Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA54/D88CD9D6DC3811EC93910B68C4F9AE02/F7ACA074DC3F11EC8323B460C4F9AE02.roa
File:                     F7ACA074DC3F11EC8323B460C4F9AE02.roa (raw, json)
Hash identifier:          Bba3ux72e27e1jQ1j28aUjisSioDvxuoxGTwro6zTXQ=
Subject key identifier:   30:82:9E:38:10:69:64:CB:80:E6:CD:19:DF:0D:99:80:74:BB:E2:84
Certificate issuer:       /CN=A918AA54/serialNumber=3E67DBF782202893F1FB5AF7D6FC09D0018FDF06
Certificate serial:       03ED
Authority key identifier: 3E:67:DB:F7:82:20:28:93:F1:FB:5A:F7:D6:FC:09:D0:01:8F:DF:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pmfb94IgKJPx-1r31vwJ0AGP3wY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918AA54/D88CD9D6DC3811EC93910B68C4F9AE02/F7ACA074DC3F11EC8323B460C4F9AE02.roa
Signing time:             Wed 01 Jul 2026 02:27:41 +0000
ROA not before:           Wed 01 Jul 2026 02:27:40 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     137526
IP address blocks:        103.186.238.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918AA54/D88CD9D6DC3811EC93910B68C4F9AE02/Pmfb94IgKJPx-1r31vwJ0AGP3wY.crl
                          rsync://rpki.apnic.net/member_repository/A918AA54/D88CD9D6DC3811EC93910B68C4F9AE02/Pmfb94IgKJPx-1r31vwJ0AGP3wY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pmfb94IgKJPx-1r31vwJ0AGP3wY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 01:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1005 (0x3ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918AA54, serialNumber=3E67DBF782202893F1FB5AF7D6FC09D0018FDF06
        Validity
            Not Before: Jul  1 02:27:40 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a447b1c-c167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:3c:cd:ae:4a:f6:67:93:84:22:51:17:1a:e6:
                    7b:06:72:99:66:57:53:77:09:b4:e5:31:06:da:ec:
                    ea:96:c2:2a:78:39:2b:d5:8f:b0:aa:67:2a:97:29:
                    1d:70:db:6b:9f:a0:68:0e:d0:21:50:27:47:f0:44:
                    39:03:84:5f:08:ca:65:b0:dc:21:d6:c1:3c:22:ed:
                    fa:3b:ed:41:03:eb:cc:b6:f1:03:34:55:3e:73:9e:
                    a6:c4:aa:46:b6:aa:4a:85:05:15:42:c5:c1:40:3f:
                    98:1f:7b:db:33:17:22:68:7b:18:77:da:09:e0:f1:
                    f4:d4:68:a6:b2:c2:8d:52:33:b1:22:8a:62:7e:2c:
                    bb:41:d7:d2:40:4b:7d:7b:2e:ec:5c:18:02:0a:36:
                    ec:ef:db:ac:50:d6:7f:29:cd:f7:8b:b8:6d:26:11:
                    47:59:5c:ff:0a:a5:a5:ad:52:40:ec:9a:e6:e4:c3:
                    a6:f0:59:32:1b:a9:a7:7c:5a:c6:7f:d8:d3:86:27:
                    2d:e9:71:53:ae:d8:8b:d6:20:cc:eb:7f:93:a4:fb:
                    f0:c6:87:5a:dd:04:6b:39:d2:16:f1:c2:f9:0a:d6:
                    b0:fb:d2:a4:2e:bb:43:62:fe:8a:16:08:84:0b:de:
                    d3:1a:60:b0:b0:43:85:70:ff:be:08:03:68:1d:46:
                    a2:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:82:9E:38:10:69:64:CB:80:E6:CD:19:DF:0D:99:80:74:BB:E2:84
            X509v3 Authority Key Identifier:
                keyid:3E:67:DB:F7:82:20:28:93:F1:FB:5A:F7:D6:FC:09:D0:01:8F:DF:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918AA54/D88CD9D6DC3811EC93910B68C4F9AE02/Pmfb94IgKJPx-1r31vwJ0AGP3wY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Pmfb94IgKJPx-1r31vwJ0AGP3wY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA54/D88CD9D6DC3811EC93910B68C4F9AE02/F7ACA074DC3F11EC8323B460C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:ad:ff:5a:ed:75:a2:19:67:98:bd:65:83:f3:df:07:18:ee:
         6c:48:93:f7:ca:37:53:75:f9:2f:ae:7b:25:52:98:f1:9d:26:
         66:46:9a:3d:b2:50:42:e1:ea:a5:83:2c:01:2a:34:08:45:37:
         c0:a4:e4:7f:8a:30:70:ee:a5:b2:08:e1:fc:47:a8:44:77:1f:
         f5:3f:f2:25:b3:6c:de:d4:e5:29:06:c8:10:f4:ca:bb:5e:2e:
         db:30:3a:12:27:50:37:be:ff:e0:94:63:0a:d8:13:8e:53:df:
         83:53:19:86:f0:de:73:bf:65:a3:c9:af:c8:cc:d4:0c:01:95:
         7d:d0:87:00:3b:22:14:d3:40:a1:a7:af:e2:13:47:32:0b:22:
         49:90:99:d3:da:19:da:6f:c4:6a:f4:90:22:55:1d:70:6b:01:
         54:c7:90:8f:79:3d:86:44:98:54:6e:99:8a:ec:1d:45:e9:5b:
         97:ef:46:80:f8:4d:41:be:2a:f9:b0:5d:9e:43:96:e4:17:eb:
         29:ca:e0:9a:9c:f4:19:c7:c7:53:63:ab:e1:cd:8c:b4:f2:fc:
         f7:e6:59:d4:76:09:65:c0:02:f6:13:91:50:de:29:7a:69:74:
         f6:db:f9:33:b8:5b:5f:52:54:26:b6:4a:07:64:be:8d:f1:58:
         81:7c:a8:4a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICA+0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEFBNTQxMTAvBgNVBAUTKDNFNjdEQkY3ODIyMDI4OTNGMUZCNUFGN0Q2RkMwOUQw
MDE4RkRGMDYwHhcNMjYwNzAxMDIyNzQwWhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0N2IxYy1jMTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2TzNrkr2Z5OEIlEXGuZ7BnKZZldTdwm05TEG2uzqlsIqeDkr1Y+wqmcqlykd
cNtrn6BoDtAhUCdH8EQ5A4RfCMplsNwh1sE8Iu36O+1BA+vMtvEDNFU+c56mxKpG
tqpKhQUVQsXBQD+YH3vbMxciaHsYd9oJ4PH01GimssKNUjOxIopifiy7QdfSQEt9
ey7sXBgCCjbs79usUNZ/Kc33i7htJhFHWVz/CqWlrVJA7Jrm5MOm8FkyG6mnfFrG
f9jThict6XFTrtiL1iDM63+TpPvwxoda3QRrOdIW8cL5Ctaw+9KkLrtDYv6KFgiE
C97TGmCwsEOFcP++CANoHUai5wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFDCCnjgQ
aWTLgObNGd8NmYB0u+KEMB8GA1UdIwQYMBaAFD5n2/eCICiT8fta99b8CdABj98G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE1NC9EODhDRDlENkRD
MzgxMUVDOTM5MTBCNjhDNEY5QUUwMi9QbWZiOTRJZ0tKUHgtMXIzMXZ3SjBBR1Az
d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BtZmI5NElnS0pQeC0xcjMxdndKMEFHUDN3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEFBNTQvRDg4Q0Q5RDZEQzM4MTFFQzkzOTEwQjY4QzRGOUFFMDIvRjdBQ0EwNzRE
QzNGMTFFQzgzMjNCNDYwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ7ruMA0GCSqGSIb3DQEBCwUAA4IBAQCmrf9a7XWiGWeYvWWD898H
GO5sSJP3yjdTdfkvrnslUpjxnSZmRpo9slBC4eqlgywBKjQIRTfApOR/ijBw7qWy
COH8R6hEdx/1P/Ils2ze1OUpBsgQ9Mq7Xi7bMDoSJ1A3vv/glGMK2BOOU9+DUxmG
8N5zv2Wjya/IzNQMAZV90IcAOyIU00Chp6/iE0cyCyJJkJnT2hnab8Rq9JAiVR1w
awFUx5CPeT2GRJhUbpmK7B1F6VuX70aA+E1Bvir5sF2eQ5bkF+spyuCanPQZx8dT
Y6vhzYy08vz35lnUdgllwAL2E5FQ3il6aXT22/kzuFtfUlQmtkoHZL6N8ViBfKhK
-----END CERTIFICATE-----
Generated at Sat Jul 4 08:21:16 2026 by rpki-client