Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/0802DFC67B1C11E8BC732C17C4F9AE02.roa
File:                     0802DFC67B1C11E8BC732C17C4F9AE02.roa (raw, json)
Hash identifier:          W6FOTcn74gf4+0BoMZOpH6DC5rviJxuaWu2OotOF9rk=
Subject key identifier:   62:6F:37:AE:80:0A:F7:10:BC:87:3E:E1:9C:64:95:19:0E:C3:BE:0C
Certificate issuer:       /CN=A918D5CF/serialNumber=370393BC6460E52D0F5E021D552F5817433EB2E7
Certificate serial:       14ED
Authority key identifier: 37:03:93:BC:64:60:E5:2D:0F:5E:02:1D:55:2F:58:17:43:3E:B2:E7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NwOTvGRg5S0PXgIdVS9YF0M-suc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/0802DFC67B1C11E8BC732C17C4F9AE02.roa
Signing time:             Wed 24 Jun 2026 17:20:00 +0000
ROA not before:           Wed 24 Jun 2026 17:20:00 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     9890
IP address blocks:        103.115.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/NwOTvGRg5S0PXgIdVS9YF0M-suc.crl
                          rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/NwOTvGRg5S0PXgIdVS9YF0M-suc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NwOTvGRg5S0PXgIdVS9YF0M-suc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 16:51:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5357 (0x14ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918D5CF, serialNumber=370393BC6460E52D0F5E021D552F5817433EB2E7
        Validity
            Not Before: Jun 24 17:20:00 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3c11c0-8d35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:be:ed:60:63:b4:b6:ee:95:3d:f4:72:3a:3c:
                    38:22:55:f1:d3:8c:39:8a:d9:00:d2:1f:c8:bf:f5:
                    6b:68:f5:a7:34:cf:d4:23:26:71:f5:59:86:f1:ce:
                    98:37:10:0e:95:aa:38:61:6a:ea:fc:80:37:b1:f6:
                    dc:a1:02:97:11:c5:0c:66:17:6d:a7:1f:3a:1e:b8:
                    36:22:d7:0b:4a:ab:69:99:2c:14:e6:a9:15:24:d9:
                    2f:55:50:7f:f5:27:53:f5:99:4e:1c:9d:97:1c:a2:
                    7a:89:c5:0d:f7:1d:7e:5d:86:e6:5a:aa:81:f5:03:
                    f0:11:b8:d5:e6:03:39:a5:b6:1a:3f:cf:f8:c0:88:
                    ff:d5:a8:e8:ff:ae:f1:47:e1:12:09:50:7b:13:8a:
                    c9:85:07:57:5a:93:0d:42:95:4a:20:fb:30:a5:44:
                    59:3b:32:70:9c:05:be:03:e8:b3:ff:50:e8:c6:5b:
                    ea:3e:2a:38:0f:23:13:1b:82:b1:61:e2:87:e6:0d:
                    c3:5b:ec:db:04:5e:fd:02:3b:74:87:66:27:69:94:
                    5a:19:0b:18:62:8f:1c:71:3b:a2:08:96:02:34:f5:
                    1f:06:3e:9d:29:4d:bd:be:4d:22:49:32:2f:00:48:
                    b6:c8:87:b8:e7:46:20:3b:0c:c6:c9:2a:f3:c0:c4:
                    28:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:6F:37:AE:80:0A:F7:10:BC:87:3E:E1:9C:64:95:19:0E:C3:BE:0C
            X509v3 Authority Key Identifier:
                keyid:37:03:93:BC:64:60:E5:2D:0F:5E:02:1D:55:2F:58:17:43:3E:B2:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/NwOTvGRg5S0PXgIdVS9YF0M-suc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NwOTvGRg5S0PXgIdVS9YF0M-suc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D5CF/98D0B4F87B1A11E88F3D0C14C4F9AE02/0802DFC67B1C11E8BC732C17C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:d9:b5:38:6c:05:0e:48:66:14:3c:f0:80:31:28:d5:97:8b:
         28:1d:38:be:24:74:a6:7d:02:d2:ba:f0:b9:56:ad:5a:e0:a4:
         32:09:7d:15:47:5c:4e:33:1a:ec:9b:e2:ac:53:09:06:06:6b:
         eb:d3:09:70:a8:71:1e:5b:28:88:96:6d:04:d8:ac:b3:b8:b5:
         6f:18:a6:d1:96:56:25:c7:69:5d:61:c1:50:8d:0f:00:3f:14:
         92:65:60:16:a4:0d:96:bc:d3:04:c5:ee:73:e4:ef:47:ee:dd:
         f4:b3:13:59:29:de:dc:4c:c0:0d:09:f2:3a:ec:cb:0c:e1:6b:
         05:12:88:35:f6:22:46:42:d9:68:f9:46:c3:c6:e0:77:27:fc:
         73:51:72:f5:3e:6f:93:93:58:15:b2:4d:cc:04:ab:2c:62:46:
         63:f2:47:4f:e1:24:f4:fa:0d:86:dc:66:2d:11:a9:36:da:70:
         2d:1e:fb:29:a9:3d:35:13:34:d6:07:65:83:3a:0b:4b:d7:c2:
         41:3d:f8:5b:78:d1:b6:98:aa:6f:ae:86:8e:00:a7:3f:59:f0:
         3e:ad:01:c6:9d:ef:a7:74:01:6c:f2:78:e0:44:5b:e0:8e:2f:
         81:63:e7:65:65:c2:9f:81:fa:fa:25:fc:45:30:3a:65:b1:e9:
         dc:37:4a:37
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICFO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ1Q0YxMTAvBgNVBAUTKDM3MDM5M0JDNjQ2MEU1MkQwRjVFMDIxRDU1MkY1ODE3
NDMzRUIyRTcwHhcNMjYwNjI0MTcyMDAwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNjMTFjMC04ZDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqL7tYGO0tu6VPfRyOjw4IlXx04w5itkA0h/Iv/VraPWnNM/UIyZx9VmG8c6Y
NxAOlao4YWrq/IA3sfbcoQKXEcUMZhdtpx86Hrg2ItcLSqtpmSwU5qkVJNkvVVB/
9SdT9ZlOHJ2XHKJ6icUN9x1+XYbmWqqB9QPwEbjV5gM5pbYaP8/4wIj/1ajo/67x
R+ESCVB7E4rJhQdXWpMNQpVKIPswpURZOzJwnAW+A+iz/1DoxlvqPio4DyMTG4Kx
YeKH5g3DW+zbBF79Ajt0h2YnaZRaGQsYYo8ccTuiCJYCNPUfBj6dKU29vk0iSTIv
AEi2yIe450YgOwzGySrzwMQoswIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFGJvN66A
CvcQvIc+4ZxklRkOw74MMB8GA1UdIwQYMBaAFDcDk7xkYOUtD14CHVUvWBdDPrLn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDVDRi85OEQwQjRGODdC
MUExMUU4OEYzRDBDMTRDNEY5QUUwMi9Od09UdkdSZzVTMFBYZ0lkVlM5WUYwTS1z
dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL053T1R2R1JnNVMwUFhnSWRWUzlZRjBNLXN1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ1Q0YvOThEMEI0Rjg3QjFBMTFFODhGM0QwQzE0QzRGOUFFMDIvMDgwMkRGQzY3
QjFDMTFFOEJDNzMyQzE3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ3NiMA0GCSqGSIb3DQEBCwUAA4IBAQBZ2bU4bAUOSGYUPPCAMSjV
l4soHTi+JHSmfQLSuvC5Vq1a4KQyCX0VR1xOMxrsm+KsUwkGBmvr0wlwqHEeWyiI
lm0E2KyzuLVvGKbRllYlx2ldYcFQjQ8APxSSZWAWpA2WvNMExe5z5O9H7t30sxNZ
Kd7cTMANCfI67MsM4WsFEog19iJGQtlo+UbDxuB3J/xzUXL1Pm+Tk1gVsk3MBKss
YkZj8kdP4ST0+g2G3GYtEak22nAtHvspqT01EzTWB2WDOgtL18JBPfhbeNG2mKpv
roaOAKc/WfA+rQHGne+ndAFs8njgRFvgji+BY+dlZcKfgfr6JfxFMDplsencN0o3
-----END CERTIFICATE-----
Generated at Mon Jul 6 05:45:45 2026 by rpki-client