Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914D271/2814F0DE11B111EE9047BF18C4F9AE02/5EAB725014A211EEA889E832C4F9AE02.roa
File:                     5EAB725014A211EEA889E832C4F9AE02.roa (raw, json)
Hash identifier:          P4LCaX2qP/BKspd2PRKRAgneO72VBMSnJqp0JvaJ48M=
Subject key identifier:   5E:0E:C6:2B:B7:98:8B:3A:20:E0:12:9A:F9:BE:74:96:39:66:95:65
Certificate issuer:       /CN=A914D271/serialNumber=4CEEEE6D3663C13FD82E931DAC69F17046FC99B3
Certificate serial:       0242
Authority key identifier: 4C:EE:EE:6D:36:63:C1:3F:D8:2E:93:1D:AC:69:F1:70:46:FC:99:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TO7ubTZjwT_YLpMdrGnxcEb8mbM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914D271/2814F0DE11B111EE9047BF18C4F9AE02/5EAB725014A211EEA889E832C4F9AE02.roa
Signing time:             Fri 03 Jul 2026 03:30:15 +0000
ROA not before:           Fri 03 Jul 2026 03:30:15 +0000
ROA not after:            Sun 01 Nov 2026 00:00:00 +0000
asID:                     150812
IP address blocks:        103.65.242.0/24 maxlen: 24
                          103.65.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914D271/2814F0DE11B111EE9047BF18C4F9AE02/TO7ubTZjwT_YLpMdrGnxcEb8mbM.crl
                          rsync://rpki.apnic.net/member_repository/A914D271/2814F0DE11B111EE9047BF18C4F9AE02/TO7ubTZjwT_YLpMdrGnxcEb8mbM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TO7ubTZjwT_YLpMdrGnxcEb8mbM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 03:05:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 578 (0x242)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914D271, serialNumber=4CEEEE6D3663C13FD82E931DAC69F17046FC99B3
        Validity
            Not Before: Jul  3 03:30:15 2026 GMT
            Not After : Nov  1 00:00:00 2026 GMT
        Subject: CN=6a472cc7-1be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f1:c6:e8:b0:1c:96:ef:b7:7b:12:8a:fe:73:
                    59:8b:00:24:c1:58:cf:1a:5e:c5:e8:4c:97:71:46:
                    e5:97:45:8d:2f:4b:5c:7e:69:d8:9f:d9:32:d9:57:
                    73:bc:77:7d:6d:b3:07:7e:c2:93:de:e5:10:d0:1f:
                    54:89:a7:86:f1:33:d8:d3:d1:4b:93:c2:3d:35:ee:
                    cb:fc:d0:1d:5c:cb:f1:69:8f:8b:37:70:09:c4:d5:
                    61:70:23:b7:5e:53:20:f5:e2:91:19:c2:fc:84:88:
                    32:84:df:f3:f1:26:66:5d:2e:f8:c4:e9:59:a7:ab:
                    1d:34:87:6e:81:f8:a3:17:44:d8:8a:e3:da:fb:eb:
                    50:b0:37:28:cf:c6:c6:f1:56:f6:5b:8d:6b:47:1b:
                    10:7c:9b:a1:2a:3f:05:17:ed:15:86:cf:13:63:22:
                    af:71:86:17:09:0c:a5:ec:fd:0f:21:f0:e4:2c:bc:
                    68:96:1d:0d:bf:89:0d:3a:a3:97:b0:1b:eb:dd:b1:
                    b1:b4:b3:ae:b3:86:68:93:b3:fc:ec:65:f8:65:d1:
                    75:c8:43:37:23:dd:98:15:59:d8:15:95:57:34:ae:
                    e1:cb:21:70:fd:a6:7d:d8:0f:ea:0c:54:6f:cd:d3:
                    7d:63:8c:47:0a:92:5b:99:3d:06:b4:6d:7b:b0:c3:
                    f1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:0E:C6:2B:B7:98:8B:3A:20:E0:12:9A:F9:BE:74:96:39:66:95:65
            X509v3 Authority Key Identifier:
                keyid:4C:EE:EE:6D:36:63:C1:3F:D8:2E:93:1D:AC:69:F1:70:46:FC:99:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914D271/2814F0DE11B111EE9047BF18C4F9AE02/TO7ubTZjwT_YLpMdrGnxcEb8mbM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TO7ubTZjwT_YLpMdrGnxcEb8mbM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D271/2814F0DE11B111EE9047BF18C4F9AE02/5EAB725014A211EEA889E832C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.65.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:86:0c:48:b2:62:29:a7:96:0b:3d:eb:55:c2:00:e8:5f:de:
         05:d3:22:52:51:4e:f7:4f:3b:12:71:c5:10:4d:df:75:ed:5a:
         72:d9:5c:28:3b:3b:47:c1:a9:01:bc:c3:2a:02:4f:08:60:a9:
         b5:a0:d3:a8:57:a0:8b:c9:e9:9a:7d:49:8b:0a:3f:48:4d:20:
         76:3a:a2:e1:dc:ce:7e:12:25:79:68:17:f2:59:b5:ab:b2:5d:
         7f:7b:7f:bd:0b:6d:d9:22:7d:20:e4:53:65:1d:60:58:e2:21:
         16:d0:cf:a0:e6:80:b3:94:75:4a:60:4e:a9:9c:d2:7c:11:ed:
         45:40:78:8c:b3:62:e2:ab:ec:0d:0a:3d:05:9d:6d:0f:6b:e2:
         28:7a:a0:2c:23:f1:01:36:f8:80:76:5a:f5:41:c7:1e:7f:36:
         94:37:12:a3:12:5d:e7:d5:91:2e:6e:60:08:6c:f6:dd:d3:52:
         ac:ff:2f:39:39:d5:83:e1:f7:cb:c8:8c:36:ab:c8:00:3a:c6:
         45:24:bb:ee:9e:b2:58:f3:7c:d1:23:48:a3:cc:22:b2:e2:fb:
         e3:f1:68:73:3f:52:0c:bc:a3:bd:0b:10:d3:e9:65:71:f5:04:
         bc:29:5e:bc:22:5d:39:15:c3:1b:f4:ae:4f:06:36:f2:2c:50:
         37:e2:fc:cf
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEQyNzExMTAvBgNVBAUTKDRDRUVFRTZEMzY2M0MxM0ZEODJFOTMxREFDNjlGMTcw
NDZGQzk5QjMwHhcNMjYwNzAzMDMzMDE1WhcNMjYxMTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3MmNjNy0xYmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsvHG6LAclu+3exKK/nNZiwAkwVjPGl7F6EyXcUbll0WNL0tcfmnYn9ky2Vdz
vHd9bbMHfsKT3uUQ0B9UiaeG8TPY09FLk8I9Ne7L/NAdXMvxaY+LN3AJxNVhcCO3
XlMg9eKRGcL8hIgyhN/z8SZmXS74xOlZp6sdNIdugfijF0TYiuPa++tQsDcoz8bG
8Vb2W41rRxsQfJuhKj8FF+0Vhs8TYyKvcYYXCQyl7P0PIfDkLLxolh0Nv4kNOqOX
sBvr3bGxtLOus4Zok7P87GX4ZdF1yEM3I92YFVnYFZVXNK7hyyFw/aZ92A/qDFRv
zdN9Y4xHCpJbmT0GtG17sMPxlQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFF4Oxiu3
mIs6IOASmvm+dJY5ZpVlMB8GA1UdIwQYMBaAFEzu7m02Y8E/2C6THaxp8XBG/Jmz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDI3MS8yODE0RjBERTEx
QjExMUVFOTA0N0JGMThDNEY5QUUwMi9UTzd1YlRaandUX1lMcE1kckdueGNFYjht
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RPN3ViVFpqd1RfWUxwTWRyR254Y0ViOG1iTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEQyNzEvMjgxNEYwREUxMUIxMTFFRTkwNDdCRjE4QzRGOUFFMDIvNUVBQjcyNTAx
NEEyMTFFRUE4ODlFODMyQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ0HyMA0GCSqGSIb3DQEBCwUAA4IBAQCjhgxIsmIpp5YLPetVwgDo
X94F0yJSUU73TzsSccUQTd917Vpy2VwoOztHwakBvMMqAk8IYKm1oNOoV6CLyema
fUmLCj9ITSB2OqLh3M5+EiV5aBfyWbWrsl1/e3+9C23ZIn0g5FNlHWBY4iEW0M+g
5oCzlHVKYE6pnNJ8Ee1FQHiMs2Liq+wNCj0FnW0Pa+IoeqAsI/EBNviAdlr1Qcce
fzaUNxKjEl3n1ZEubmAIbPbd01Ks/y85OdWD4ffLyIw2q8gAOsZFJLvunrJY83zR
I0ijzCKy4vvj8WhzP1IMvKO9CxDT6WVx9QS8KV68Il05FcMb9K5PBjbyLFA34vzP
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:43:11 2026 by rpki-client