Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/57A84138605911EE8ABC9318C4F9AE02.roa
File:                     57A84138605911EE8ABC9318C4F9AE02.roa (raw, json)
Hash identifier:          GwBzururP91LCAF7TSNIMtRqmicpSh1Gk2iqSgIOC/E=
Subject key identifier:   15:CD:B1:A5:C7:92:15:96:A6:C7:01:03:55:12:99:1D:F9:29:9C:BA
Certificate issuer:       /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Certificate serial:       1358
Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/57A84138605911EE8ABC9318C4F9AE02.roa
Signing time:             Thu 09 Jul 2026 08:58:33 +0000
ROA not before:           Thu 09 Jul 2026 08:58:33 +0000
ROA not after:            Tue 02 Mar 2027 00:00:00 +0000
asID:                     137074
IP address blocks:        43.224.188.0/22 maxlen: 24
                          43.226.4.0/22 maxlen: 24
                          45.64.80.0/22 maxlen: 22
                          103.18.64.0/22 maxlen: 24
                          103.25.176.0/22 maxlen: 22
                          103.43.212.0/22 maxlen: 24
                          103.104.16.0/22 maxlen: 24
                          103.113.40.0/22 maxlen: 24
                          116.89.246.0/23 maxlen: 24
                          203.28.64.0/22 maxlen: 24
                          203.144.0.0/22 maxlen: 22
                          203.144.0.0/24 maxlen: 24
                          203.144.2.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl
                          rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 16 Jul 2026 09:08:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4952 (0x1358)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9164860, serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
        Validity
            Not Before: Jul  9 08:58:33 2026 GMT
            Not After : Mar  2 00:00:00 2027 GMT
        Subject: CN=6a4f62b9-4d47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ca:83:f5:a3:e8:6d:1b:c4:f7:85:35:cf:d6:
                    4c:5f:9d:5c:eb:a2:43:fc:c9:23:ba:0a:24:b4:c3:
                    fc:80:81:c2:1d:3e:d3:d7:81:1d:e0:54:3f:cb:44:
                    35:62:f3:65:05:e8:7e:06:e1:2f:5f:8c:5b:e0:21:
                    23:ad:43:24:6d:24:91:0f:ed:ca:b4:9f:ac:ca:69:
                    ec:3f:68:a0:dc:da:0c:3d:e3:ab:44:54:b8:e7:07:
                    9b:d1:f3:88:95:91:be:b2:ed:0a:3d:01:88:37:8e:
                    07:25:f8:c2:4c:c1:48:a4:0d:2c:e8:5d:a4:3b:8c:
                    94:46:37:92:19:a5:3b:06:96:2c:90:9c:0b:13:88:
                    c7:3c:db:44:37:d2:3b:e2:d2:f0:d3:45:3b:86:ba:
                    f6:0d:d6:7b:a9:87:e4:ed:95:9b:98:e8:13:7b:22:
                    dd:92:8c:60:5c:0d:c8:38:bb:39:67:a7:9a:ea:43:
                    2a:21:e3:09:f0:88:54:e9:7d:ad:43:b1:f4:27:c0:
                    de:ce:0b:ff:f7:c6:0b:e6:57:46:44:2b:1a:dc:63:
                    2b:ec:77:36:65:1f:80:04:36:e9:13:ec:5e:18:99:
                    ca:0e:8a:82:89:61:7e:e1:8c:af:3e:eb:31:15:71:
                    bc:82:82:c7:8e:bd:a6:6d:85:29:96:ff:3d:a8:72:
                    34:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:CD:B1:A5:C7:92:15:96:A6:C7:01:03:55:12:99:1D:F9:29:9C:BA
            X509v3 Authority Key Identifier:
                keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/57A84138605911EE8ABC9318C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.224.188.0/22
                  43.226.4.0/22
                  45.64.80.0/22
                  103.18.64.0/22
                  103.25.176.0/22
                  103.43.212.0/22
                  103.104.16.0/22
                  103.113.40.0/22
                  116.89.246.0/23
                  203.28.64.0/22
                  203.144.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5b:ec:a2:aa:58:35:38:08:62:81:e7:da:9e:eb:0c:67:07:fb:
         ce:19:4f:b8:7a:15:2b:03:af:04:93:3b:69:0f:45:02:7b:da:
         20:29:00:83:19:6f:8a:9d:69:1c:d7:7e:25:a7:a8:b5:40:02:
         31:6b:64:93:d5:10:8a:c5:9c:4b:87:1e:94:88:cd:4f:7b:7d:
         7b:bb:ec:65:c3:59:4b:b2:9c:61:45:3a:c2:43:58:5b:bb:e5:
         84:f7:f6:6f:38:8e:db:46:40:d6:3d:4f:ee:22:1c:02:6c:58:
         3a:9e:12:ea:74:75:51:ff:6b:f4:d4:08:d8:dd:85:ec:ca:0f:
         db:f8:65:80:fa:62:45:b4:fd:7b:4c:fa:b0:55:de:e1:07:16:
         ba:28:f1:bf:81:91:32:b1:04:69:4a:a7:dd:ce:4c:67:6e:88:
         e3:8e:ec:8f:d4:7b:d2:61:cf:ed:ac:b2:85:80:b2:30:5a:e1:
         53:a4:4d:4c:50:00:f4:30:10:b3:a7:21:bf:ca:32:7a:af:d5:
         c8:c6:fc:f2:f8:60:eb:5c:cb:ae:e6:11:d1:85:36:76:71:64:
         a3:29:47:dd:25:e4:45:3d:9e:87:78:d4:fa:eb:a5:85:36:5d:
         a6:c2:a6:aa:35:c3:ff:85:2b:d0:d8:74:aa:b3:76:88:50:d4:
         c5:76:9d:1c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICE1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy
QkY2MEQ1MUUwHhcNMjYwNzA5MDg1ODMzWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRmNjJiOS00ZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvMqD9aPobRvE94U1z9ZMX51c66JD/MkjugoktMP8gIHCHT7T14Ed4FQ/y0Q1
YvNlBeh+BuEvX4xb4CEjrUMkbSSRD+3KtJ+symnsP2ig3NoMPeOrRFS45web0fOI
lZG+su0KPQGIN44HJfjCTMFIpA0s6F2kO4yURjeSGaU7BpYskJwLE4jHPNtEN9I7
4tLw00U7hrr2DdZ7qYfk7ZWbmOgTeyLdkoxgXA3IOLs5Z6ea6kMqIeMJ8IhU6X2t
Q7H0J8Dezgv/98YL5ldGRCsa3GMr7Hc2ZR+ABDbpE+xeGJnKDoqCiWF+4YyvPusx
FXG8goLHjr2mbYUplv89qHI01wIDAQABo4ICnDCCApgwHQYDVR0OBBYEFBXNsaXH
khWWpscBA1USmR35KZy6MB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5
NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvNTdBODQxMzg2
MDU5MTFFRThBQkM5MzE4QzRGOUFFMDIucm9hMFsGCCsGAQUFBwEHAQH/BEwwSjBI
BAIAATBCAwQCK+C8AwQCK+IEAwQCLUBQAwQCZxJAAwQCZxmwAwQCZyvUAwQCZ2gQ
AwQCZ3EoAwQBdFn2AwQCyxxAAwQCy5AAMA0GCSqGSIb3DQEBCwUAA4IBAQBb7KKq
WDU4CGKB59qe6wxnB/vOGU+4ehUrA68EkztpD0UCe9ogKQCDGW+KnWkc134lp6i1
QAIxa2ST1RCKxZxLhx6UiM1Pe317u+xlw1lLspxhRTrCQ1hbu+WE9/ZvOI7bRkDW
PU/uIhwCbFg6nhLqdHVR/2v01AjY3YXsyg/b+GWA+mJFtP17TPqwVd7hBxa6KPG/
gZEysQRpSqfdzkxnbojjjuyP1HvSYc/trLKFgLIwWuFTpE1MUAD0MBCzpyG/yjJ6
r9XIxvzy+GDrXMuu5hHRhTZ2cWSjKUfdJeRFPZ6HeNT666WFNl2mwqaqNcP/hSvQ
2HSqs3aIUNTFdp0c
-----END CERTIFICATE-----
Generated at Thu Jul 9 17:31:57 2026 by rpki-client