Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/C6C096F68D0D11EFB98F225AC4F9AE02.roa
File:                     C6C096F68D0D11EFB98F225AC4F9AE02.roa (raw, json)
Hash identifier:          +7IN1el4eQfdUKwMw8eOJpUSGsa02RhN2DC3uB0KNkY=
Subject key identifier:   43:F5:35:B5:8E:A4:63:E2:79:C1:33:71:AE:1E:5F:12:BD:33:B1:7F
Certificate issuer:       /CN=A915F2CF/serialNumber=CB30D35C70DFC866A837CAEDFEFCE6FECBFC5B5F
Certificate serial:       088E
Authority key identifier: CB:30:D3:5C:70:DF:C8:66:A8:37:CA:ED:FE:FC:E6:FE:CB:FC:5B:5F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yzDTXHDfyGaoN8rt_vzm_sv8W18.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/C6C096F68D0D11EFB98F225AC4F9AE02.roa
Signing time:             Mon 06 Jul 2026 21:22:12 +0000
ROA not before:           Mon 06 Jul 2026 21:22:12 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     4788
IP address blocks:        45.123.102.0/24 maxlen: 24
                          45.123.103.0/24 maxlen: 24
                          103.9.148.0/24 maxlen: 24
                          103.9.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/yzDTXHDfyGaoN8rt_vzm_sv8W18.crl
                          rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/yzDTXHDfyGaoN8rt_vzm_sv8W18.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yzDTXHDfyGaoN8rt_vzm_sv8W18.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 21:05:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2190 (0x88e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915F2CF, serialNumber=CB30D35C70DFC866A837CAEDFEFCE6FECBFC5B5F
        Validity
            Not Before: Jul  6 21:22:12 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a4c1c84-7399
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2e:db:0b:18:32:1d:26:83:d8:ef:e4:46:10:
                    db:15:7c:28:08:ad:af:7c:4d:66:9b:08:57:1c:f1:
                    59:58:e9:87:2b:5e:0f:ec:e7:bb:96:49:84:58:89:
                    e8:76:ee:4b:4b:98:b7:bb:d1:6f:45:8b:df:f9:05:
                    32:56:84:c3:4d:76:46:cb:31:3f:2f:38:bf:fc:b1:
                    33:89:ad:29:a6:e4:45:c6:36:ab:43:34:8b:87:f1:
                    cb:94:fa:a0:57:d6:db:3c:62:ce:43:50:1d:a2:65:
                    55:e0:fd:8c:6d:21:36:20:3e:d0:ee:36:cb:88:46:
                    29:5b:ff:9d:d3:41:8f:0c:16:82:e6:68:29:77:90:
                    29:0b:6e:ea:2f:dc:f4:19:ee:ea:d2:1c:23:63:53:
                    57:fe:88:13:aa:f3:48:20:ad:ac:16:dc:2b:f8:aa:
                    9b:66:42:3e:89:be:25:c8:27:c4:67:a6:c6:12:0e:
                    ba:9e:ea:90:c2:14:73:09:df:4c:04:53:91:cd:e0:
                    31:15:aa:23:ae:18:00:97:d5:31:41:f1:c3:b5:29:
                    da:77:7a:e3:e0:d9:e5:50:f8:0c:37:82:c5:2d:35:
                    1f:86:49:fc:ba:cf:86:d7:82:79:00:2c:8c:aa:e4:
                    e7:0d:5a:61:1a:b7:fa:16:95:10:0e:6e:04:29:ec:
                    09:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F5:35:B5:8E:A4:63:E2:79:C1:33:71:AE:1E:5F:12:BD:33:B1:7F
            X509v3 Authority Key Identifier:
                keyid:CB:30:D3:5C:70:DF:C8:66:A8:37:CA:ED:FE:FC:E6:FE:CB:FC:5B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/yzDTXHDfyGaoN8rt_vzm_sv8W18.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yzDTXHDfyGaoN8rt_vzm_sv8W18.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F2CF/F5C14ED2071011EB97F9F537C4F9AE02/C6C096F68D0D11EFB98F225AC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.123.102.0/23
                  103.9.148.0/24
                  103.9.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:c2:bf:36:8d:1c:b8:ca:b4:bd:fe:34:11:a7:0c:3c:3f:a8:
         70:b5:ae:d4:89:63:f2:a0:69:ae:8d:e9:14:69:42:a1:11:ea:
         37:6c:7f:40:e1:a8:af:9b:c5:38:b8:0f:b1:8e:ea:3c:31:4c:
         89:b8:de:47:98:f9:b6:b3:e5:d6:2e:c0:0a:a0:80:2c:43:6b:
         cd:df:21:da:fa:fd:1b:4e:16:cd:39:40:7b:c3:fb:ab:0b:a1:
         02:14:6f:95:f8:22:34:8e:73:f8:6b:04:14:a6:51:a1:87:21:
         de:e0:f6:d7:99:0b:31:87:29:14:79:93:ff:75:92:55:90:0b:
         78:ba:86:6c:f5:f1:7e:ff:52:74:17:c5:b1:ac:9d:f1:47:34:
         eb:d4:0e:e0:85:d6:b5:46:d3:7f:c5:fe:6d:b9:48:a4:b2:01:
         66:f5:57:70:1e:93:67:a6:3d:63:74:dc:c8:f1:2e:cf:3a:56:
         65:1d:55:09:bd:82:6e:5e:0a:82:22:fd:ee:07:9f:28:3c:39:
         61:8d:60:cb:a2:ce:df:4d:76:07:44:a8:8a:ed:e1:6c:21:b4:
         69:77:d1:65:62:1d:31:03:87:72:99:b2:79:ec:31:20:f5:48:
         d9:1e:28:69:9f:43:92:d7:53:f7:fd:f5:61:1c:9d:56:b2:3f:
         de:51:80:f8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICCI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUYyQ0YxMTAvBgNVBAUTKENCMzBEMzVDNzBERkM4NjZBODM3Q0FFREZFRkNFNkZF
Q0JGQzVCNUYwHhcNMjYwNzA2MjEyMjEyWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjMWM4NC03Mzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApC7bCxgyHSaD2O/kRhDbFXwoCK2vfE1mmwhXHPFZWOmHK14P7Oe7lkmEWIno
du5LS5i3u9FvRYvf+QUyVoTDTXZGyzE/Lzi//LEzia0ppuRFxjarQzSLh/HLlPqg
V9bbPGLOQ1AdomVV4P2MbSE2ID7Q7jbLiEYpW/+d00GPDBaC5mgpd5ApC27qL9z0
Ge7q0hwjY1NX/ogTqvNIIK2sFtwr+KqbZkI+ib4lyCfEZ6bGEg66nuqQwhRzCd9M
BFORzeAxFaojrhgAl9UxQfHDtSnad3rj4NnlUPgMN4LFLTUfhkn8us+G14J5ACyM
quTnDVphGrf6FpUQDm4EKewJTQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFEP1NbWO
pGPiecEzca4eXxK9M7F/MB8GA1UdIwQYMBaAFMsw01xw38hmqDfK7f785v7L/Ftf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RjJDRi9GNUMxNEVEMjA3
MTAxMUVCOTdGOUY1MzdDNEY5QUUwMi95ekRUWEhEZnlHYW9OOHJ0X3Z6bV9zdjhX
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3l6RFRYSERmeUdhb044cnRfdnptX3N2OFcxOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUYyQ0YvRjVDMTRFRDIwNzEwMTFFQjk3RjlGNTM3QzRGOUFFMDIvQzZDMDk2RjY4
RDBEMTFFRkI5OEYyMjVBQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQBLXtmAwQAZwmUAwQAZwmXMA0GCSqGSIb3DQEBCwUAA4IBAQAdwr82
jRy4yrS9/jQRpww8P6hwta7UiWPyoGmujekUaUKhEeo3bH9A4aivm8U4uA+xjuo8
MUyJuN5HmPm2s+XWLsAKoIAsQ2vN3yHa+v0bThbNOUB7w/urC6ECFG+V+CI0jnP4
awQUplGhhyHe4PbXmQsxhykUeZP/dZJVkAt4uoZs9fF+/1J0F8WxrJ3xRzTr1A7g
hda1RtN/xf5tuUiksgFm9VdwHpNnpj1jdNzI8S7POlZlHVUJvYJuXgqCIv3uB58o
PDlhjWDLos7fTXYHRKiK7eFsIbRpd9FlYh0xA4dymbJ57DEg9UjZHihpn0OS11P3
/fVhHJ1Wsj/eUYD4
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:22:31 2026 by rpki-client