Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/86019882E2A311EEA6A97425C4F9AE02.roa
File:                     86019882E2A311EEA6A97425C4F9AE02.roa (raw, json)
Hash identifier:          y9qbTIaN0mtCwBYdaif6WplMzxuiKnCy3GcOvYQdyJU=
Subject key identifier:   3D:8B:36:35:68:94:F0:4C:BE:EF:04:53:A5:E9:E8:F6:22:33:6E:C9
Certificate issuer:       /CN=A91B517C/serialNumber=9FAF8341675EF438964199362542572C8928540C
Certificate serial:       01C2
Authority key identifier: 9F:AF:83:41:67:5E:F4:38:96:41:99:36:25:42:57:2C:89:28:54:0C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6-DQWde9DiWQZk2JUJXLIkoVAw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/86019882E2A311EEA6A97425C4F9AE02.roa
Signing time:             Mon 15 Jun 2026 01:18:28 +0000
ROA not before:           Mon 15 Jun 2026 01:18:28 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     63981
IP address blocks:        45.117.96.0/22 maxlen: 22
                          45.117.96.0/24 maxlen: 24
                          45.117.97.0/24 maxlen: 24
                          45.117.98.0/24 maxlen: 24
                          45.117.99.0/24 maxlen: 24
                          45.251.64.0/23 maxlen: 24
                          45.251.66.0/24 maxlen: 24
                          103.29.140.0/22 maxlen: 24
                          103.117.76.0/22 maxlen: 24
                          103.214.192.0/22 maxlen: 24
                          103.220.8.0/22 maxlen: 24
                          203.166.220.0/22 maxlen: 24
                          2405:a480::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/n6-DQWde9DiWQZk2JUJXLIkoVAw.crl
                          rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/n6-DQWde9DiWQZk2JUJXLIkoVAw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6-DQWde9DiWQZk2JUJXLIkoVAw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 16 Jul 2026 05:34:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 450 (0x1c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B517C, serialNumber=9FAF8341675EF438964199362542572C8928540C
        Validity
            Not Before: Jun 15 01:18:28 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=6a2f52e4-c7f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:b1:d9:4b:85:3b:ab:c0:08:6c:ba:ab:57:7a:
                    9b:63:94:fe:65:13:b5:99:72:58:aa:4a:48:d6:b0:
                    14:48:04:11:67:b0:cd:64:43:01:3c:a7:79:29:3a:
                    b8:27:53:be:27:b7:b1:b2:ad:fc:d2:37:c5:dc:99:
                    25:1d:7b:a3:87:90:89:5f:73:53:bc:47:90:6f:1f:
                    f0:a7:f9:73:99:f8:6c:c4:aa:bd:cb:73:96:07:d9:
                    08:fa:69:77:dd:05:5e:87:08:9a:55:6f:f4:bd:9f:
                    e5:41:c4:37:14:98:d0:68:cd:29:34:a1:c2:e6:6c:
                    13:88:f6:56:b4:ec:c4:39:e1:f1:5b:b2:df:49:37:
                    02:70:ad:a4:52:3a:bd:9f:5b:12:ad:29:2a:d3:15:
                    d9:09:1c:c2:28:7b:6c:06:56:4d:e0:03:59:57:83:
                    4c:52:5a:80:db:e4:a3:03:39:07:89:60:48:fa:07:
                    22:80:68:de:4d:7d:62:12:bc:2e:c8:83:25:7b:65:
                    b4:81:a6:50:b9:41:b8:af:d2:21:80:68:c9:a7:d6:
                    b4:04:a6:7e:6b:e6:a3:ff:dc:de:0c:6e:d6:8b:3a:
                    6c:24:c5:ed:a0:95:4f:f2:46:bd:9e:04:92:57:eb:
                    6d:e7:80:d8:85:a2:c3:ba:11:49:2f:4c:b1:1c:70:
                    96:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:8B:36:35:68:94:F0:4C:BE:EF:04:53:A5:E9:E8:F6:22:33:6E:C9
            X509v3 Authority Key Identifier:
                keyid:9F:AF:83:41:67:5E:F4:38:96:41:99:36:25:42:57:2C:89:28:54:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/n6-DQWde9DiWQZk2JUJXLIkoVAw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6-DQWde9DiWQZk2JUJXLIkoVAw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B517C/CD3763E6DCED11EEBDE00E30C4F9AE02/86019882E2A311EEA6A97425C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.117.96.0/22
                  45.251.64.0-45.251.66.255
                  103.29.140.0/22
                  103.117.76.0/22
                  103.214.192.0/22
                  103.220.8.0/22
                  203.166.220.0/22
                IPv6:
                  2405:a480::/32

    Signature Algorithm: sha256WithRSAEncryption
         ce:76:a3:9e:ac:3e:41:77:cb:34:16:5e:f9:fa:43:a7:6a:4a:
         42:f4:25:a1:09:da:18:02:0f:87:77:d9:e4:90:d9:30:a5:90:
         95:b9:d2:46:bc:26:d6:89:e2:ab:1d:7e:aa:57:75:33:99:2d:
         0b:ff:a9:06:de:f8:19:a8:62:be:49:6d:19:16:e6:8f:e3:cb:
         75:c5:9e:dc:e0:73:23:56:0a:48:ec:37:d8:b5:4f:55:83:11:
         88:02:e3:3e:54:2b:e0:65:a8:7a:1c:98:6f:f2:47:68:55:0b:
         1d:c0:3a:b2:23:23:f5:7d:3f:40:6e:83:f1:cb:e8:52:e9:9e:
         b4:98:40:b7:2f:23:9f:17:d3:61:7c:1a:bc:ab:71:15:dd:23:
         c2:92:63:5f:84:bb:2e:8d:48:6d:9e:2e:2c:1c:3d:96:0f:8e:
         33:55:57:4a:6a:31:c4:cf:e9:3e:f0:4f:09:a9:fa:cd:93:18:
         85:78:f1:26:e9:4c:9d:48:a6:57:8c:dc:2b:02:8a:4a:48:3a:
         dd:cd:01:ef:c6:ad:2f:9a:4b:b4:ce:6f:fb:2d:c8:a9:8f:01:
         5f:77:ea:02:bc:70:5f:d5:8f:c4:6c:3c:2a:4a:69:00:b8:8c:
         d3:85:16:51:e1:45:4c:b2:54:44:73:68:6d:c6:ea:50:f1:df:
         08:b7:1c:a1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUxN0MxMTAvBgNVBAUTKDlGQUY4MzQxNjc1RUY0Mzg5NjQxOTkzNjI1NDI1NzJD
ODkyODU0MEMwHhcNMjYwNjE1MDExODI4WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTJmNTJlNC1jN2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8LHZS4U7q8AIbLqrV3qbY5T+ZRO1mXJYqkpI1rAUSAQRZ7DNZEMBPKd5KTq4
J1O+J7exsq380jfF3JklHXujh5CJX3NTvEeQbx/wp/lzmfhsxKq9y3OWB9kI+ml3
3QVehwiaVW/0vZ/lQcQ3FJjQaM0pNKHC5mwTiPZWtOzEOeHxW7LfSTcCcK2kUjq9
n1sSrSkq0xXZCRzCKHtsBlZN4ANZV4NMUlqA2+SjAzkHiWBI+gcigGjeTX1iErwu
yIMle2W0gaZQuUG4r9IhgGjJp9a0BKZ+a+aj/9zeDG7WizpsJMXtoJVP8ka9ngSS
V+tt54DYhaLDuhFJL0yxHHCWtQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFD2LNjVo
lPBMvu8EU6Xp6PYiM27JMB8GA1UdIwQYMBaAFJ+vg0FnXvQ4lkGZNiVCVyyJKFQM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTE3Qy9DRDM3NjNFNkRD
RUQxMUVFQkRFMDBFMzBDNEY5QUUwMi9uNi1EUVdkZTlEaVdRWmsySlVKWExJa29W
QXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL242LURRV2RlOURpV1FaazJKVUpYTElrb1ZBdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUxN0MvQ0QzNzYzRTZEQ0VEMTFFRUJERTAwRTMwQzRGOUFFMDIvODYwMTk4ODJF
MkEzMTFFRUE2QTk3NDI1QzRGOUFFMDIucm9hMFoGCCsGAQUFBwEHAQH/BEswSTA4
BAIAATAyAwQCLXVgMAwDBAYt+0ADBAAt+0IDBAJnHYwDBAJndUwDBAJn1sADBAJn
3AgDBALLptwwDQQCAAIwBwMFACQFpIAwDQYJKoZIhvcNAQELBQADggEBAM52o56s
PkF3yzQWXvn6Q6dqSkL0JaEJ2hgCD4d32eSQ2TClkJW50ka8JtaJ4qsdfqpXdTOZ
LQv/qQbe+BmoYr5JbRkW5o/jy3XFntzgcyNWCkjsN9i1T1WDEYgC4z5UK+BlqHoc
mG/yR2hVCx3AOrIjI/V9P0Bug/HL6FLpnrSYQLcvI58X02F8GryrcRXdI8KSY1+E
uy6NSG2eLiwcPZYPjjNVV0pqMcTP6T7wTwmp+s2TGIV48SbpTJ1IpleM3CsCikpI
Ot3NAe/GrS+aS7TOb/styKmPAV936gK8cF/Vj8RsPCpKaQC4jNOFFlHhRUyyVERz
aG3G6lDx3wi3HKE=
-----END CERTIFICATE-----
Generated at Sat Jul 11 02:17:15 2026 by rpki-client