Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/4149D206DC4711EA80D5D916C4F9AE02.roa
File:                     4149D206DC4711EA80D5D916C4F9AE02.roa (raw, json)
Hash identifier:          c4VC0uZLIwEYMCTYEDFpqIYkNUoeZb1I54lM3XwQmNk=
Subject key identifier:   B3:E1:9D:5E:64:DE:B8:00:DD:40:F4:C7:E8:2C:D0:59:B9:85:09:1E
Certificate issuer:       /CN=A9152462/serialNumber=FD4D8C639ADC15847C7B4911159DE71BD81393AE
Certificate serial:       08D3
Authority key identifier: FD:4D:8C:63:9A:DC:15:84:7C:7B:49:11:15:9D:E7:1B:D8:13:93:AE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U2MY5rcFYR8e0kRFZ3nG9gTk64.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/4149D206DC4711EA80D5D916C4F9AE02.roa
Signing time:             Thu 28 May 2026 20:25:13 +0000
ROA not before:           Thu 28 May 2026 20:25:13 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     134147
IP address blocks:        103.55.162.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.crl
                          rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U2MY5rcFYR8e0kRFZ3nG9gTk64.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 20:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2259 (0x8d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9152462, serialNumber=FD4D8C639ADC15847C7B4911159DE71BD81393AE
        Validity
            Not Before: May 28 20:25:13 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=6a18a4a9-d9aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:62:4d:4f:a3:6f:b5:db:49:3d:27:19:41:fe:
                    7c:eb:f8:7d:97:27:25:00:21:29:21:e4:62:63:bc:
                    34:4d:c4:59:8c:4b:98:e4:c8:70:d5:2a:c2:93:29:
                    5d:11:d6:d3:80:5e:f5:8f:a6:36:cd:e2:1b:3c:30:
                    a3:c9:c5:77:0c:17:f9:3f:bc:21:7b:07:b2:b0:5a:
                    8d:5d:1f:12:9f:7e:32:ff:27:e1:66:ca:9d:cb:8e:
                    1d:d7:8c:e4:19:bd:9a:98:62:bd:43:ad:6c:92:85:
                    39:14:77:ae:63:08:e4:d9:5e:90:a2:62:e7:26:da:
                    27:7a:6c:68:50:2f:f7:41:16:4c:9d:38:69:8b:1e:
                    51:ec:d4:00:24:2c:86:78:e9:ed:d8:71:e9:f2:ea:
                    3b:da:69:28:aa:44:7b:97:f6:dd:b4:46:3e:c2:81:
                    42:9c:37:6d:d9:fa:a4:75:b6:20:84:20:e3:46:c3:
                    f5:52:55:80:08:40:d7:bd:98:9f:34:16:c9:6e:04:
                    7f:ce:eb:d3:d5:a9:a8:d8:40:58:8b:aa:de:8d:1c:
                    0f:ed:ce:b0:79:99:f8:05:2d:2c:20:d2:00:26:12:
                    1f:47:f0:b0:9f:62:9b:c9:9f:8d:04:14:48:8e:00:
                    dc:f0:e8:e3:cf:0e:b5:ec:d4:4d:d7:1c:cc:24:33:
                    65:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:E1:9D:5E:64:DE:B8:00:DD:40:F4:C7:E8:2C:D0:59:B9:85:09:1E
            X509v3 Authority Key Identifier:
                keyid:FD:4D:8C:63:9A:DC:15:84:7C:7B:49:11:15:9D:E7:1B:D8:13:93:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/_U2MY5rcFYR8e0kRFZ3nG9gTk64.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U2MY5rcFYR8e0kRFZ3nG9gTk64.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152462/32C757E6DC4511EA86A73713C4F9AE02/4149D206DC4711EA80D5D916C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.55.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9e:cf:3d:c7:77:26:4d:20:53:a4:44:46:5e:3d:3a:5a:8d:43:
         90:89:6d:37:23:d3:a9:e5:db:38:76:a2:76:d0:c7:ba:c8:48:
         99:56:78:49:f6:b7:71:c2:c5:df:f9:5a:f0:52:0d:ff:c4:43:
         33:24:a1:a0:5f:d9:74:a6:85:36:f0:83:df:cb:bc:2b:0f:fc:
         e9:b4:79:79:60:4c:d7:39:57:2e:da:ab:1b:94:11:c7:02:62:
         2c:26:cd:3f:61:c3:cf:02:49:35:bf:83:fa:df:fb:71:5f:b2:
         8d:04:af:6a:67:73:96:e7:fa:76:92:22:32:39:db:19:26:93:
         a3:0d:f8:ff:b0:fc:ba:9d:7f:56:4d:7d:e8:df:47:b7:1a:05:
         fe:c6:4e:db:25:dc:4d:92:10:70:93:f1:bb:0e:7e:0f:95:e0:
         b1:07:c6:a8:a7:1b:13:67:82:70:9e:36:9c:ce:6b:79:5c:0d:
         68:ec:22:b6:b4:a6:42:91:ed:25:ed:a1:23:d7:7a:af:d6:4a:
         7f:25:85:1a:bb:ee:5d:b1:87:e4:eb:f5:a9:83:bc:b6:dd:c0:
         a8:5e:e3:c0:30:8b:12:be:03:d4:2d:c7:73:41:db:e8:44:07:
         45:5a:2c:00:d4:80:77:de:e2:e9:25:c3:05:5c:d0:d2:10:77:
         55:e2:a1:f3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICCNMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTI0NjIxMTAvBgNVBAUTKEZENEQ4QzYzOUFEQzE1ODQ3QzdCNDkxMTE1OURFNzFC
RDgxMzkzQUUwHhcNMjYwNTI4MjAyNTEzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTE4YTRhOS1kOWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArWJNT6NvtdtJPScZQf586/h9lyclACEpIeRiY7w0TcRZjEuY5Mhw1SrCkyld
EdbTgF71j6Y2zeIbPDCjycV3DBf5P7wheweysFqNXR8Sn34y/yfhZsqdy44d14zk
Gb2amGK9Q61skoU5FHeuYwjk2V6QomLnJtonemxoUC/3QRZMnThpix5R7NQAJCyG
eOnt2HHp8uo72mkoqkR7l/bdtEY+woFCnDdt2fqkdbYghCDjRsP1UlWACEDXvZif
NBbJbgR/zuvT1amo2EBYi6rejRwP7c6weZn4BS0sINIAJhIfR/Cwn2KbyZ+NBBRI
jgDc8Ojjzw617NRN1xzMJDNljwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFLPhnV5k
3rgA3UD0x+gs0Fm5hQkeMB8GA1UdIwQYMBaAFP1NjGOa3BWEfHtJERWd5xvYE5Ou
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjQ2Mi8zMkM3NTdFNkRD
NDUxMUVBODZBNzM3MTNDNEY5QUUwMi9fVTJNWTVyY0ZZUjhlMGtSRlozbkc5Z1Rr
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19VMk1ZNXJjRllSOGUwa1JGWjNuRzlnVGs2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTI0NjIvMzJDNzU3RTZEQzQ1MTFFQTg2QTczNzEzQzRGOUFFMDIvNDE0OUQyMDZE
QzQ3MTFFQTgwRDVEOTE2QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZzeiMA0GCSqGSIb3DQEBCwUAA4IBAQCezz3HdyZNIFOkREZePTpa
jUOQiW03I9Op5ds4dqJ20Me6yEiZVnhJ9rdxwsXf+VrwUg3/xEMzJKGgX9l0poU2
8IPfy7wrD/zptHl5YEzXOVcu2qsblBHHAmIsJs0/YcPPAkk1v4P63/txX7KNBK9q
Z3OW5/p2kiIyOdsZJpOjDfj/sPy6nX9WTX3o30e3GgX+xk7bJdxNkhBwk/G7Dn4P
leCxB8aopxsTZ4Jwnjaczmt5XA1o7CK2tKZCke0l7aEj13qv1kp/JYUau+5dsYfk
6/Wpg7y23cCoXuPAMIsSvgPULcdzQdvoRAdFWiwA1IB33uLpJcMFXNDSEHdV4qHz
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:40:29 2026 by rpki-client