Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915664E/B46A9C1EB13D11EAB12D121CC4F9AE02/442D6434B14411EAB852C134C4F9AE02.roa
File:                     442D6434B14411EAB852C134C4F9AE02.roa (raw, json)
Hash identifier:          TvEhAV2QCoIeXvQJ2617nW2DTbRWH0ubI6BgOQc1JDA=
Subject key identifier:   F0:2E:7D:AD:11:53:72:E8:77:8F:93:79:39:15:B6:25:94:15:6A:90
Certificate issuer:       /CN=A915664E/serialNumber=396A5D9E67A6790CA97FB931304B44E7B0A821CF
Certificate serial:       09AE
Authority key identifier: 39:6A:5D:9E:67:A6:79:0C:A9:7F:B9:31:30:4B:44:E7:B0:A8:21:CF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OWpdnmemeQypf7kxMEtE57CoIc8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915664E/B46A9C1EB13D11EAB12D121CC4F9AE02/442D6434B14411EAB852C134C4F9AE02.roa
Signing time:             Wed 24 Jun 2026 20:24:43 +0000
ROA not before:           Wed 24 Jun 2026 20:24:43 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     139054
IP address blocks:        103.151.180.0/23 maxlen: 23
                          2001:df3:f980::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915664E/B46A9C1EB13D11EAB12D121CC4F9AE02/OWpdnmemeQypf7kxMEtE57CoIc8.crl
                          rsync://rpki.apnic.net/member_repository/A915664E/B46A9C1EB13D11EAB12D121CC4F9AE02/OWpdnmemeQypf7kxMEtE57CoIc8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OWpdnmemeQypf7kxMEtE57CoIc8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 20:07:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2478 (0x9ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915664E, serialNumber=396A5D9E67A6790CA97FB931304B44E7B0A821CF
        Validity
            Not Before: Jun 24 20:24:43 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c3d0b-b0ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a7:9a:74:e9:0c:1f:1e:ce:bb:17:66:8f:6b:
                    67:83:fd:f1:43:83:4c:2c:c0:55:8e:0c:6a:89:fa:
                    06:89:7b:48:68:5a:a5:ac:66:3e:fc:c5:18:94:df:
                    b9:f9:a6:9c:41:89:9d:72:d8:97:fa:02:d8:be:54:
                    3d:65:24:b8:0e:b0:d5:50:2e:a7:cc:04:af:50:87:
                    b1:de:48:f3:9d:2a:0d:7c:2a:0b:c5:b2:bf:71:ad:
                    48:ff:d7:6f:cd:80:7f:37:03:14:65:22:99:c0:a3:
                    ac:aa:08:7a:fa:19:6c:23:b3:ef:e0:5f:60:7b:fe:
                    3a:35:08:f3:e6:90:9d:f8:ae:bb:9b:a6:3c:e6:eb:
                    2f:6d:83:b6:df:b6:4f:d6:8f:91:1e:c2:ed:a1:15:
                    92:28:8b:93:03:6a:e6:a4:1a:5c:2f:4c:06:fc:18:
                    6a:a9:2c:fa:e8:48:53:9a:cb:95:c6:fe:d0:6f:d0:
                    dc:b3:47:34:7f:5e:81:66:33:95:8d:81:83:0c:69:
                    6d:9f:43:fa:9a:28:30:e1:31:05:73:66:e1:0f:b4:
                    32:d1:62:45:fe:ca:fa:d3:5c:0c:1e:31:05:dc:f7:
                    17:22:f5:23:26:29:ec:7e:58:09:a8:58:29:1d:bb:
                    d6:f4:1a:07:5f:b9:d4:13:76:c4:d2:32:a4:82:f8:
                    ae:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:2E:7D:AD:11:53:72:E8:77:8F:93:79:39:15:B6:25:94:15:6A:90
            X509v3 Authority Key Identifier:
                keyid:39:6A:5D:9E:67:A6:79:0C:A9:7F:B9:31:30:4B:44:E7:B0:A8:21:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915664E/B46A9C1EB13D11EAB12D121CC4F9AE02/OWpdnmemeQypf7kxMEtE57CoIc8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OWpdnmemeQypf7kxMEtE57CoIc8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915664E/B46A9C1EB13D11EAB12D121CC4F9AE02/442D6434B14411EAB852C134C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.180.0/23
                IPv6:
                  2001:df3:f980::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:6e:52:14:c5:b8:41:6a:3a:7a:8e:3d:92:c8:25:c0:58:87:
         9c:eb:73:bf:9f:00:84:7e:d3:01:9d:79:86:50:91:d5:07:b9:
         46:e6:f5:ec:a5:95:8e:69:7b:c8:8f:ab:34:79:3a:9d:62:29:
         53:a2:a7:ea:21:53:d0:5d:51:db:06:35:f7:7f:76:94:f1:d6:
         bc:45:87:be:1d:ba:61:82:95:08:2f:6c:89:f2:30:e4:73:91:
         58:b2:5f:1c:c4:ce:12:4c:7f:cb:0d:c4:96:b0:ef:25:f8:f7:
         c8:06:6a:c8:09:2e:e0:f2:63:aa:d6:0c:a3:33:85:06:30:f2:
         74:e0:9f:e6:16:e6:04:1f:b1:fb:3a:ce:57:50:19:03:42:6b:
         9d:28:0f:af:6c:d6:23:7a:a6:d6:46:8e:44:20:fe:98:72:4b:
         e7:3c:de:80:12:c4:a1:46:44:e8:01:42:20:94:45:b2:48:8d:
         ab:82:76:3d:68:76:06:3d:b4:59:31:ab:af:31:26:de:65:0b:
         e7:a1:b6:01:1a:93:c3:ed:65:9f:3c:92:0d:63:d2:0c:8d:7c:
         4c:f5:aa:d3:7e:53:e7:e3:7d:43:2d:50:29:97:c3:77:63:52:
         94:c8:11:1c:1f:e9:a8:57:d7:f3:a7:e9:cf:16:49:81:a3:3f:
         ac:ac:2a:77
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICCa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTY2NEUxMTAvBgNVBAUTKDM5NkE1RDlFNjdBNjc5MENBOTdGQjkzMTMwNEI0NEU3
QjBBODIxQ0YwHhcNMjYwNjI0MjAyNDQzWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjM2QwYi1iMGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArKeadOkMHx7Ouxdmj2tng/3xQ4NMLMBVjgxqifoGiXtIaFqlrGY+/MUYlN+5
+aacQYmdctiX+gLYvlQ9ZSS4DrDVUC6nzASvUIex3kjznSoNfCoLxbK/ca1I/9dv
zYB/NwMUZSKZwKOsqgh6+hlsI7Pv4F9ge/46NQjz5pCd+K67m6Y85usvbYO237ZP
1o+RHsLtoRWSKIuTA2rmpBpcL0wG/BhqqSz66EhTmsuVxv7Qb9Dcs0c0f16BZjOV
jYGDDGltn0P6migw4TEFc2bhD7Qy0WJF/sr601wMHjEF3PcXIvUjJinsflgJqFgp
HbvW9BoHX7nUE3bE0jKkgviuZQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFPAufa0R
U3Lod4+TeTkVtiWUFWqQMB8GA1UdIwQYMBaAFDlqXZ5npnkMqX+5MTBLROewqCHP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjY0RS9CNDZBOUMxRUIx
M0QxMUVBQjEyRDEyMUNDNEY5QUUwMi9PV3Bkbm1lbWVReXBmN2t4TUV0RTU3Q29J
YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09XcGRubWVtZVF5cGY3a3hNRXRFNTdDb0ljOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTY2NEUvQjQ2QTlDMUVCMTNEMTFFQUIxMkQxMjFDQzRGOUFFMDIvNDQyRDY0MzRC
MTQ0MTFFQUI4NTJDMTM0QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQBZ5e0MA8EAgACMAkDBwAgAQ3z+YAwDQYJKoZIhvcNAQELBQADggEB
ABBuUhTFuEFqOnqOPZLIJcBYh5zrc7+fAIR+0wGdeYZQkdUHuUbm9eyllY5pe8iP
qzR5Op1iKVOip+ohU9BdUdsGNfd/dpTx1rxFh74dumGClQgvbInyMORzkViyXxzE
zhJMf8sNxJaw7yX498gGasgJLuDyY6rWDKMzhQYw8nTgn+YW5gQfsfs6zldQGQNC
a50oD69s1iN6ptZGjkQg/phyS+c83oASxKFGROgBQiCURbJIjauCdj1odgY9tFkx
q68xJt5lC+ehtgEak8PtZZ88kg1j0gyNfEz1qtN+U+fjfUMtUCmXw3djUpTIERwf
6ahX1/On6c8WSYGjP6ysKnc=
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:24:04 2026 by rpki-client