Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9171235/DD61E22EC5DD11ECBEF42C77C4F9AE02/9CD74392C9E411EC956B0A3CC4F9AE02.roa
File:                     9CD74392C9E411EC956B0A3CC4F9AE02.roa (raw, json)
Hash identifier:          Q7hGGSqwTn1Hry6vIOjNT8JbvFoGysAzJ6H0s1cSSPs=
Subject key identifier:   F5:6D:CF:69:71:D6:42:CB:87:E4:CC:5C:42:38:66:5E:D8:88:39:2A
Certificate issuer:       /CN=A9171235/serialNumber=441CB0D86A92CEDFBE8083DED697A26D623EE655
Certificate serial:       040C
Authority key identifier: 44:1C:B0:D8:6A:92:CE:DF:BE:80:83:DE:D6:97:A2:6D:62:3E:E6:55
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RByw2GqSzt--gIPe1peibWI-5lU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9171235/DD61E22EC5DD11ECBEF42C77C4F9AE02/9CD74392C9E411EC956B0A3CC4F9AE02.roa
Signing time:             Fri 03 Jul 2026 01:26:11 +0000
ROA not before:           Fri 03 Jul 2026 01:26:11 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     45858
IP address blocks:        103.227.44.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9171235/DD61E22EC5DD11ECBEF42C77C4F9AE02/RByw2GqSzt--gIPe1peibWI-5lU.crl
                          rsync://rpki.apnic.net/member_repository/A9171235/DD61E22EC5DD11ECBEF42C77C4F9AE02/RByw2GqSzt--gIPe1peibWI-5lU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RByw2GqSzt--gIPe1peibWI-5lU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 00:49:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1036 (0x40c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9171235, serialNumber=441CB0D86A92CEDFBE8083DED697A26D623EE655
        Validity
            Not Before: Jul  3 01:26:11 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a470fb2-cb9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0e:f1:33:59:0a:c0:b9:9b:3e:f9:08:fd:57:
                    89:d8:d1:6d:80:1d:35:0c:33:81:8a:de:d2:a0:b0:
                    d2:d4:18:c8:08:4f:4c:04:69:5d:6a:3e:16:b6:78:
                    8a:93:f3:59:f3:8e:8a:eb:48:59:5c:72:fc:c5:ad:
                    6f:2a:7e:7f:9d:a8:f4:d7:4c:47:f6:0a:a3:2f:33:
                    f5:f4:f3:80:ce:bb:a4:0d:46:20:5d:14:0a:ab:be:
                    75:38:97:d2:57:04:d1:45:49:ac:cf:8e:e0:93:c9:
                    0c:24:76:0f:43:f6:ac:51:67:1e:9d:47:d2:aa:55:
                    bd:11:d7:f4:ea:32:cd:cb:bc:07:30:15:59:19:19:
                    0c:25:a9:b7:3d:b1:05:b5:2c:14:68:88:3a:76:6d:
                    d1:09:13:85:74:c5:24:59:17:5c:f0:a7:12:1a:d9:
                    d4:46:5a:0f:6b:ac:61:0a:e1:0a:2a:95:67:ff:07:
                    f6:98:fe:9e:87:b6:70:a6:00:fa:97:0c:49:24:95:
                    08:da:84:92:c7:02:da:ef:e9:e3:a9:e3:3b:2e:22:
                    98:70:0b:ce:ac:06:f3:c6:07:08:0a:06:88:b1:f1:
                    26:fc:a9:23:21:e7:c8:07:59:a7:c5:4b:88:ec:1e:
                    90:f5:9a:0c:81:e4:22:b6:d5:43:6d:00:bf:9f:04:
                    a1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:6D:CF:69:71:D6:42:CB:87:E4:CC:5C:42:38:66:5E:D8:88:39:2A
            X509v3 Authority Key Identifier:
                keyid:44:1C:B0:D8:6A:92:CE:DF:BE:80:83:DE:D6:97:A2:6D:62:3E:E6:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9171235/DD61E22EC5DD11ECBEF42C77C4F9AE02/RByw2GqSzt--gIPe1peibWI-5lU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RByw2GqSzt--gIPe1peibWI-5lU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171235/DD61E22EC5DD11ECBEF42C77C4F9AE02/9CD74392C9E411EC956B0A3CC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.227.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:89:8e:73:f9:23:e5:e9:ae:57:97:29:09:be:f3:77:ec:25:
         14:33:24:b7:a5:7a:55:1e:92:3f:6d:fa:fe:a8:fa:62:62:8a:
         a8:64:4d:d6:41:bf:bb:d1:f0:69:1e:2e:dc:60:f5:1a:4d:ec:
         76:10:82:c8:cd:6c:3f:80:0f:ce:9f:78:87:6f:cd:65:d2:95:
         2a:03:2b:53:4c:d8:42:50:55:39:79:4c:52:3b:90:9c:55:0d:
         93:ae:27:29:5d:46:02:15:27:85:a0:ef:50:93:02:9a:a4:a4:
         71:6c:38:da:cd:e7:4c:00:a7:a4:30:36:2f:96:66:2c:92:c1:
         35:70:87:61:30:43:9c:5c:f3:a6:3f:85:56:6e:0d:ee:8e:74:
         fd:78:8c:77:c5:bd:b6:d7:04:04:ec:91:4f:9e:ba:6f:05:32:
         bb:e3:03:3f:21:d0:ee:86:3f:00:76:a5:34:77:7f:f9:29:28:
         a5:ce:e6:4f:60:87:45:7d:5d:b7:4c:6e:c5:45:e4:c7:54:72:
         21:95:01:67:5f:a7:3e:5c:3e:1c:97:72:12:de:4e:ec:f2:07:
         7b:1b:a7:fc:47:fc:7b:ab:bc:99:ad:de:fa:14:e0:6b:71:fb:
         09:71:44:1b:86:64:07:f7:be:f2:c6:2c:5a:60:09:42:07:3f:
         09:df:23:b0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICBAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzEyMzUxMTAvBgNVBAUTKDQ0MUNCMEQ4NkE5MkNFREZCRTgwODNERUQ2OTdBMjZE
NjIzRUU2NTUwHhcNMjYwNzAzMDEyNjExWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3MGZiMi1jYjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwg7xM1kKwLmbPvkI/VeJ2NFtgB01DDOBit7SoLDS1BjICE9MBGldaj4WtniK
k/NZ846K60hZXHL8xa1vKn5/naj010xH9gqjLzP19POAzrukDUYgXRQKq751OJfS
VwTRRUmsz47gk8kMJHYPQ/asUWcenUfSqlW9Edf06jLNy7wHMBVZGRkMJam3PbEF
tSwUaIg6dm3RCROFdMUkWRdc8KcSGtnURloPa6xhCuEKKpVn/wf2mP6eh7ZwpgD6
lwxJJJUI2oSSxwLa7+njqeM7LiKYcAvOrAbzxgcICgaIsfEm/KkjIefIB1mnxUuI
7B6Q9ZoMgeQittVDbQC/nwShsQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPVtz2lx
1kLLh+TMXEI4Zl7YiDkqMB8GA1UdIwQYMBaAFEQcsNhqks7fvoCD3taXom1iPuZV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTIzNS9ERDYxRTIyRUM1
REQxMUVDQkVGNDJDNzdDNEY5QUUwMi9SQnl3MkdxU3p0LS1nSVBlMXBlaWJXSS01
bFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JCeXcyR3FTenQtLWdJUGUxcGVpYldJLTVsVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzEyMzUvREQ2MUUyMkVDNUREMTFFQ0JFRjQyQzc3QzRGOUFFMDIvOUNENzQzOTJD
OUU0MTFFQzk1NkIwQTNDQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZ+MsMA0GCSqGSIb3DQEBCwUAA4IBAQAniY5z+SPl6a5XlykJvvN3
7CUUMyS3pXpVHpI/bfr+qPpiYoqoZE3WQb+70fBpHi7cYPUaTex2EILIzWw/gA/O
n3iHb81l0pUqAytTTNhCUFU5eUxSO5CcVQ2TricpXUYCFSeFoO9QkwKapKRxbDja
zedMAKekMDYvlmYsksE1cIdhMEOcXPOmP4VWbg3ujnT9eIx3xb221wQE7JFPnrpv
BTK74wM/IdDuhj8AdqU0d3/5KSilzuZPYIdFfV23TG7FReTHVHIhlQFnX6c+XD4c
l3IS3k7s8gd7G6f8R/x7q7yZrd76FOBrcfsJcUQbhmQH977yxixaYAlCBz8J3yOw
-----END CERTIFICATE-----
Generated at Mon Jul 6 09:49:03 2026 by rpki-client