Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91816BD/98A5DF9C658111E9AA83335DC4F9AE02/D3378C20171D11EAAA15E818C4F9AE02.roa
File:                     D3378C20171D11EAAA15E818C4F9AE02.roa (raw, json)
Hash identifier:          n90NtlT7kb5t8NQK3m5rsjAoH/51oSJGtO4mwVaK5zY=
Subject key identifier:   6C:E4:AF:4A:ED:F4:00:B2:47:B7:76:0A:A5:F3:D7:7F:2E:3D:45:E5
Certificate issuer:       /CN=A91816BD/serialNumber=C24C51BDB02B7136C0F25AF195B37037997B17E8
Certificate serial:       1064
Authority key identifier: C2:4C:51:BD:B0:2B:71:36:C0:F2:5A:F1:95:B3:70:37:99:7B:17:E8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wkxRvbArcTbA8lrxlbNwN5l7F-g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91816BD/98A5DF9C658111E9AA83335DC4F9AE02/D3378C20171D11EAAA15E818C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 18:21:24 +0000
ROA not before:           Tue 30 Jun 2026 18:21:24 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     135300
IP address blocks:        103.116.12.0/24 maxlen: 24
                          103.133.242.0/23 maxlen: 23
                          103.133.242.0/24 maxlen: 24
                          103.133.243.0/24 maxlen: 24
                          103.213.30.0/24 maxlen: 24
                          117.55.248.0/22 maxlen: 22
                          117.55.248.0/23 maxlen: 23
                          117.55.248.0/24 maxlen: 24
                          117.55.249.0/24 maxlen: 24
                          117.55.250.0/23 maxlen: 23
                          117.55.250.0/24 maxlen: 24
                          117.55.251.0/24 maxlen: 24
                          117.55.252.0/23 maxlen: 23
                          117.55.252.0/24 maxlen: 24
                          117.55.253.0/24 maxlen: 24
                          2001:df1:7e00::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91816BD/98A5DF9C658111E9AA83335DC4F9AE02/wkxRvbArcTbA8lrxlbNwN5l7F-g.crl
                          rsync://rpki.apnic.net/member_repository/A91816BD/98A5DF9C658111E9AA83335DC4F9AE02/wkxRvbArcTbA8lrxlbNwN5l7F-g.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wkxRvbArcTbA8lrxlbNwN5l7F-g.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 17 Jul 2026 17:35:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4196 (0x1064)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91816BD, serialNumber=C24C51BDB02B7136C0F25AF195B37037997B17E8
        Validity
            Not Before: Jun 30 18:21:24 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a440924-27b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:50:e5:15:e4:62:5d:61:da:12:6f:6a:ed:de:
                    7f:11:2d:f3:6f:b4:ae:6a:bf:cb:19:59:a5:8b:4e:
                    e9:e7:5a:72:ab:95:dd:1d:1e:bc:7a:22:bc:91:e9:
                    ec:fa:35:f9:21:61:19:2b:a8:24:32:d8:f2:b0:94:
                    e1:77:1c:d0:78:54:ef:b0:65:a5:40:67:92:4c:52:
                    2a:45:87:3d:e2:44:ba:c6:8a:1c:95:a0:34:d0:9d:
                    ca:57:86:10:ca:be:7c:2c:c0:ca:7a:51:4b:16:45:
                    62:a6:a7:d8:00:0e:17:e5:e2:13:6c:13:b6:13:89:
                    49:1b:ad:1d:ee:5d:a0:aa:16:26:b8:13:73:75:c5:
                    7c:15:38:f9:7c:71:93:82:6a:f9:7f:d6:43:e3:2c:
                    75:72:5a:6d:07:a3:e6:f2:76:07:51:a6:3d:fa:28:
                    54:8a:fb:cd:83:e2:b6:39:82:10:6b:81:7c:9f:63:
                    e2:a4:d3:12:d6:44:9c:2d:17:5f:80:58:0d:d8:09:
                    98:7e:cf:35:a4:b3:91:dc:9e:14:5c:36:0e:7f:62:
                    10:92:cd:a8:68:c0:81:60:71:32:4f:c1:5a:34:a1:
                    9d:48:79:0d:c7:9a:5d:d8:99:ab:b1:c1:8a:35:a1:
                    7f:9d:31:1d:7f:7c:79:d4:d5:55:55:11:cc:05:eb:
                    a0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:E4:AF:4A:ED:F4:00:B2:47:B7:76:0A:A5:F3:D7:7F:2E:3D:45:E5
            X509v3 Authority Key Identifier:
                keyid:C2:4C:51:BD:B0:2B:71:36:C0:F2:5A:F1:95:B3:70:37:99:7B:17:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91816BD/98A5DF9C658111E9AA83335DC4F9AE02/wkxRvbArcTbA8lrxlbNwN5l7F-g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wkxRvbArcTbA8lrxlbNwN5l7F-g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91816BD/98A5DF9C658111E9AA83335DC4F9AE02/D3378C20171D11EAAA15E818C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.12.0/24
                  103.133.242.0/23
                  103.213.30.0/24
                  117.55.248.0-117.55.253.255
                IPv6:
                  2001:df1:7e00::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:45:f9:ff:e5:26:d9:81:14:3b:51:16:bd:94:76:27:20:f3:
         fa:d6:43:19:14:d4:e8:f8:d9:79:8e:ab:62:30:79:9d:18:fe:
         eb:b8:be:94:3d:e4:03:4e:85:c0:ab:d2:79:2f:9c:e4:02:d1:
         84:45:93:c1:3d:8a:ea:9c:ea:88:3c:21:f3:47:4e:46:e0:d0:
         9c:28:19:b3:f6:63:22:7c:99:02:c3:e7:bd:43:f2:80:0a:62:
         06:ea:ed:d3:04:73:16:d3:33:e4:0a:87:de:67:b1:2e:60:ae:
         22:00:de:92:37:24:8d:1c:1c:a3:ba:78:20:43:d7:40:b9:90:
         c3:78:53:7d:7a:f1:93:c1:9f:5d:06:a8:83:7f:b6:b9:da:28:
         dd:95:86:ff:9b:89:fb:57:8e:67:ee:8a:c1:1d:42:50:6a:1a:
         51:9b:4c:a0:06:2a:5f:de:a9:6b:27:43:f9:5f:d3:32:e0:d6:
         1b:70:23:c5:b5:65:91:e4:68:3d:fc:22:27:5c:10:c8:56:57:
         f2:67:60:16:eb:f4:12:95:18:26:8e:6b:10:96:ae:fe:b5:03:
         96:56:14:68:72:53:e5:c7:1b:dc:9c:9d:88:d3:ca:43:72:ca:
         f2:1d:84:c8:dd:ba:ab:cc:94:0d:67:57:dc:85:7e:18:e7:75:
         ad:d6:b8:83
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgICEGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODE2QkQxMTAvBgNVBAUTKEMyNEM1MUJEQjAyQjcxMzZDMEYyNUFGMTk1QjM3MDM3
OTk3QjE3RTgwHhcNMjYwNjMwMTgyMTI0WhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0MDkyNC0yN2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtFDlFeRiXWHaEm9q7d5/ES3zb7Suar/LGVmli07p51pyq5XdHR68eiK8kens
+jX5IWEZK6gkMtjysJThdxzQeFTvsGWlQGeSTFIqRYc94kS6xooclaA00J3KV4YQ
yr58LMDKelFLFkVipqfYAA4X5eITbBO2E4lJG60d7l2gqhYmuBNzdcV8FTj5fHGT
gmr5f9ZD4yx1clptB6Pm8nYHUaY9+ihUivvNg+K2OYIQa4F8n2PipNMS1kScLRdf
gFgN2AmYfs81pLOR3J4UXDYOf2IQks2oaMCBYHEyT8FaNKGdSHkNx5pd2JmrscGK
NaF/nTEdf3x51NVVVRHMBeugVQIDAQABo4ICizCCAocwHQYDVR0OBBYEFGzkr0rt
9ACyR7d2CqXz138uPUXlMB8GA1UdIwQYMBaAFMJMUb2wK3E2wPJa8ZWzcDeZexfo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTZCRC85OEE1REY5QzY1
ODExMUU5QUE4MzMzNURDNEY5QUUwMi93a3hSdmJBcmNUYkE4bHJ4bGJOd041bDdG
LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dreFJ2YkFyY1RiQThscnhsYk53TjVsN0YtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODE2QkQvOThBNURGOUM2NTgxMTFFOUFBODMzMzVEQzRGOUFFMDIvRDMzNzhDMjAx
NzFEMTFFQUFBMTVFODE4QzRGOUFFMDIucm9hMEoGCCsGAQUFBwEHAQH/BDswOTAm
BAIAATAgAwQAZ3QMAwQBZ4XyAwQAZ9UeMAwDBAN1N/gDBAF1N/wwDwQCAAIwCQMH
ACABDfF+ADANBgkqhkiG9w0BAQsFAAOCAQEAL0X5/+Um2YEUO1EWvZR2JyDz+tZD
GRTU6PjZeY6rYjB5nRj+67i+lD3kA06FwKvSeS+c5ALRhEWTwT2K6pzqiDwh80dO
RuDQnCgZs/ZjInyZAsPnvUPygApiBurt0wRzFtMz5AqH3mexLmCuIgDekjckjRwc
o7p4IEPXQLmQw3hTfXrxk8GfXQaog3+2udoo3ZWG/5uJ+1eOZ+6KwR1CUGoaUZtM
oAYqX96paydD+V/TMuDWG3AjxbVlkeRoPfwiJ1wQyFZX8mdgFuv0EpUYJo5rEJau
/rUDllYUaHJT5ccb3JydiNPKQ3LK8h2EyN26q8yUDWdX3IV+GOd1rda4gw==
-----END CERTIFICATE-----
Generated at Sat Jul 11 02:17:41 2026 by rpki-client