Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/B6EB7E8ED14511EC89527642C4F9AE02.roa
File:                     B6EB7E8ED14511EC89527642C4F9AE02.roa (raw, json)
Hash identifier:          hAQl9H75BpKmN7Muu51VVyZ+oy7nwK9cCULcraz4/lY=
Subject key identifier:   47:B0:59:E9:94:B0:36:45:A7:AC:B1:A7:5D:B4:C5:62:C0:76:A2:F9
Certificate issuer:       /CN=A9199DF5/serialNumber=A570F370D54ED02454C57F83EEC3E4F44A7A8B76
Certificate serial:       03E8
Authority key identifier: A5:70:F3:70:D5:4E:D0:24:54:C5:7F:83:EE:C3:E4:F4:4A:7A:8B:76
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/B6EB7E8ED14511EC89527642C4F9AE02.roa
Signing time:             Wed 01 Jul 2026 02:27:13 +0000
ROA not before:           Wed 01 Jul 2026 02:27:13 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     149825
IP address blocks:        103.187.28.0/23 maxlen: 23
                          103.187.28.0/24 maxlen: 24
                          103.187.29.0/24 maxlen: 24
                          2001:df0:b740::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.crl
                          rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 00:56:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1000 (0x3e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9199DF5, serialNumber=A570F370D54ED02454C57F83EEC3E4F44A7A8B76
        Validity
            Not Before: Jul  1 02:27:13 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a447b00-4f56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:7c:69:53:0d:cf:27:db:61:24:ea:22:fb:ca:
                    1a:03:ea:4f:0d:77:e0:e3:dc:57:bd:72:ae:c6:e2:
                    ef:0f:ff:d8:58:65:c9:63:f6:1d:e3:38:5c:60:c3:
                    b3:0b:44:87:ee:8f:88:36:4e:00:cc:b9:ac:d1:b7:
                    f1:63:63:18:dd:4d:9a:87:4e:60:6a:84:32:b7:1b:
                    c2:1b:f4:4f:af:78:b8:16:ca:70:ec:02:de:28:35:
                    db:26:e3:39:ca:e2:0b:39:09:22:ee:19:ac:b1:0e:
                    35:fa:04:d9:8a:4d:83:7b:1b:6b:96:63:cb:69:0f:
                    2d:9a:ff:c1:12:94:22:e8:ff:73:39:bb:4e:af:f8:
                    55:81:bd:1b:3f:05:18:a8:ed:d6:86:4b:73:60:85:
                    ae:26:c4:7b:ff:42:79:4e:92:0e:7c:61:ac:78:47:
                    58:0c:38:3b:d2:0c:aa:c9:71:9b:41:32:21:f4:53:
                    37:e1:ed:45:a4:c8:60:f7:9e:d7:b7:ab:16:87:e1:
                    1b:da:d0:5d:b7:8d:b0:c8:fa:e7:06:5a:b5:8d:02:
                    b3:20:2c:d2:3e:c2:dd:b1:f0:f1:8b:45:ce:16:7c:
                    86:37:9e:21:8c:b3:41:d3:d4:90:47:01:ff:ea:57:
                    c0:88:e1:d3:6d:74:e3:8e:1d:7c:a6:e2:d8:6c:4a:
                    fb:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B0:59:E9:94:B0:36:45:A7:AC:B1:A7:5D:B4:C5:62:C0:76:A2:F9
            X509v3 Authority Key Identifier:
                keyid:A5:70:F3:70:D5:4E:D0:24:54:C5:7F:83:EE:C3:E4:F4:4A:7A:8B:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pXDzcNVO0CRUxX-D7sPk9Ep6i3Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199DF5/C240B794D14111ECA553843AC4F9AE02/B6EB7E8ED14511EC89527642C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.187.28.0/23
                IPv6:
                  2001:df0:b740::/48

    Signature Algorithm: sha256WithRSAEncryption
         b0:04:d7:cc:04:9a:bf:9d:69:b0:f9:2d:4e:ae:a0:7e:f0:eb:
         43:98:2e:46:59:45:78:87:11:cd:23:e2:99:11:16:b0:25:4e:
         3a:36:fd:3c:f8:e1:1c:fc:1d:f0:28:1d:24:e0:9c:9e:bf:48:
         97:eb:84:25:78:91:3e:a8:1a:39:95:86:aa:f9:ba:09:96:66:
         04:73:70:1f:42:ef:ff:07:c0:60:bf:3c:62:fb:6f:9c:ad:de:
         03:c5:39:18:56:c0:0a:1b:ff:dd:fe:e4:57:27:10:19:3e:5c:
         3c:c0:a0:6b:f3:0b:50:b8:f3:35:6d:57:55:7b:3d:7d:1e:16:
         2a:ee:82:94:19:a1:a5:7f:5a:72:1b:07:00:60:8e:c2:b4:1a:
         20:12:9d:0c:01:d9:2f:90:ae:ea:9c:59:b8:f2:7a:96:7e:9b:
         3d:25:5d:ca:27:cb:67:c1:bb:21:68:a1:f9:07:ed:fc:a2:c4:
         4e:02:b1:5a:10:b2:23:8d:2c:9d:2f:c2:ca:b8:a9:41:5f:0e:
         c4:00:8c:50:8c:e3:51:a8:12:bb:bd:5b:45:63:cc:93:8b:ef:
         cb:2a:7e:f8:8e:8b:96:1a:7d:bd:57:1a:f7:c9:c9:07:5e:9f:
         d3:ee:2c:ee:b6:1b:81:32:1c:85:91:9a:29:67:b6:34:ba:12:
         a9:49:09:4e
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTlERjUxMTAvBgNVBAUTKEE1NzBGMzcwRDU0RUQwMjQ1NEM1N0Y4M0VFQzNFNEY0
NEE3QThCNzYwHhcNMjYwNzAxMDIyNzEzWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0N2IwMC00ZjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl3xpUw3PJ9thJOoi+8oaA+pPDXfg49xXvXKuxuLvD//YWGXJY/Yd4zhcYMOz
C0SH7o+INk4AzLms0bfxY2MY3U2ah05gaoQytxvCG/RPr3i4Fspw7ALeKDXbJuM5
yuILOQki7hmssQ41+gTZik2DextrlmPLaQ8tmv/BEpQi6P9zObtOr/hVgb0bPwUY
qO3WhktzYIWuJsR7/0J5TpIOfGGseEdYDDg70gyqyXGbQTIh9FM34e1FpMhg957X
t6sWh+Eb2tBdt42wyPrnBlq1jQKzICzSPsLdsfDxi0XOFnyGN54hjLNB09SQRwH/
6lfAiOHTbXTjjh18puLYbEr73QIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFEewWemU
sDZFp6yxp120xWLAdqL5MB8GA1UdIwQYMBaAFKVw83DVTtAkVMV/g+7D5PRKeot2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OURGNS9DMjQwQjc5NEQx
NDExMUVDQTU1Mzg0M0FDNEY5QUUwMi9wWER6Y05WTzBDUlV4WC1EN3NQazlFcDZp
M1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BYRHpjTlZPMENSVXhYLUQ3c1BrOUVwNmkzWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTlERjUvQzI0MEI3OTREMTQxMTFFQ0E1NTM4NDNBQzRGOUFFMDIvQjZFQjdFOEVE
MTQ1MTFFQzg5NTI3NjQyQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQBZ7scMA8EAgACMAkDBwAgAQ3wt0AwDQYJKoZIhvcNAQELBQADggEB
ALAE18wEmr+dabD5LU6uoH7w60OYLkZZRXiHEc0j4pkRFrAlTjo2/Tz44Rz8HfAo
HSTgnJ6/SJfrhCV4kT6oGjmVhqr5ugmWZgRzcB9C7/8HwGC/PGL7b5yt3gPFORhW
wAob/93+5FcnEBk+XDzAoGvzC1C48zVtV1V7PX0eFirugpQZoaV/WnIbBwBgjsK0
GiASnQwB2S+QruqcWbjyepZ+mz0lXcony2fBuyFoofkH7fyixE4CsVoQsiONLJ0v
wsq4qUFfDsQAjFCM41GoEru9W0VjzJOL78sqfviOi5Yafb1XGvfJyQden9PuLO62
G4EyHIWRmilntjS6EqlJCU4=
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:23:32 2026 by rpki-client