Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/05F05106586011EE9399A92EC4F9AE02.roa
File:                     05F05106586011EE9399A92EC4F9AE02.roa (raw, json)
Hash identifier:          NRdz74W1noDs/Jst6l7nB8fE2ZHETWFi07LKykhjq1A=
Subject key identifier:   92:25:43:FF:7F:80:20:1B:A8:0C:A3:47:A7:8E:DE:71:C7:CB:76:63
Certificate issuer:       /CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
Certificate serial:       07C9
Authority key identifier: EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/05F05106586011EE9399A92EC4F9AE02.roa
Signing time:             Mon 06 Jul 2026 22:23:23 +0000
ROA not before:           Mon 06 Jul 2026 22:23:23 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     55933
IP address blocks:        43.254.216.0/22 maxlen: 24
                          103.238.224.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl
                          rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 21:59:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1993 (0x7c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918BB4D, serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
        Validity
            Not Before: Jul  6 22:23:23 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4c2adb-3ec6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:07:9c:c2:fa:f6:5d:e5:f6:10:a1:47:9f:93:
                    2c:73:fc:56:4e:35:27:e1:10:aa:48:fc:a7:57:7c:
                    21:2b:94:92:08:87:7f:37:fc:56:73:6a:b1:12:5b:
                    e2:b9:fa:d9:62:9f:fe:c5:71:44:17:cb:bd:1d:f5:
                    8a:7f:0f:86:e6:23:52:8a:40:24:b5:ae:6d:5e:61:
                    64:7e:86:7d:94:32:cc:4a:1c:97:d4:c6:72:13:f0:
                    bf:23:42:b0:11:7e:84:c9:4b:b2:97:cf:e8:0d:02:
                    32:6c:b4:e8:66:c3:c3:ce:fd:b0:8c:28:9e:27:27:
                    b5:e9:fc:a5:00:b9:d2:a9:b8:27:46:da:72:28:8a:
                    37:09:6d:d9:d6:69:fd:8f:f8:e9:f5:54:07:6a:44:
                    62:d5:34:5e:47:b7:9c:bf:43:e4:0c:11:81:e7:f8:
                    47:76:af:4d:2a:b5:27:b0:f9:70:91:53:85:c9:d7:
                    ba:c3:94:b2:49:a4:47:fc:36:7b:29:4d:07:b9:49:
                    95:8f:0e:b4:dd:0e:4e:45:6e:ec:86:1c:28:0f:3f:
                    cc:c3:9b:38:77:76:11:ce:24:41:83:28:19:7d:84:
                    c5:0b:09:ef:61:c3:f2:c2:b6:5a:e9:74:fc:8f:e7:
                    e1:8d:b7:f6:50:49:f7:17:46:6b:67:21:17:8d:b7:
                    ec:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:25:43:FF:7F:80:20:1B:A8:0C:A3:47:A7:8E:DE:71:C7:CB:76:63
            X509v3 Authority Key Identifier:
                keyid:EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/05F05106586011EE9399A92EC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.254.216.0/22
                  103.238.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:4e:7b:d0:4b:9f:45:0f:f1:f5:d0:12:1c:84:6c:1f:e3:c2:
         ce:42:d1:66:24:50:1a:d8:b4:99:0c:40:09:30:d4:fd:d7:da:
         f9:d6:ba:3d:61:09:ad:23:1c:21:59:cb:e6:60:a9:43:ea:35:
         f3:a5:bd:84:f6:f7:61:09:59:35:ba:50:19:46:7d:f6:d0:02:
         da:67:a4:1e:62:a1:1f:34:ae:97:fb:ae:31:15:71:c1:09:5d:
         c5:24:91:30:60:f4:58:f8:a3:3c:6b:66:eb:18:42:26:96:c7:
         cd:ed:8f:80:6e:cb:8c:d8:60:ad:f5:d9:28:d9:82:ec:3a:27:
         fb:10:fe:88:31:ab:2f:f6:0f:df:01:c5:15:3f:46:48:bd:44:
         db:56:1e:8c:f7:4b:82:15:7c:8b:72:fc:50:ee:30:81:1c:1d:
         12:4e:27:40:bb:d3:18:0a:b8:79:cf:2b:d5:80:94:cc:37:fe:
         1d:f2:97:ca:fb:be:ee:53:3a:5f:20:98:82:82:19:63:fe:ac:
         17:80:f9:e8:1e:3b:23:3b:67:26:8c:df:6e:e4:d8:db:4e:df:
         38:2c:ff:ff:df:17:e8:b8:ed:1c:38:cd:c2:44:98:d8:d0:0c:
         e4:e5:ca:56:9a:1b:f3:2b:40:30:24:23:b9:58:73:31:2e:64:
         79:21:8d:cd
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICB8kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJCNEQxMTAvBgNVBAUTKEVGNDAzNjQzRUE5ODIwQUU2RDlENjIyRjlBRUZEN0E0
QzkxNTRGMjQwHhcNMjYwNzA2MjIyMzIzWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjMmFkYi0zZWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3gecwvr2XeX2EKFHn5Msc/xWTjUn4RCqSPynV3whK5SSCId/N/xWc2qxElvi
ufrZYp/+xXFEF8u9HfWKfw+G5iNSikAkta5tXmFkfoZ9lDLMShyX1MZyE/C/I0Kw
EX6EyUuyl8/oDQIybLToZsPDzv2wjCieJye16fylALnSqbgnRtpyKIo3CW3Z1mn9
j/jp9VQHakRi1TReR7ecv0PkDBGB5/hHdq9NKrUnsPlwkVOFyde6w5SySaRH/DZ7
KU0HuUmVjw603Q5ORW7shhwoDz/Mw5s4d3YRziRBgygZfYTFCwnvYcPywrZa6XT8
j+fhjbf2UEn3F0ZrZyEXjbfsnQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFJIlQ/9/
gCAbqAyjR6eO3nHHy3ZjMB8GA1UdIwQYMBaAFO9ANkPqmCCubZ1iL5rv16TJFU8k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkI0RC9DQTU2M0JFODY1
MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlLNXRuV0l2bXVfWHBNa1ZU
eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcwQTJRLXFZSUs1dG5XSXZtdV9YcE1rVlR5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJCNEQvQ0E1NjNCRTg2NTIyMTFFQjgwRjZFOTRCQzRGOUFFMDIvMDVGMDUxMDY1
ODYwMTFFRTkzOTlBOTJFQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQCK/7YAwQCZ+7gMA0GCSqGSIb3DQEBCwUAA4IBAQCETnvQS59FD/H1
0BIchGwf48LOQtFmJFAa2LSZDEAJMNT919r51ro9YQmtIxwhWcvmYKlD6jXzpb2E
9vdhCVk1ulAZRn320ALaZ6QeYqEfNK6X+64xFXHBCV3FJJEwYPRY+KM8a2brGEIm
lsfN7Y+AbsuM2GCt9dko2YLsOif7EP6IMasv9g/fAcUVP0ZIvUTbVh6M90uCFXyL
cvxQ7jCBHB0STidAu9MYCrh5zyvVgJTMN/4d8pfK+77uUzpfIJiCghlj/qwXgPno
HjsjO2cmjN9u5NjbTt84LP//3xfouO0cOM3CRJjY0Azk5cpWmhvzK0AwJCO5WHMx
LmR5IY3N
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:49:42 2026 by rpki-client