Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/0398239C68AD11F19FCCCC9A7B47A888.roa
File:                     0398239C68AD11F19FCCCC9A7B47A888.roa (raw, json)
Hash identifier:          t+YSCcfAI/VhOyItP0m/Pu1TIsJ2yuT816hrlN3gEhw=
Subject key identifier:   79:3B:08:6F:A1:07:3D:23:9F:15:9F:CA:8F:69:54:3E:2F:38:3A:AC
Certificate issuer:       /CN=A915912F/serialNumber=A98B4D753A84DFD49DA7E2307E3192A8C4FF9895
Certificate serial:       0285
Authority key identifier: A9:8B:4D:75:3A:84:DF:D4:9D:A7:E2:30:7E:31:92:A8:C4:FF:98:95
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/0398239C68AD11F19FCCCC9A7B47A888.roa
Signing time:             Wed 01 Jul 2026 04:28:59 +0000
ROA not before:           Wed 01 Jul 2026 04:28:59 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     15830
IP address blocks:        103.92.144.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.crl
                          rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 03:02:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 645 (0x285)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915912F, serialNumber=A98B4D753A84DFD49DA7E2307E3192A8C4FF9895
        Validity
            Not Before: Jul  1 04:28:59 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a44978b-1c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:db:c0:94:43:31:46:0a:31:d2:f3:e1:2f:1b:
                    ac:2d:da:4d:ac:3b:3f:02:b8:05:5c:b0:04:d6:56:
                    42:3b:92:0a:ff:ba:e0:c6:61:5a:cf:d9:87:2e:4d:
                    99:a9:88:bd:b2:51:38:f0:69:5e:59:09:ce:b4:30:
                    80:d4:5d:cb:02:ff:fe:ea:9a:37:d7:16:55:f6:fc:
                    3e:93:56:5e:89:c5:4f:74:29:f8:29:91:40:c5:23:
                    30:f9:5e:e9:48:c3:e6:46:8b:97:3d:0c:f9:e7:2b:
                    3a:01:05:6e:5a:62:8d:68:96:dd:50:31:7e:29:81:
                    35:e4:a9:ff:ae:ed:87:9b:c1:75:c1:b4:47:a3:00:
                    63:3b:6c:4f:71:76:8d:ee:66:e1:cd:af:ef:d5:f9:
                    00:96:b4:1e:65:e9:bc:2c:38:b0:c7:a8:66:a4:bf:
                    d4:95:99:02:10:f2:66:4f:dc:b3:5c:b8:64:4e:e9:
                    2c:a4:b5:e1:d9:cb:8d:62:38:0c:6c:3e:67:f1:97:
                    b1:94:cc:51:6c:9b:c0:02:9f:4f:54:8f:b3:2b:bf:
                    cf:cb:bd:5a:7c:46:aa:b2:33:24:a0:44:5f:b1:d1:
                    f7:84:85:7e:1e:62:60:b0:95:62:44:11:b9:c2:d9:
                    49:2f:aa:fa:c8:bc:f8:66:9d:fe:58:13:d6:75:79:
                    ee:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:3B:08:6F:A1:07:3D:23:9F:15:9F:CA:8F:69:54:3E:2F:38:3A:AC
            X509v3 Authority Key Identifier:
                keyid:A9:8B:4D:75:3A:84:DF:D4:9D:A7:E2:30:7E:31:92:A8:C4:FF:98:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/qYtNdTqE39Sdp-IwfjGSqMT_mJU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qYtNdTqE39Sdp-IwfjGSqMT_mJU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915912F/0A0679080A5111EE8D75B66BC4F9AE02/0398239C68AD11F19FCCCC9A7B47A888.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.92.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:6f:91:41:4a:aa:51:01:53:77:8f:12:44:09:52:3b:d3:14:
         1f:78:30:78:f2:11:b0:03:09:07:d9:96:78:fc:4f:a3:4f:b3:
         41:a4:28:fd:b7:5d:f9:0d:da:31:db:06:bd:ce:69:bf:6e:0e:
         32:18:4c:0e:42:6c:2c:14:4f:55:e5:7e:26:de:b1:06:4c:1b:
         c9:b1:e8:67:e8:4a:73:c3:fb:01:60:5d:db:53:fa:ff:3d:a1:
         1e:a4:d6:92:2b:b6:fe:d8:91:3a:1a:27:8a:f3:87:2a:2a:1b:
         dc:90:d9:11:d8:c9:31:a6:be:ff:32:48:3d:4c:12:30:fd:20:
         0a:12:9c:3b:de:80:ba:74:5f:9e:1f:d3:09:99:98:2c:a7:94:
         08:1d:a3:7a:b5:b1:da:3d:99:3c:a9:ac:ba:21:82:cb:51:b5:
         f7:87:d2:02:ce:f8:df:aa:c6:e7:31:09:b7:3e:5b:79:8e:be:
         c5:fd:4a:dc:3f:40:68:6b:9c:00:58:66:6f:44:40:b9:2b:0e:
         61:32:41:e3:96:d0:d8:85:4d:98:ef:7b:93:5e:35:b9:66:93:
         9d:a8:1d:41:c9:93:08:35:da:00:be:af:6e:ec:d0:55:a1:54:
         2c:76:fd:82:c4:90:d3:cf:18:92:56:fa:c3:8d:3e:b1:0f:b3:
         50:a7:f2:05
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTkxMkYxMTAvBgNVBAUTKEE5OEI0RDc1M0E4NERGRDQ5REE3RTIzMDdFMzE5MkE4
QzRGRjk4OTUwHhcNMjYwNzAxMDQyODU5WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0OTc4Yi0xYzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NvAlEMxRgox0vPhLxusLdpNrDs/ArgFXLAE1lZCO5IK/7rgxmFaz9mHLk2Z
qYi9slE48GleWQnOtDCA1F3LAv/+6po31xZV9vw+k1ZeicVPdCn4KZFAxSMw+V7p
SMPmRouXPQz55ys6AQVuWmKNaJbdUDF+KYE15Kn/ru2Hm8F1wbRHowBjO2xPcXaN
7mbhza/v1fkAlrQeZem8LDiwx6hmpL/UlZkCEPJmT9yzXLhkTukspLXh2cuNYjgM
bD5n8ZexlMxRbJvAAp9PVI+zK7/Py71afEaqsjMkoERfsdH3hIV+HmJgsJViRBG5
wtlJL6r6yLz4Zp3+WBPWdXnuBQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFHk7CG+h
Bz0jnxWfyo9pVD4vODqsMB8GA1UdIwQYMBaAFKmLTXU6hN/UnafiMH4xkqjE/5iV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTEyRi8wQTA2NzkwODBB
NTExMUVFOEQ3NUI2NkJDNEY5QUUwMi9xWXROZFRxRTM5U2RwLUl3ZmpHU3FNVF9t
SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FZdE5kVHFFMzlTZHAtSXdmakdTcU1UX21KVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTkxMkYvMEEwNjc5MDgwQTUxMTFFRThENzVCNjZCQzRGOUFFMDIvMDM5ODIzOUM2
OEFEMTFGMTlGQ0NDQzlBN0I0N0E4ODgucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZ1yQMA0GCSqGSIb3DQEBCwUAA4IBAQAib5FBSqpRAVN3jxJECVI7
0xQfeDB48hGwAwkH2ZZ4/E+jT7NBpCj9t135Ddox2wa9zmm/bg4yGEwOQmwsFE9V
5X4m3rEGTBvJsehn6Epzw/sBYF3bU/r/PaEepNaSK7b+2JE6GieK84cqKhvckNkR
2Mkxpr7/Mkg9TBIw/SAKEpw73oC6dF+eH9MJmZgsp5QIHaN6tbHaPZk8qay6IYLL
UbX3h9ICzvjfqsbnMQm3Plt5jr7F/UrcP0Boa5wAWGZvREC5Kw5hMkHjltDYhU2Y
73uTXjW5ZpOdqB1ByZMINdoAvq9u7NBVoVQsdv2CxJDTzxiSVvrDjT6xD7NQp/IF
-----END CERTIFICATE-----
Generated at Sun Jul 5 19:09:01 2026 by rpki-client