Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9154973/A65BC626606A11EF898EDB1FC4F9AE02/FD557922606A11EF8B9F6820C4F9AE02.roa
File:                     FD557922606A11EF8B9F6820C4F9AE02.roa (raw, json)
Hash identifier:          XYcxvXsIZf8Fuuj3PCiap/sXv4cR9z5b00T5aM5YJhY=
Subject key identifier:   A7:60:34:CE:9F:CC:8E:4E:5E:D9:88:CD:03:71:1B:A3:15:DD:2A:13
Certificate issuer:       /CN=A9154973/serialNumber=D600350737EA424B401B2481053D2BC2916CBAD1
Certificate serial:       0170
Authority key identifier: D6:00:35:07:37:EA:42:4B:40:1B:24:81:05:3D:2B:C2:91:6C:BA:D1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1gA1BzfqQktAGySBBT0rwpFsutE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9154973/A65BC626606A11EF898EDB1FC4F9AE02/FD557922606A11EF8B9F6820C4F9AE02.roa
Signing time:             Tue 07 Jul 2026 06:31:49 +0000
ROA not before:           Tue 07 Jul 2026 06:31:49 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     56229
IP address blocks:        103.224.19.0/24 maxlen: 24
                          203.18.197.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9154973/A65BC626606A11EF898EDB1FC4F9AE02/1gA1BzfqQktAGySBBT0rwpFsutE.crl
                          rsync://rpki.apnic.net/member_repository/A9154973/A65BC626606A11EF898EDB1FC4F9AE02/1gA1BzfqQktAGySBBT0rwpFsutE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1gA1BzfqQktAGySBBT0rwpFsutE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 05:59:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 368 (0x170)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9154973, serialNumber=D600350737EA424B401B2481053D2BC2916CBAD1
        Validity
            Not Before: Jul  7 06:31:49 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4c9d55-abf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c6:b3:75:e1:3a:a8:9e:44:56:b1:4e:bc:d2:
                    95:c4:71:b3:21:ca:16:88:54:70:6a:01:68:b3:33:
                    69:ca:fb:90:e8:74:cb:e3:6a:27:45:82:1c:b1:37:
                    8d:b7:dc:43:08:d1:d9:21:9a:6f:33:a0:9c:b4:5e:
                    c1:d3:f5:1d:1d:05:45:7b:42:84:14:e7:ca:05:2a:
                    4a:be:a7:1e:3b:4b:89:6d:55:f5:e5:76:ac:f6:89:
                    77:26:48:7a:0e:c3:52:38:46:3d:49:d2:f6:82:86:
                    1c:3f:63:f3:86:53:b1:14:43:59:b8:83:79:03:6a:
                    84:a5:2e:a1:73:64:96:2a:51:1e:69:04:19:b1:48:
                    fd:87:57:b3:a9:ac:fd:e5:83:44:7b:42:93:2c:8c:
                    ab:74:ec:19:c2:47:82:74:4b:5a:90:75:1a:09:e6:
                    7d:04:36:da:68:f8:d5:3d:31:ff:b5:d1:54:dd:76:
                    d6:a2:15:c9:10:54:d1:25:60:12:94:24:27:bb:8d:
                    3a:5a:3a:58:b7:9b:71:b8:6a:bd:bc:f3:a8:5d:b5:
                    6c:89:9d:3e:28:5d:fa:55:38:a9:f5:7f:1f:d4:27:
                    10:08:ca:d9:85:4f:98:c5:70:69:74:64:35:78:fb:
                    2f:ff:b4:30:a0:93:f9:6c:c5:6b:09:28:bf:a6:ed:
                    b3:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:60:34:CE:9F:CC:8E:4E:5E:D9:88:CD:03:71:1B:A3:15:DD:2A:13
            X509v3 Authority Key Identifier:
                keyid:D6:00:35:07:37:EA:42:4B:40:1B:24:81:05:3D:2B:C2:91:6C:BA:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9154973/A65BC626606A11EF898EDB1FC4F9AE02/1gA1BzfqQktAGySBBT0rwpFsutE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1gA1BzfqQktAGySBBT0rwpFsutE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154973/A65BC626606A11EF898EDB1FC4F9AE02/FD557922606A11EF8B9F6820C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.224.19.0/24
                  203.18.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:f6:b2:7c:90:98:9e:6b:82:e8:b1:bc:25:ca:48:f7:50:0e:
         04:89:af:c1:49:7d:45:cb:6e:27:0d:dd:25:25:54:26:fc:4e:
         95:0a:c9:51:00:c5:71:1a:80:cc:60:18:b0:70:e1:a5:84:82:
         24:7d:80:c7:11:20:a0:ac:d7:e5:b9:04:1e:1e:26:56:cc:3d:
         12:d3:a6:83:8b:16:c5:a0:e9:c0:68:fc:89:38:be:26:4f:61:
         42:d1:71:ac:ea:17:c0:2e:f3:0c:cd:00:a1:22:9b:5f:c2:53:
         73:14:96:ce:be:9d:2d:91:bd:4b:a2:a3:b5:f7:24:e2:e1:05:
         93:c9:32:f8:88:fd:48:65:d5:e1:8a:16:5f:5c:f7:78:7f:f6:
         90:e4:68:f7:16:11:10:3a:b2:3e:f8:ca:78:ab:ec:6e:65:71:
         9c:db:be:91:15:1e:9f:40:57:95:e7:dc:85:5d:02:59:9c:01:
         3f:75:e3:5e:80:67:41:35:52:a0:40:16:60:7e:fb:b0:94:07:
         5b:cb:e2:2d:eb:d9:90:c4:d9:fa:c5:fd:eb:2f:4d:db:a2:86:
         4d:d4:55:fd:57:bd:b0:0a:fd:ba:3b:a9:71:32:b8:e5:db:88:
         28:30:48:d2:07:6f:74:68:42:86:de:eb:69:ad:e4:04:41:8e:
         7c:6f:7d:0e
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICAXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ5NzMxMTAvBgNVBAUTKEQ2MDAzNTA3MzdFQTQyNEI0MDFCMjQ4MTA1M0QyQkMy
OTE2Q0JBRDEwHhcNMjYwNzA3MDYzMTQ5WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjOWQ1NS1hYmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlcazdeE6qJ5EVrFOvNKVxHGzIcoWiFRwagFoszNpyvuQ6HTL42onRYIcsTeN
t9xDCNHZIZpvM6CctF7B0/UdHQVFe0KEFOfKBSpKvqceO0uJbVX15Xas9ol3Jkh6
DsNSOEY9SdL2goYcP2PzhlOxFENZuIN5A2qEpS6hc2SWKlEeaQQZsUj9h1ezqaz9
5YNEe0KTLIyrdOwZwkeCdEtakHUaCeZ9BDbaaPjVPTH/tdFU3XbWohXJEFTRJWAS
lCQnu406WjpYt5txuGq9vPOoXbVsiZ0+KF36VTip9X8f1CcQCMrZhU+YxXBpdGQ1
ePsv/7QwoJP5bMVrCSi/pu2zMwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFKdgNM6f
zI5OXtmIzQNxG6MV3SoTMB8GA1UdIwQYMBaAFNYANQc36kJLQBskgQU9K8KRbLrR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDk3My9BNjVCQzYyNjYw
NkExMUVGODk4RURCMUZDNEY5QUUwMi8xZ0ExQnpmcVFrdEFHeVNCQlQwcndwRnN1
dEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFnQTFCemZxUWt0QUd5U0JCVDByd3BGc3V0RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ5NzMvQTY1QkM2MjY2MDZBMTFFRjg5OEVEQjFGQzRGOUFFMDIvRkQ1NTc5MjI2
MDZBMTFFRjhCOUY2ODIwQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAZ+ATAwQAyxLFMA0GCSqGSIb3DQEBCwUAA4IBAQBJ9rJ8kJiea4Lo
sbwlykj3UA4Eia/BSX1Fy24nDd0lJVQm/E6VCslRAMVxGoDMYBiwcOGlhIIkfYDH
ESCgrNfluQQeHiZWzD0S06aDixbFoOnAaPyJOL4mT2FC0XGs6hfALvMMzQChIptf
wlNzFJbOvp0tkb1LoqO19yTi4QWTyTL4iP1IZdXhihZfXPd4f/aQ5Gj3FhEQOrI+
+Mp4q+xuZXGc276RFR6fQFeV59yFXQJZnAE/deNegGdBNVKgQBZgfvuwlAdby+It
69mQxNn6xf3rL03booZN1FX9V72wCv26O6lxMrjl24goMEjSB290aEKG3utpreQE
QY58b30O
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:24:10 2026 by rpki-client