Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/545743246D1911E7A4448D81C4F9AE02.roa
File:                     545743246D1911E7A4448D81C4F9AE02.roa (raw, json)
Hash identifier:          aF9bVVw6Gwu2L83wIJh2aO8mDQcLr1IwMLw9hro7LqM=
Subject key identifier:   6B:63:15:4D:19:DA:04:20:06:0D:14:A3:D8:27:30:28:9B:C4:A0:2D
Certificate issuer:       /CN=A919EAF3/serialNumber=ED3694218DCB1EAF3D1AF5C6ABC031A6DB7E6CE5
Certificate serial:       1A99
Authority key identifier: ED:36:94:21:8D:CB:1E:AF:3D:1A:F5:C6:AB:C0:31:A6:DB:7E:6C:E5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7TaUIY3LHq89GvXGq8Axptt-bOU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/545743246D1911E7A4448D81C4F9AE02.roa
Signing time:             Tue 14 Jul 2026 17:16:48 +0000
ROA not before:           Tue 14 Jul 2026 17:16:48 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     9234
IP address blocks:        103.11.140.0/23 maxlen: 24
                          103.29.106.0/23 maxlen: 24
                          203.78.148.0/22 maxlen: 22
                          203.78.148.0/24 maxlen: 24
                          203.78.149.0/24 maxlen: 24
                          203.78.150.0/24 maxlen: 24
                          203.78.151.0/24 maxlen: 24
                          2402:5900::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/7TaUIY3LHq89GvXGq8Axptt-bOU.crl
                          rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/7TaUIY3LHq89GvXGq8Axptt-bOU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7TaUIY3LHq89GvXGq8Axptt-bOU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 16:22:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6809 (0x1a99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919EAF3, serialNumber=ED3694218DCB1EAF3D1AF5C6ABC031A6DB7E6CE5
        Validity
            Not Before: Jul 14 17:16:48 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a566eff-4558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6f:a8:a3:f4:94:0a:ac:14:d2:a3:fd:bb:e4:
                    f3:7b:bd:e9:fb:35:56:8a:4d:05:25:b8:47:2b:5f:
                    43:10:6e:21:40:07:2a:f6:38:c0:13:f7:4c:db:b3:
                    2c:6a:f9:91:b0:8d:f3:28:7d:9f:b2:0a:c0:50:cd:
                    03:02:66:47:27:dc:08:fe:fa:61:f5:2a:41:d8:f3:
                    3e:e6:d6:d1:9f:2e:57:a6:19:aa:34:a1:3d:f0:09:
                    91:0d:00:75:23:eb:f8:cb:34:62:d5:31:d8:97:f5:
                    64:22:60:ee:9b:63:b0:09:59:97:5d:15:f5:4d:1d:
                    ae:84:39:3f:80:e7:87:38:77:7f:69:d1:f3:69:ff:
                    5a:55:bb:55:d3:15:7b:f9:c5:93:a7:6f:69:71:2f:
                    c6:b1:da:38:77:0e:b1:27:d0:3f:80:5e:62:27:30:
                    91:61:3b:a3:b3:b5:58:ab:29:86:68:6c:0c:c9:a5:
                    f5:45:0c:fe:02:b6:07:0e:71:c8:a1:7f:ae:d9:7e:
                    e7:ae:3c:73:78:4c:11:d4:b3:b4:87:93:ea:55:83:
                    36:dd:2b:e5:5c:03:63:1b:36:69:c6:e1:7f:5f:1d:
                    e2:d8:e3:fa:33:97:a6:f4:22:a0:06:ac:64:ce:33:
                    85:b0:8f:67:ee:9f:a3:99:f3:7a:e8:2d:12:10:46:
                    e9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:63:15:4D:19:DA:04:20:06:0D:14:A3:D8:27:30:28:9B:C4:A0:2D
            X509v3 Authority Key Identifier:
                keyid:ED:36:94:21:8D:CB:1E:AF:3D:1A:F5:C6:AB:C0:31:A6:DB:7E:6C:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/7TaUIY3LHq89GvXGq8Axptt-bOU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7TaUIY3LHq89GvXGq8Axptt-bOU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/9D200DBC6D1811E7A815DA80C4F9AE02/545743246D1911E7A4448D81C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.11.140.0/23
                  103.29.106.0/23
                  203.78.148.0/22
                IPv6:
                  2402:5900::/32

    Signature Algorithm: sha256WithRSAEncryption
         9f:dc:0c:4e:dc:a4:80:2c:af:2f:8d:ec:bc:6e:4f:ea:9c:0e:
         b9:98:8b:38:98:d9:93:cf:5d:57:29:5a:81:cb:38:91:1e:4a:
         be:f5:f0:10:6c:85:9d:9c:7d:88:03:a9:34:f2:79:e7:7e:17:
         68:dd:47:34:dc:5b:aa:cd:f0:24:4a:86:b9:8a:17:b5:1b:85:
         a6:40:77:a9:24:95:b3:22:17:d3:7f:d1:ca:9e:26:fd:ce:96:
         94:a4:91:d3:ff:78:fb:5f:ff:9b:89:ea:d7:1e:b3:89:22:97:
         5a:3d:22:fe:9e:0e:36:aa:48:9d:0b:a4:55:97:5f:8f:6c:85:
         f6:5d:3a:c9:3e:ef:e8:5a:2b:e6:06:f2:ec:cb:70:19:7f:ed:
         bc:a7:3c:fa:b6:f1:a0:9c:cd:c8:3b:cb:73:0d:55:30:e5:53:
         2c:a4:37:45:9f:90:5d:72:3e:3b:d0:02:6e:e3:4f:48:5f:2f:
         5e:87:4f:95:d8:26:bb:e4:d8:86:7f:2d:c0:e6:a5:c8:83:d4:
         13:82:20:cc:26:2a:2b:37:9e:a7:fb:11:01:39:b7:41:04:7e:
         17:2b:a1:7c:f2:69:c4:97:96:30:20:c7:ac:3c:8e:e6:1f:64:
         59:24:51:4c:4c:9c:1e:e1:55:46:9a:05:e4:ef:94:0f:cf:5e:
         8b:ae:d9:68
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICGpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBRjMxMTAvBgNVBAUTKEVEMzY5NDIxOERDQjFFQUYzRDFBRjVDNkFCQzAzMUE2
REI3RTZDRTUwHhcNMjYwNzE0MTcxNjQ4WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU2NmVmZi00NTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw2+oo/SUCqwU0qP9u+Tze73p+zVWik0FJbhHK19DEG4hQAcq9jjAE/dM27Ms
avmRsI3zKH2fsgrAUM0DAmZHJ9wI/vph9SpB2PM+5tbRny5XphmqNKE98AmRDQB1
I+v4yzRi1THYl/VkImDum2OwCVmXXRX1TR2uhDk/gOeHOHd/adHzaf9aVbtV0xV7
+cWTp29pcS/Gsdo4dw6xJ9A/gF5iJzCRYTujs7VYqymGaGwMyaX1RQz+ArYHDnHI
oX+u2X7nrjxzeEwR1LO0h5PqVYM23SvlXANjGzZpxuF/Xx3i2OP6M5em9CKgBqxk
zjOFsI9n7p+jmfN66C0SEEbpzQIDAQABo4ICezCCAncwHQYDVR0OBBYEFGtjFU0Z
2gQgBg0Uo9gnMCibxKAtMB8GA1UdIwQYMBaAFO02lCGNyx6vPRr1xqvAMabbfmzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85RDIwMERCQzZE
MTgxMUU3QTgxNURBODBDNEY5QUUwMi83VGFVSVkzTEhxODlHdlhHcThBeHB0dC1i
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdUYVVJWTNMSHE4OUd2WEdxOEF4cHR0LWJPVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOUQyMDBEQkM2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvNTQ1NzQzMjQ2
RDE5MTFFN0E0NDQ4RDgxQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQBZwuMAwQBZx1qAwQCy06UMA0EAgACMAcDBQAkAlkAMA0GCSqGSIb3
DQEBCwUAA4IBAQCf3AxO3KSALK8vjey8bk/qnA65mIs4mNmTz11XKVqByziRHkq+
9fAQbIWdnH2IA6k08nnnfhdo3Uc03FuqzfAkSoa5ihe1G4WmQHepJJWzIhfTf9HK
nib9zpaUpJHT/3j7X/+bierXHrOJIpdaPSL+ng42qkidC6RVl1+PbIX2XTrJPu/o
WivmBvLsy3AZf+28pzz6tvGgnM3IO8tzDVUw5VMspDdFn5Bdcj470AJu409IXy9e
h0+V2Ca75NiGfy3A5qXIg9QTgiDMJiorN56n+xEBObdBBH4XK6F88mnEl5YwIMes
PI7mH2RZJFFMTJwe4VVGmgXk75QPz16Lrtlo
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:57:13 2026 by rpki-client