Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9175C96/71A72E2C710511F188C0061E65A30FBC/CC84D0BA710511F1A8E0DB7B65A30FBC.roa
File:                     CC84D0BA710511F1A8E0DB7B65A30FBC.roa (raw, json)
Hash identifier:          W/k3tTym2pPqddOTOs65rSq65DSs2mHOJ53vJkYkUlI=
Subject key identifier:   26:4B:1A:09:BE:54:2E:62:4D:8A:4C:8C:AD:6E:BF:69:1E:95:57:2B
Certificate issuer:       /CN=A9175C96/serialNumber=6B1FF3ED81D1EDA0B8DD8C5DA44E40F9CB2CD2AF
Certificate serial:       02
Authority key identifier: 6B:1F:F3:ED:81:D1:ED:A0:B8:DD:8C:5D:A4:4E:40:F9:CB:2C:D2:AF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ax_z7YHR7aC43YxdpE5A-css0q8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9175C96/71A72E2C710511F188C0061E65A30FBC/CC84D0BA710511F1A8E0DB7B65A30FBC.roa
Signing time:             Fri 26 Jun 2026 02:21:55 +0000
ROA not before:           Fri 26 Jun 2026 02:21:55 +0000
ROA not after:            Sun 31 Jan 2027 00:00:00 +0000
asID:                     18064
IP address blocks:        103.131.223.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9175C96/71A72E2C710511F188C0061E65A30FBC/ax_z7YHR7aC43YxdpE5A-css0q8.crl
                          rsync://rpki.apnic.net/member_repository/A9175C96/71A72E2C710511F188C0061E65A30FBC/ax_z7YHR7aC43YxdpE5A-css0q8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ax_z7YHR7aC43YxdpE5A-css0q8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 09:28:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9175C96, serialNumber=6B1FF3ED81D1EDA0B8DD8C5DA44E40F9CB2CD2AF
        Validity
            Not Before: Jun 26 02:21:55 2026 GMT
            Not After : Jan 31 00:00:00 2027 GMT
        Subject: CN=6a3de242-bbfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:56:02:17:dc:10:43:42:74:e2:81:c0:8c:b1:
                    d6:70:fb:b4:0b:ca:94:56:cd:61:fb:04:5a:52:9d:
                    c3:d6:58:f8:f0:30:05:a2:0c:44:53:1d:ec:24:6e:
                    69:38:5c:48:97:07:95:21:60:d1:8a:0c:f8:60:79:
                    ec:1c:4f:5c:9f:1c:47:ed:a6:a9:f9:6f:8a:11:63:
                    95:b3:8e:67:73:18:8b:3d:49:41:a2:d3:aa:70:f4:
                    da:78:4b:54:a1:d4:f5:a7:5c:13:51:9a:61:17:08:
                    b4:63:6e:a4:d0:9d:f0:ad:41:76:5b:c2:b6:80:3b:
                    a0:bb:71:08:41:02:bf:f0:91:8e:22:87:81:5c:c3:
                    4a:6a:58:cb:bb:be:b5:fd:b9:4c:e3:24:88:67:83:
                    20:3d:c4:5d:7b:ff:db:88:8c:c6:94:68:89:cd:85:
                    6c:01:da:fc:84:21:23:84:4c:8b:b6:db:d2:94:47:
                    f8:1a:88:f5:0b:a1:dd:af:25:17:5c:f4:41:f1:2d:
                    e1:ca:75:c8:07:1b:b8:9f:98:c8:e4:7f:e4:76:30:
                    cf:53:1a:e4:d5:54:1c:63:e3:5e:89:f3:2c:fa:17:
                    15:77:2c:2c:f8:e6:4d:69:78:5d:ff:27:2a:bc:a3:
                    ee:b6:91:25:b8:78:6d:18:48:aa:ef:29:26:e1:44:
                    34:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:4B:1A:09:BE:54:2E:62:4D:8A:4C:8C:AD:6E:BF:69:1E:95:57:2B
            X509v3 Authority Key Identifier:
                keyid:6B:1F:F3:ED:81:D1:ED:A0:B8:DD:8C:5D:A4:4E:40:F9:CB:2C:D2:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9175C96/71A72E2C710511F188C0061E65A30FBC/ax_z7YHR7aC43YxdpE5A-css0q8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ax_z7YHR7aC43YxdpE5A-css0q8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175C96/71A72E2C710511F188C0061E65A30FBC/CC84D0BA710511F1A8E0DB7B65A30FBC.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:cb:77:95:89:d0:22:1c:85:42:e9:a7:3a:67:d7:5e:e8:cd:
         6d:cd:52:72:c8:2f:2e:3a:0a:66:45:c0:27:47:79:58:e3:f8:
         d6:78:bb:90:05:01:d1:f7:c5:c0:52:9c:26:95:c2:6d:2d:bb:
         16:88:99:fe:57:88:e9:ca:f2:95:a7:f4:79:50:a6:ea:2f:b7:
         59:39:4e:f5:95:62:05:e0:05:ec:c3:38:42:72:f5:f0:5c:4a:
         26:b4:0a:e2:22:ed:7b:56:78:d0:ea:0f:3f:d7:f9:f3:c0:af:
         4b:09:28:bc:f4:5b:3d:78:42:40:86:e1:65:b7:12:c6:18:26:
         bb:e2:7e:c5:59:79:32:d0:6a:4e:cc:7c:9b:6b:39:f3:bc:d5:
         3b:2d:c5:c6:ea:28:bf:81:9a:aa:6d:fd:94:ea:b1:42:0d:31:
         e3:fd:d3:df:3d:a5:7f:9a:28:fe:8b:3b:d3:cd:34:59:7c:fb:
         17:c5:18:8b:39:9e:c6:1a:d9:5e:bb:c1:50:a2:19:f0:e4:a1:
         9a:be:44:4e:93:4f:00:4f:49:cb:56:77:4d:09:8b:5b:f1:cb:
         e3:71:bd:15:1e:17:17:dc:e4:1f:88:43:0c:e5:2d:0c:68:f7:
         9e:8c:e8:8f:f6:0d:d4:e7:3a:fa:7d:82:0f:cf:23:ac:c4:b9:
         f2:92:32:a4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NUM5NjExMC8GA1UEBRMoNkIxRkYzRUQ4MUQxRURBMEI4REQ4QzVEQTQ0RTQwRjlD
QjJDRDJBRjAeFw0yNjA2MjYwMjIxNTVaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTZhM2RlMjQyLWJiZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSVgIX3BBDQnTigcCMsdZw+7QLypRWzWH7BFpSncPWWPjwMAWiDERTHewkbmk4
XEiXB5UhYNGKDPhgeewcT1yfHEftpqn5b4oRY5WzjmdzGIs9SUGi06pw9Np4S1Sh
1PWnXBNRmmEXCLRjbqTQnfCtQXZbwraAO6C7cQhBAr/wkY4ih4Fcw0pqWMu7vrX9
uUzjJIhngyA9xF17/9uIjMaUaInNhWwB2vyEISOETIu229KUR/gaiPULod2vJRdc
9EHxLeHKdcgHG7ifmMjkf+R2MM9TGuTVVBxj416J8yz6FxV3LCz45k1peF3/Jyq8
o+62kSW4eG0YSKrvKSbhRDT3AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUJksaCb5U
LmJNikyMrW6/aR6VVyswHwYDVR0jBBgwFoAUax/z7YHR7aC43YxdpE5A+css0q8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1Qzk2LzcxQTcyRTJDNzEw
NTExRjE4OEMwMDYxRTY1QTMwRkJDL2F4X3o3WUhSN2FDNDNZeGRwRTVBLWNzczBx
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYXhfejdZSFI3YUM0M1l4ZHBFNUEtY3NzMHE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NUM5Ni83MUE3MkUyQzcxMDUxMUYxODhDMDA2MUU2NUEzMEZCQy9DQzg0RDBCQTcx
MDUxMUYxQThFMERCN0I2NUEzMEZCQy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBABng98wDQYJKoZIhvcNAQELBQADggEBAIPLd5WJ0CIchULppzpn117o
zW3NUnLILy46CmZFwCdHeVjj+NZ4u5AFAdH3xcBSnCaVwm0tuxaImf5XiOnK8pWn
9HlQpuovt1k5TvWVYgXgBezDOEJy9fBcSia0CuIi7XtWeNDqDz/X+fPAr0sJKLz0
Wz14QkCG4WW3EsYYJrvifsVZeTLQak7MfJtrOfO81TstxcbqKL+Bmqpt/ZTqsUIN
MeP90989pX+aKP6LO9PNNFl8+xfFGIs5nsYa2V67wVCiGfDkoZq+RE6TTwBPSctW
d00Ji1vxy+NxvRUeFxfc5B+IQwzlLQxo956M6I/2DdTnOvp9gg/PI6zEufKSMqQ=
-----END CERTIFICATE-----
Generated at Sun Jul 5 13:38:53 2026 by rpki-client