Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/9CCB30B0C5F411EB8A6F1525C4F9AE02.roa
File:                     9CCB30B0C5F411EB8A6F1525C4F9AE02.roa (raw, json)
Hash identifier:          cW+l4MFWkFOTgr9/rmkM5v97HkQ3Gw2hu+8fduGLVYE=
Subject key identifier:   6B:88:24:87:0D:5F:60:00:54:7B:4C:8E:02:65:E6:AF:53:34:C0:1D
Certificate issuer:       /CN=A9144EC5/serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628
Certificate serial:       0699
Authority key identifier: 58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/9CCB30B0C5F411EB8A6F1525C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 23:28:53 +0000
ROA not before:           Tue 30 Jun 2026 23:28:53 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     138346
IP address blocks:        103.166.252.0/24 maxlen: 24
                          103.166.253.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl
                          rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 22:57:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1689 (0x699)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9144EC5, serialNumber=5807E7151D5AC7B74BF22C99092BD2E92EA60628
        Validity
            Not Before: Jun 30 23:28:53 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=6a445135-cb10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6e:e7:82:69:b7:66:4b:98:6c:f0:06:24:98:
                    37:01:49:d3:a4:94:ab:82:2f:f5:8c:3a:f6:1f:9b:
                    1c:98:cb:3f:16:43:c5:34:2b:da:a9:eb:52:a8:94:
                    af:68:f2:91:81:c6:4d:b1:9f:d2:de:fa:a7:4c:6d:
                    c9:de:d3:3c:47:83:80:dc:87:67:63:94:33:a6:73:
                    54:c5:41:8a:98:cc:d9:44:61:f7:cf:7a:35:ce:4c:
                    1b:fb:b6:46:a7:03:c5:62:9a:21:e3:d1:8d:3b:ec:
                    4c:a9:ae:43:80:11:ee:d1:08:ee:a2:1a:fe:b3:a0:
                    97:13:62:f4:17:f1:43:dd:aa:70:40:4c:b3:18:1a:
                    59:8f:68:79:ee:75:5e:39:f9:01:7f:a6:fc:e4:f4:
                    70:60:a5:8d:46:53:cd:01:4c:5e:df:b0:51:61:de:
                    3a:ec:61:95:60:ae:9a:72:74:92:b0:db:8a:0d:5c:
                    b0:30:c4:7e:fd:2d:07:f1:2e:16:11:7d:6e:2b:7a:
                    4a:5e:e1:fa:65:de:8f:b6:41:4d:98:f3:83:36:6a:
                    6f:04:7a:23:1d:f8:79:79:38:9a:f5:9c:80:ba:05:
                    99:3c:d8:37:e2:69:9e:b9:19:ea:d4:45:33:aa:fc:
                    83:7f:72:a4:f3:68:b8:88:ee:86:95:38:b5:5d:88:
                    66:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:88:24:87:0D:5F:60:00:54:7B:4C:8E:02:65:E6:AF:53:34:C0:1D
            X509v3 Authority Key Identifier:
                keyid:58:07:E7:15:1D:5A:C7:B7:4B:F2:2C:99:09:2B:D2:E9:2E:A6:06:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/WAfnFR1ax7dL8iyZCSvS6S6mBig.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAfnFR1ax7dL8iyZCSvS6S6mBig.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144EC5/439E3C28C51111EB91640C87C4F9AE02/9CCB30B0C5F411EB8A6F1525C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:e9:f5:35:86:ce:19:86:f9:de:3d:bc:a0:3e:4e:86:bd:f4:
         b2:0a:f6:de:f1:67:47:07:e6:06:d9:1a:10:32:41:1e:43:65:
         b1:f0:09:d0:50:c1:88:8d:39:7a:d2:7f:0f:bc:50:80:3f:69:
         6a:76:fe:e3:24:fe:9e:06:85:37:87:b8:21:6e:d0:66:1c:2c:
         b8:61:a7:66:22:9a:b2:00:23:e5:ef:c4:9c:74:eb:3b:3f:aa:
         26:5e:9e:27:61:01:b9:31:d5:be:2e:16:ca:06:f3:2a:f4:10:
         7a:4d:4f:8d:4d:50:07:83:9d:c7:a4:35:f5:f1:cc:77:72:66:
         ce:e9:46:42:63:6f:aa:95:c0:a5:45:23:4d:1d:bf:3f:c3:a4:
         fa:cc:b9:0c:a6:58:b8:fc:40:e0:8d:a3:51:5a:b5:03:75:27:
         f3:34:3c:31:04:c6:c0:2a:8c:4d:28:bf:6c:fe:86:b4:cf:bc:
         57:82:92:4a:4b:1d:35:2e:33:3c:29:35:45:11:3e:0f:61:43:
         56:51:2f:c3:2f:9c:54:3f:51:ab:da:42:e0:79:fd:37:9f:44:
         49:31:bb:ab:fa:e1:e1:c7:52:86:4e:94:fa:cd:1c:0b:b9:60:
         4a:c4:ba:f8:3a:31:31:bd:89:b1:3e:b0:a0:f2:36:01:67:9c:
         12:f3:1f:7a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICBpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDRFQzUxMTAvBgNVBAUTKDU4MDdFNzE1MUQ1QUM3Qjc0QkYyMkM5OTA5MkJEMkU5
MkVBNjA2MjgwHhcNMjYwNjMwMjMyODUzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0NTEzNS1jYjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo27ngmm3ZkuYbPAGJJg3AUnTpJSrgi/1jDr2H5scmMs/FkPFNCvaqetSqJSv
aPKRgcZNsZ/S3vqnTG3J3tM8R4OA3IdnY5QzpnNUxUGKmMzZRGH3z3o1zkwb+7ZG
pwPFYpoh49GNO+xMqa5DgBHu0Qjuohr+s6CXE2L0F/FD3apwQEyzGBpZj2h57nVe
OfkBf6b85PRwYKWNRlPNAUxe37BRYd467GGVYK6acnSSsNuKDVywMMR+/S0H8S4W
EX1uK3pKXuH6Zd6PtkFNmPODNmpvBHojHfh5eTia9ZyAugWZPNg34mmeuRnq1EUz
qvyDf3Kk82i4iO6GlTi1XYhmOwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGuIJIcN
X2AAVHtMjgJl5q9TNMAdMB8GA1UdIwQYMBaAFFgH5xUdWse3S/IsmQkr0ukupgYo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEVDNS80MzlFM0MyOEM1
MTExMUVCOTE2NDBDODdDNEY5QUUwMi9XQWZuRlIxYXg3ZEw4aXlaQ1N2UzZTNm1C
aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBZm5GUjFheDdkTDhpeVpDU3ZTNlM2bUJpZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDRFQzUvNDM5RTNDMjhDNTExMTFFQjkxNjQwQzg3QzRGOUFFMDIvOUNDQjMwQjBD
NUY0MTFFQjhBNkYxNTI1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ6b8MA0GCSqGSIb3DQEBCwUAA4IBAQA/6fU1hs4ZhvnePbygPk6G
vfSyCvbe8WdHB+YG2RoQMkEeQ2Wx8AnQUMGIjTl60n8PvFCAP2lqdv7jJP6eBoU3
h7ghbtBmHCy4YadmIpqyACPl78ScdOs7P6omXp4nYQG5MdW+LhbKBvMq9BB6TU+N
TVAHg53HpDX18cx3cmbO6UZCY2+qlcClRSNNHb8/w6T6zLkMpli4/EDgjaNRWrUD
dSfzNDwxBMbAKoxNKL9s/oa0z7xXgpJKSx01LjM8KTVFET4PYUNWUS/DL5xUP1Gr
2kLgef03n0RJMbur+uHhx1KGTpT6zRwLuWBKxLr4OjExvYmxPrCg8jYBZ5wS8x96
-----END CERTIFICATE-----
Generated at Sat Jul 18 07:14:39 2026 by rpki-client