Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
File:                     7BC4E6DE322C11EFBC879F31C4F9AE02.roa (raw, json)
Hash identifier:          JU3UtrjyxA+lbSK8y8Hx0Xh4GKnmQrBmWbpz3AagyYU=
Subject key identifier:   06:AE:64:B4:3D:79:3E:4E:79:DB:91:74:69:43:38:52:8E:A9:02:22
Certificate issuer:       /CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Certificate serial:       1760
Authority key identifier: FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
Signing time:             Mon 29 Jun 2026 11:25:00 +0000
ROA not before:           Mon 29 Jun 2026 11:25:00 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     24435
IP address blocks:        27.0.184.0/22 maxlen: 22
                          103.27.22.0/24 maxlen: 24
                          175.111.0.0/23 maxlen: 24
                          175.111.3.0/24 maxlen: 24
                          175.111.4.0/23 maxlen: 24
                          203.130.0.0/20 maxlen: 20
                          203.130.0.0/24 maxlen: 24
                          203.130.1.0/24 maxlen: 24
                          203.130.2.0/24 maxlen: 24
                          203.130.3.0/24 maxlen: 24
                          203.130.4.0/24 maxlen: 24
                          203.130.5.0/24 maxlen: 24
                          203.130.6.0/24 maxlen: 24
                          203.130.7.0/24 maxlen: 24
                          203.130.8.0/24 maxlen: 24
                          203.130.9.0/24 maxlen: 24
                          203.130.10.0/24 maxlen: 24
                          203.130.11.0/24 maxlen: 24
                          203.130.12.0/24 maxlen: 24
                          203.130.13.0/24 maxlen: 24
                          203.130.14.0/24 maxlen: 24
                          203.130.15.0/24 maxlen: 24
                          203.130.16.0/24 maxlen: 24
                          203.130.17.0/24 maxlen: 24
                          203.130.18.0/24 maxlen: 24
                          203.130.19.0/24 maxlen: 24
                          203.130.20.0/24 maxlen: 24
                          203.130.21.0/24 maxlen: 24
                          203.130.22.0/24 maxlen: 24
                          203.130.23.0/24 maxlen: 24
                          203.130.24.0/24 maxlen: 24
                          203.130.25.0/24 maxlen: 24
                          203.130.26.0/23 maxlen: 24
                          203.130.28.0/22 maxlen: 22
                          203.130.28.0/24 maxlen: 24
                          203.130.29.0/24 maxlen: 24
                          203.130.30.0/24 maxlen: 24
                          203.130.31.0/24 maxlen: 24
                          2001:fe8::/48 maxlen: 48
                          2001:fe8:1::/48 maxlen: 48
                          2001:fe8:2::/48 maxlen: 48
                          2001:fe8:3::/48 maxlen: 48
                          2001:fe8:9::/48 maxlen: 48
                          2001:fe8:10::/48 maxlen: 48
                          2001:fe8:11::/48 maxlen: 48
                          2001:fe8:48::/48 maxlen: 48
                          2001:fe8:4000::/48 maxlen: 48
                          2001:fe8:4001::/48 maxlen: 48
                          2001:fe8:4002::/48 maxlen: 48
                          2001:fe8:4003::/48 maxlen: 48
                          2001:fe8:4011::/48 maxlen: 48
                          2001:fe8:4100::/48 maxlen: 48
                          2001:fe8:4101::/48 maxlen: 48
                          2001:fe8:5000::/48 maxlen: 48
                          2001:fe8:5001::/48 maxlen: 48
                          2001:fe8:5002::/48 maxlen: 48
                          2001:fe8:5003::/48 maxlen: 48
                          2001:fe8:5004::/48 maxlen: 48
                          2001:fe8:5005::/48 maxlen: 48
                          2001:fe8:5006::/48 maxlen: 48
                          2001:fe8:5007::/48 maxlen: 48
                          2001:fe8:6000::/48 maxlen: 48
                          2001:fe8:6001::/48 maxlen: 48
                          2001:fe8:6002::/48 maxlen: 48
                          2001:fe8:6003::/48 maxlen: 48
                          2001:fe8:6004::/48 maxlen: 48
                          2001:fe8:6005::/48 maxlen: 48
                          2001:fe8:6006::/48 maxlen: 48
                          2001:fe8:6007::/48 maxlen: 48
                          2001:fe8:8100::/48 maxlen: 48
                          2001:fe8:8101::/48 maxlen: 48
                          2001:fe8:8110::/48 maxlen: 48
                          2001:fe8:8111::/48 maxlen: 48
                          2001:fe8:8121::/48 maxlen: 48
                          2001:fe8:8130::/48 maxlen: 48
                          2001:fe8:8131::/48 maxlen: 48
                          2001:fe8:9000::/48 maxlen: 48
                          2001:fe8:c001::/48 maxlen: 48
                          2001:fe8:c002::/48 maxlen: 48
                          2001:fe8:c100::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
                          rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 16:41:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5984 (0x1760)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B1185, serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
        Validity
            Not Before: Jun 29 11:25:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6a42560c-c0b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:73:4b:c6:c7:e8:3a:c2:d3:8c:50:b8:3e:97:
                    b8:28:dd:ce:e2:b9:d9:ef:12:c8:47:86:73:c5:e1:
                    b5:d5:75:af:de:c1:d6:18:36:45:33:eb:e2:76:f9:
                    70:d0:cf:80:c7:c1:22:95:36:58:40:da:28:43:ca:
                    ac:34:93:0b:90:f1:9c:9a:7d:e9:ef:36:c9:32:0d:
                    73:73:08:d8:4d:0d:01:c1:c2:dd:99:d2:13:18:33:
                    50:e9:d5:f0:27:32:77:62:24:ff:27:c5:d6:89:6e:
                    d2:72:ed:7c:06:0f:eb:b6:09:ae:b1:96:14:f6:c1:
                    31:59:ba:3c:17:a2:0c:78:14:c6:54:27:e5:88:85:
                    41:0f:1d:90:ae:60:b6:97:ac:a2:f2:6c:02:e0:68:
                    93:56:af:04:3c:f1:ec:8e:b5:fb:4b:ba:42:2e:12:
                    c4:14:0e:60:5a:e1:eb:43:ef:7d:90:57:85:e9:4b:
                    00:78:14:98:fd:fb:29:92:d8:78:93:ee:b3:2a:60:
                    b0:be:66:59:a5:9a:66:0d:26:55:28:64:8c:94:61:
                    cd:0e:84:25:80:8e:1a:6c:3c:d5:43:67:ef:54:0e:
                    1b:1c:14:1d:07:b6:8f:0e:93:a2:9e:b6:55:ac:fc:
                    dd:d1:42:bb:71:39:50:ae:23:10:3d:4b:b5:64:d2:
                    44:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:AE:64:B4:3D:79:3E:4E:79:DB:91:74:69:43:38:52:8E:A9:02:22
            X509v3 Authority Key Identifier:
                keyid:FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.184.0/22
                  103.27.22.0/24
                  175.111.0.0/23
                  175.111.3.0-175.111.5.255
                  203.130.0.0/19
                IPv6:
                  2001:fe8::/46
                  2001:fe8:9::/48
                  2001:fe8:10::/47
                  2001:fe8:48::/48
                  2001:fe8:4000::/46
                  2001:fe8:4011::/48
                  2001:fe8:4100::/47
                  2001:fe8:5000::/45
                  2001:fe8:6000::/45
                  2001:fe8:8100::/47
                  2001:fe8:8110::/47
                  2001:fe8:8121::/48
                  2001:fe8:8130::/47
                  2001:fe8:9000::/48
                  2001:fe8:c001::-2001:fe8:c002:ffff:ffff:ffff:ffff:ffff
                  2001:fe8:c100::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:2e:d2:30:3b:ef:3e:4a:45:e0:94:f6:3c:77:04:b0:3f:54:
         3e:ef:dc:df:2c:96:f3:e2:d6:1b:4f:06:1c:f8:54:94:13:09:
         78:68:87:08:0a:0f:f4:ff:fe:6c:48:53:a0:4a:90:d2:5f:14:
         e3:51:b8:fe:cf:59:f7:ec:fd:41:1c:c8:b6:5e:d2:2b:cc:12:
         b9:58:6d:42:97:38:73:ce:6d:31:c9:b5:d6:13:77:1d:2f:e2:
         76:ed:73:79:2e:df:cd:2f:ee:41:2f:96:0e:77:ba:ce:36:65:
         31:55:42:7b:96:a3:d4:1f:54:98:82:ad:6e:44:79:cc:bc:5d:
         0d:a4:e6:29:6a:69:cb:01:4d:f0:ef:b2:1a:6e:43:b9:4d:52:
         95:1f:7f:af:ad:9e:df:67:b5:7a:dc:69:04:fb:40:44:13:d6:
         58:cf:a3:8d:52:42:18:e9:6d:f5:25:6e:47:25:31:68:09:f0:
         ae:8d:ca:7e:88:0f:57:2a:f1:cb:4a:36:c7:cc:b7:19:30:90:
         fb:6e:19:b0:78:9c:bc:ae:90:a2:26:8b:2e:d6:fc:bb:cc:5a:
         ce:98:5d:2b:82:d5:07:9c:6a:7c:81:05:5c:f5:75:ac:cf:89:
         d3:ad:c5:14:5d:7a:11:53:67:b4:e0:34:fa:cc:8f:28:f3:6a:
         2a:18:78:a4
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICF2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjExODUxMTAvBgNVBAUTKEZFM0NEMzdDRUMwRTM4MjMwN0I0RjlENUZGRDU3RTk3
RjEyMUYwNTMwHhcNMjYwNjI5MTEyNTAwWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQyNTYwYy1jMGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqHNLxsfoOsLTjFC4Ppe4KN3O4rnZ7xLIR4ZzxeG11XWv3sHWGDZFM+vidvlw
0M+Ax8EilTZYQNooQ8qsNJMLkPGcmn3p7zbJMg1zcwjYTQ0BwcLdmdITGDNQ6dXw
JzJ3YiT/J8XWiW7Scu18Bg/rtgmusZYU9sExWbo8F6IMeBTGVCfliIVBDx2QrmC2
l6yi8mwC4GiTVq8EPPHsjrX7S7pCLhLEFA5gWuHrQ+99kFeF6UsAeBSY/fspkth4
k+6zKmCwvmZZpZpmDSZVKGSMlGHNDoQlgI4abDzVQ2fvVA4bHBQdB7aPDpOinrZV
rPzd0UK7cTlQriMQPUu1ZNJEtwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFAauZLQ9
eT5OeduRdGlDOFKOqQIiMB8GA1UdIwQYMBaAFP4803zsDjgjB7T51f/VfpfxIfBT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTE4NS8zRUE5REQzQTE2
MjMxMUU4OTJDNEE5NDBDNEY5QUUwMi9fanpUZk93T09DTUh0UG5WXzlWLWxfRWg4
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qelRmT3dPT0NNSHRQblZfOVYtbF9FaDhGTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjExODUvM0VBOUREM0ExNjIzMTFFODkyQzRBOTQwQzRGOUFFMDIvN0JDNEU2REUz
MjJDMTFFRkJDODc5RjMxQzRGOUFFMDIucm9hMIHmBggrBgEFBQcBBwEB/wSB1jCB
0zAsBAIAATAmAwQCGwC4AwQAZxsWAwQBr28AMAwDBACvbwMDBAGvbwQDBAXLggAw
gaIEAgACMIGbAwcCIAEP6AAAAwcAIAEP6AAJAwcBIAEP6AAQAwcAIAEP6ABIAwcC
IAEP6EAAAwcAIAEP6EARAwcBIAEP6EEAAwcDIAEP6FAAAwcDIAEP6GAAAwcBIAEP
6IEAAwcBIAEP6IEQAwcAIAEP6IEhAwcBIAEP6IEwAwcAIAEP6JAAMBIDBwAgAQ/o
wAEDBwAgAQ/owAIDBwAgAQ/owQAwDQYJKoZIhvcNAQELBQADggEBAAgu0jA77z5K
ReCU9jx3BLA/VD7v3N8slvPi1htPBhz4VJQTCXhohwgKD/T//mxIU6BKkNJfFONR
uP7PWffs/UEcyLZe0ivMErlYbUKXOHPObTHJtdYTdx0v4nbtc3ku380v7kEvlg53
us42ZTFVQnuWo9QfVJiCrW5Eecy8XQ2k5ilqacsBTfDvshpuQ7lNUpUff6+tnt9n
tXrcaQT7QEQT1ljPo41SQhjpbfUlbkclMWgJ8K6Nyn6ID1cq8ctKNsfMtxkwkPtu
GbB4nLyukKImiy7W/LvMWs6YXSuC1QecanyBBVz1dazPidOtxRRdehFTZ7TgNPrM
jyjzaioYeKQ=
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:50:59 2026 by rpki-client