjMuowKasZDZwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFCHTDkCv
P6GnNv+er9VbG5Exr9DZMB8GA1UdIwQYMBaAFMxpIxwcoVvOAO6NRdPM/95FLUuS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDQzNi82NDA3RTA2NjY1
RTkxMUU4QjUyN0EzMjNDNEY5QUUwMi96R2tqSEJ5aFc4NEE3bzFGMDh6XzNrVXRT
NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pHa2pIQnloVzg0QTdvMUYwOHpfM2tVdFM1SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDQ0MzYvNjQwN0UwNjY2NUU5MTFFOEI1MjdBMzIzQzRGOUFFMDIvNTlEM0M1ODIy
QUY3MTFFRThFREVBMTg1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ3PyMA0GCSqGSIb3DQEBCwUAA4IBAQCQ+rgiOykTLbZ/PEMbdRj/
iiZsrbT11mTWvrIUr6XIkv8Hetp0JmuLHs5yCS3Qhycd1jr1sw4a1u4DX7I7hN9U
sbngAtgunXCUubCNXXBiKqgduAdOQBdCDly4T7xIS1SocZntKpWcpz1PVN/EtDl3
xIVYNvpevgV3kl1cu/tbEQBNjyDCfipl+JbNkac6X0dNHYpvBVU1KBrtg6LrEsRn
/+79hKlSwL1QCfwIceuVlw5rq+8k4gYc9Ns2dvTzYWBttpN4U9Tcnonx50LwWeI7
Tv5y2y6t9Xr4+OtUb6ql7k/A8HnKIBJzxSMnA10fmO864MnbJYVU3HsoexFpw2nx
-----END CERTIFICATE-----
Generated at Fri Jul 3 21:47:57 2026 by rpki-client