Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1D4A/819698FC05D511EE93F91C15C4F9AE02/5261CE84068511EE9F71F964C4F9AE02.roa
File:                     5261CE84068511EE9F71F964C4F9AE02.roa (raw, json)
Hash identifier:          3A4re4g/qR0hFco4Eir5ke45w0NqiUsRtZgbYDBtDZ0=
Subject key identifier:   45:5D:38:C1:F1:2D:B7:EC:38:A5:A7:50:75:50:91:B5:AE:45:E1:3B
Certificate issuer:       /CN=A91A1D4A/serialNumber=C9E8090060F8AE6370A01B7E1EC1D6E26E4FC01A
Certificate serial:       024C
Authority key identifier: C9:E8:09:00:60:F8:AE:63:70:A0:1B:7E:1E:C1:D6:E2:6E:4F:C0:1A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yegJAGD4rmNwoBt-HsHW4m5PwBo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A1D4A/819698FC05D511EE93F91C15C4F9AE02/5261CE84068511EE9F71F964C4F9AE02.roa
Signing time:             Tue 07 Jul 2026 03:29:34 +0000
ROA not before:           Tue 07 Jul 2026 03:29:34 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     132829
IP address blocks:        103.215.180.0/23 maxlen: 23
                          103.215.180.0/24 maxlen: 24
                          103.215.181.0/24 maxlen: 24
                          2401:8e0::/32 maxlen: 32
                          2401:8e0::/48 maxlen: 48
                          2401:8e0:1::/48 maxlen: 48
                          2401:8e0:2::/48 maxlen: 48
                          2401:8e0:3::/48 maxlen: 48
                          2401:8e0:4::/48 maxlen: 48
                          2401:8e0:5::/48 maxlen: 48
                          2401:8e0:6::/48 maxlen: 48
                          2401:8e0:7::/48 maxlen: 48
                          2401:8e0:8::/48 maxlen: 48
                          2401:8e0:9::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A1D4A/819698FC05D511EE93F91C15C4F9AE02/yegJAGD4rmNwoBt-HsHW4m5PwBo.crl
                          rsync://rpki.apnic.net/member_repository/A91A1D4A/819698FC05D511EE93F91C15C4F9AE02/yegJAGD4rmNwoBt-HsHW4m5PwBo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yegJAGD4rmNwoBt-HsHW4m5PwBo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 16 Jul 2026 03:56:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 588 (0x24c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A1D4A, serialNumber=C9E8090060F8AE6370A01B7E1EC1D6E26E4FC01A
        Validity
            Not Before: Jul  7 03:29:34 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4c729e-1104
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:da:70:bf:73:b2:0a:90:a7:89:52:84:ee:ea:
                    21:29:5a:39:b2:f8:1a:05:b5:5d:5d:1a:de:35:8a:
                    0a:b4:a4:e2:3e:a6:26:d8:4c:09:4c:0e:fe:a6:6c:
                    4e:6c:0f:9c:d0:dd:92:91:76:65:8b:b7:f5:f5:de:
                    cf:cd:6d:82:e5:3f:0f:76:4a:84:39:3c:1a:74:bd:
                    a8:f4:a9:5b:c8:19:f5:f9:b3:36:60:cc:d1:00:a8:
                    80:71:30:fb:77:85:3f:99:1d:5a:16:2b:55:28:f8:
                    08:fd:26:5a:12:df:81:43:54:0f:a8:15:24:28:b0:
                    83:27:17:fd:95:4b:6f:01:cf:d7:6d:77:3f:cd:1c:
                    1f:1b:10:d3:79:ac:82:c7:36:97:61:87:f4:fa:4c:
                    ff:8a:50:06:59:c8:3c:5a:11:45:54:a5:eb:7b:d6:
                    56:20:94:8e:6e:a0:6c:28:62:85:d8:be:1d:72:a3:
                    e0:10:81:ae:08:fa:c5:93:98:df:a2:8c:ae:48:1c:
                    d4:ba:14:44:f3:3a:ae:93:c2:62:fc:a0:e5:0a:82:
                    b7:62:61:57:bb:d3:5c:f8:f4:0a:77:be:7a:c3:da:
                    a5:c0:4e:ff:a5:79:14:9a:84:0e:25:d7:03:3e:a5:
                    e4:1a:1e:58:f0:09:1f:52:b5:6a:f9:27:bb:50:17:
                    12:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:5D:38:C1:F1:2D:B7:EC:38:A5:A7:50:75:50:91:B5:AE:45:E1:3B
            X509v3 Authority Key Identifier:
                keyid:C9:E8:09:00:60:F8:AE:63:70:A0:1B:7E:1E:C1:D6:E2:6E:4F:C0:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A1D4A/819698FC05D511EE93F91C15C4F9AE02/yegJAGD4rmNwoBt-HsHW4m5PwBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yegJAGD4rmNwoBt-HsHW4m5PwBo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1D4A/819698FC05D511EE93F91C15C4F9AE02/5261CE84068511EE9F71F964C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.215.180.0/23
                IPv6:
                  2401:8e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:b8:d0:cc:22:7e:c4:e8:aa:b0:77:0e:5e:7f:2d:dd:ad:ef:
         06:2c:90:ee:a8:67:1e:29:89:ab:20:90:6d:79:44:a5:1a:1f:
         8b:0b:52:06:bf:88:6a:79:18:32:9b:d1:e6:7c:d3:84:0a:17:
         e9:30:31:62:da:2f:63:48:1a:b4:a6:5e:0f:7e:51:21:3f:60:
         bc:34:9e:d7:62:8c:88:d3:b4:a3:2e:35:dc:25:2c:e9:5f:4e:
         a8:a9:6d:4d:0a:08:ea:dd:6e:bb:48:3d:9a:8f:ca:51:e0:d5:
         a2:b4:09:2c:9d:3e:47:cc:cd:7e:e9:41:e5:38:c4:65:48:38:
         0f:36:24:72:5d:1d:63:e6:da:62:22:9c:55:82:20:21:ee:27:
         c4:d6:6d:f2:c5:ba:3f:8f:5f:46:76:cc:9f:18:78:ea:87:32:
         89:15:92:c4:d3:7e:1a:d2:31:76:84:1f:2d:15:b0:ce:92:1d:
         28:88:bb:e0:7b:6b:60:6e:e3:c9:5e:2d:49:6c:8c:83:a2:52:
         7c:09:96:c6:a0:46:51:79:88:ce:31:a4:27:18:72:8a:b4:57:
         c1:db:7a:54:33:77:2a:58:7c:13:a1:86:b1:2e:42:fb:38:25:
         91:ed:03:aa:4b:d5:5d:64:45:67:c2:13:12:2a:31:0f:6e:a1:
         f8:06:f6:71
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICAkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFENEExMTAvBgNVBAUTKEM5RTgwOTAwNjBGOEFFNjM3MEEwMUI3RTFFQzFENkUy
NkU0RkMwMUEwHhcNMjYwNzA3MDMyOTM0WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjNzI5ZS0xMTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq9pwv3OyCpCniVKE7uohKVo5svgaBbVdXRreNYoKtKTiPqYm2EwJTA7+pmxO
bA+c0N2SkXZli7f19d7PzW2C5T8PdkqEOTwadL2o9KlbyBn1+bM2YMzRAKiAcTD7
d4U/mR1aFitVKPgI/SZaEt+BQ1QPqBUkKLCDJxf9lUtvAc/XbXc/zRwfGxDTeayC
xzaXYYf0+kz/ilAGWcg8WhFFVKXre9ZWIJSObqBsKGKF2L4dcqPgEIGuCPrFk5jf
ooyuSBzUuhRE8zquk8Ji/KDlCoK3YmFXu9Nc+PQKd756w9qlwE7/pXkUmoQOJdcD
PqXkGh5Y8AkfUrVq+Se7UBcSzQIDAQABo4ICbzCCAmswHQYDVR0OBBYEFEVdOMHx
LbfsOKWnUHVQkbWuReE7MB8GA1UdIwQYMBaAFMnoCQBg+K5jcKAbfh7B1uJuT8Aa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUQ0QS84MTk2OThGQzA1
RDUxMUVFOTNGOTFDMTVDNEY5QUUwMi95ZWdKQUdENHJtTndvQnQtSHNIVzRtNVB3
Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3llZ0pBR0Q0cm1Od29CdC1Ic0hXNG01UHdCby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFENEEvODE5Njk4RkMwNUQ1MTFFRTkzRjkxQzE1QzRGOUFFMDIvNTI2MUNFODQw
Njg1MTFFRTlGNzFGOTY0QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZ9e0MA0EAgACMAcDBQAkAQjgMA0GCSqGSIb3DQEBCwUAA4IBAQCC
uNDMIn7E6Kqwdw5efy3dre8GLJDuqGceKYmrIJBteUSlGh+LC1IGv4hqeRgym9Hm
fNOEChfpMDFi2i9jSBq0pl4PflEhP2C8NJ7XYoyI07SjLjXcJSzpX06oqW1NCgjq
3W67SD2aj8pR4NWitAksnT5HzM1+6UHlOMRlSDgPNiRyXR1j5tpiIpxVgiAh7ifE
1m3yxbo/j19GdsyfGHjqhzKJFZLE034a0jF2hB8tFbDOkh0oiLvge2tgbuPJXi1J
bIyDolJ8CZbGoEZReYjOMaQnGHKKtFfB23pUM3cqWHwToYaxLkL7OCWR7QOqS9Vd
ZEVnwhMSKjEPbqH4BvZx
-----END CERTIFICATE-----
Generated at Thu Jul 9 13:36:17 2026 by rpki-client