Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E1A2ACA6AA4F11F080DBAA6AC4F9AE02.roa
File:                     E1A2ACA6AA4F11F080DBAA6AC4F9AE02.roa (raw, json)
Hash identifier:          zgIrdNlrxrbgfg6FcIUgpdngIIj3ka92iwCAfgcdocs=
Subject key identifier:   57:C3:89:F8:C9:7A:46:8D:10:5F:6B:12:F4:60:67:5D:BA:E6:00:A2
Certificate issuer:       /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial:       F6A7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E1A2ACA6AA4F11F080DBAA6AC4F9AE02.roa
Signing time:             Mon 06 Jul 2026 17:43:48 +0000
ROA not before:           Mon 06 Jul 2026 17:43:48 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     153366
IP address blocks:        103.124.208.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
                          rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 13:11:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63143 (0xf6a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
        Validity
            Not Before: Jul  6 17:43:48 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6a4be954-c022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:71:26:cc:4c:a5:10:eb:13:0a:58:40:82:63:
                    83:d0:49:da:dc:7e:8d:80:65:ff:7b:29:89:74:5d:
                    ef:10:a0:06:ba:ce:1f:1b:f0:b9:61:43:b0:fd:6a:
                    73:49:ba:76:de:89:6f:19:bb:63:3e:30:03:ef:4a:
                    12:5c:2e:fe:1d:df:fb:40:bd:c1:5e:3f:a0:b7:fd:
                    04:12:f3:cd:36:0d:c1:3c:6d:bd:44:73:59:a4:99:
                    23:1d:19:c7:86:1f:d0:40:88:75:84:36:1a:67:65:
                    01:6c:db:5e:31:af:71:e2:28:5a:ec:2b:ea:b2:55:
                    18:5e:31:50:e7:42:3a:c8:15:59:7d:9d:6d:69:72:
                    d3:02:16:89:69:9f:62:ce:fc:41:04:59:61:a0:a1:
                    f0:b5:2a:25:c3:c2:a2:a0:84:b6:96:3c:e4:8b:76:
                    24:aa:3a:45:96:ee:c6:f1:e8:98:0f:6d:24:d4:eb:
                    1e:0c:0b:0a:67:24:2f:4c:c7:62:71:c8:08:e3:c5:
                    42:89:c9:a2:5d:96:a7:82:35:e4:69:8e:4e:aa:0c:
                    0d:22:13:eb:fa:84:1b:c5:c5:46:88:85:1b:ce:e9:
                    6d:d2:0e:7f:6d:d8:01:e2:76:2f:7b:32:6e:33:5f:
                    ea:92:35:f4:8b:db:29:8a:89:b4:03:15:2a:ad:47:
                    ca:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:C3:89:F8:C9:7A:46:8D:10:5F:6B:12:F4:60:67:5D:BA:E6:00:A2
            X509v3 Authority Key Identifier:
                keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E1A2ACA6AA4F11F080DBAA6AC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.124.208.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:1f:c5:d1:d9:20:6f:05:bf:29:41:a0:41:e9:ae:ca:a8:3d:
         ab:a6:04:b0:15:de:cc:cf:70:91:38:38:f7:99:61:0f:8f:50:
         94:ea:3b:cc:d1:9a:7f:9b:68:49:9d:7f:f5:d7:57:3b:6f:22:
         dc:53:1c:ac:6b:81:ce:68:02:da:b6:40:58:bd:d0:8e:ed:9b:
         28:8c:2d:c3:87:d9:e9:aa:2e:dd:25:d5:d3:5b:73:67:49:7e:
         d4:47:9b:f9:87:1a:eb:dc:a1:d3:8e:30:72:dd:78:9c:e0:36:
         2b:ab:5e:47:78:03:35:6b:c1:b7:53:67:90:8b:20:4e:46:19:
         21:15:a8:39:45:bc:a4:f9:e5:b8:dd:10:37:f0:91:d6:36:36:
         f0:71:c0:f5:9a:f4:3d:ad:43:70:55:a4:27:87:99:9d:43:4c:
         19:46:e1:48:c9:23:6d:62:16:17:b5:31:ab:a7:1f:25:03:28:
         ec:1d:31:17:6d:90:d4:07:89:c4:83:0a:73:66:e6:e7:5c:d1:
         c2:35:06:25:be:43:2f:25:26:1e:21:7d:e4:13:7d:21:98:b9:
         f6:0b:c4:ef:3a:61:96:f7:fc:18:5e:35:04:77:3f:d9:43:06:
         ab:29:9f:4f:1b:c5:3c:64:87:55:72:2c:8f:ce:08:48:ff:10:
         e0:22:f6:ef
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIDAPanMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI2MDcwNjE3NDM0OFoXDTI3MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNmE0YmU5NTQtYzAyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1xJsxMpRDrEwpYQIJjg9BJ2tx+jYBl/3spiXRd7xCgBrrOHxvwuWFDsP1q
c0m6dt6Jbxm7Yz4wA+9KElwu/h3f+0C9wV4/oLf9BBLzzTYNwTxtvURzWaSZIx0Z
x4Yf0ECIdYQ2GmdlAWzbXjGvceIoWuwr6rJVGF4xUOdCOsgVWX2dbWly0wIWiWmf
Ys78QQRZYaCh8LUqJcPCoqCEtpY85It2JKo6RZbuxvHomA9tJNTrHgwLCmckL0zH
YnHICOPFQonJol2Wp4I15GmOTqoMDSIT6/qEG8XFRoiFG87pbdIOf23YAeJ2L3sy
bjNf6pI19IvbKYqJtAMVKq1Hyk8CAwEAAaOCAmAwggJcMB0GA1UdDgQWBBRXw4n4
yXpGjRBfaxL0YGdduuYAojAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0UxQTJBQ0E2
QUE0RjExRjA4MERCQUE2QUM0RjlBRTAyLnJvYTAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWd80DANBgkqhkiG9w0BAQsFAAOCAQEAlB/F0dkgbwW/KUGgQemu
yqg9q6YEsBXezM9wkTg495lhD49QlOo7zNGaf5toSZ1/9ddXO28i3FMcrGuBzmgC
2rZAWL3Qju2bKIwtw4fZ6aou3SXV01tzZ0l+1Eeb+Yca69yh044wct14nOA2K6te
R3gDNWvBt1NnkIsgTkYZIRWoOUW8pPnluN0QN/CR1jY28HHA9Zr0Pa1DcFWkJ4eZ
nUNMGUbhSMkjbWIWF7Uxq6cfJQMo7B0xF22Q1AeJxIMKc2bm51zRwjUGJb5DLyUm
HiF95BN9IZi59gvE7zphlvf8GF41BHc/2UMGqymfTxvFPGSHVXIsj84ISP8Q4CL2
7w==
-----END CERTIFICATE-----
Generated at Sat Jul 18 10:25:24 2026 by rpki-client