Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/2015E6B2C66F11EAA0B1B019C4F9AE02.roa
File:                     2015E6B2C66F11EAA0B1B019C4F9AE02.roa (raw, json)
Hash identifier:          4vXFKPVVXkj8btXF3ALuEsr8wVtdsq7EzeUvWpb1QHk=
Subject key identifier:   69:12:0E:80:01:7A:5A:ED:9E:64:72:CB:42:2E:3E:47:A2:8F:B7:A8
Certificate issuer:       /CN=A91B653B/serialNumber=BCAE5732EF219732B49AC8284DB1814E92C86B11
Certificate serial:       095B
Authority key identifier: BC:AE:57:32:EF:21:97:32:B4:9A:C8:28:4D:B1:81:4E:92:C8:6B:11
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vK5XMu8hlzK0msgoTbGBTpLIaxE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/2015E6B2C66F11EAA0B1B019C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 21:25:00 +0000
ROA not before:           Tue 30 Jun 2026 21:25:00 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     16509
IP address blocks:        103.150.161.0/24 maxlen: 24
                          103.161.77.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/vK5XMu8hlzK0msgoTbGBTpLIaxE.crl
                          rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/vK5XMu8hlzK0msgoTbGBTpLIaxE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vK5XMu8hlzK0msgoTbGBTpLIaxE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 20:18:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2395 (0x95b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B653B, serialNumber=BCAE5732EF219732B49AC8284DB1814E92C86B11
        Validity
            Not Before: Jun 30 21:25:00 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a44342c-34e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:72:23:5d:0c:d9:68:2a:46:30:c4:bb:2e:bb:
                    91:a3:d7:26:93:a6:3a:01:00:cb:3d:5b:c3:26:ef:
                    d2:4b:a9:c8:1a:ee:94:ed:71:ff:ea:86:20:c3:f5:
                    36:f8:0c:cd:2a:d2:db:24:b7:16:7f:35:1d:5a:a1:
                    d9:7a:61:0a:92:bb:7c:19:a0:fe:c7:38:b3:d1:03:
                    18:f0:2e:75:da:de:b9:db:25:f6:8f:db:6c:6f:7c:
                    2b:77:34:e7:a1:98:ed:d4:ab:7d:91:55:0c:83:08:
                    0c:c6:39:ec:7e:69:97:7d:b0:7e:39:56:ab:5a:5d:
                    46:7c:69:f6:5a:f2:75:cc:15:39:ee:23:0b:63:3e:
                    d8:5b:f1:2a:5c:15:2d:02:58:e2:9b:6d:f3:4f:c5:
                    85:67:53:25:1f:ed:3c:e2:73:1b:11:7c:c5:9d:c5:
                    6a:6a:5b:6b:4e:a6:31:2c:f6:d4:13:fa:59:2b:4d:
                    f2:fe:89:50:f9:41:c4:98:3d:3a:a0:91:48:98:57:
                    a1:4f:50:f9:36:cd:d3:9b:cf:5f:42:fd:2b:4e:a1:
                    af:2b:3f:37:16:48:ac:0c:0b:51:79:ef:08:e7:39:
                    e9:5f:0e:a3:fc:ab:8d:c3:e4:6c:7a:f0:47:9c:12:
                    85:b1:d9:34:27:87:b9:65:95:6d:45:21:60:f8:d7:
                    9b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:12:0E:80:01:7A:5A:ED:9E:64:72:CB:42:2E:3E:47:A2:8F:B7:A8
            X509v3 Authority Key Identifier:
                keyid:BC:AE:57:32:EF:21:97:32:B4:9A:C8:28:4D:B1:81:4E:92:C8:6B:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/vK5XMu8hlzK0msgoTbGBTpLIaxE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vK5XMu8hlzK0msgoTbGBTpLIaxE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B653B/29383CDEC20C11EAB812A01AC4F9AE02/2015E6B2C66F11EAA0B1B019C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.161.0/24
                  103.161.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:99:10:90:4b:29:ae:cf:f5:c9:4f:80:59:93:0c:0a:15:2b:
         08:02:d9:a3:21:3b:8f:0e:97:10:1d:b0:b6:64:13:d9:08:74:
         6f:5d:4d:b7:42:46:a2:ae:15:00:2a:ac:8e:28:f9:d7:82:e0:
         3a:fa:37:7c:7e:44:ab:71:03:c6:56:5e:7a:bf:1a:4a:f2:6f:
         d9:99:e5:dc:49:5a:63:b0:a0:e7:8c:7d:21:12:60:f2:3d:9e:
         80:9c:ce:58:92:63:81:d1:be:65:1b:fb:fe:78:c4:5b:97:b1:
         01:68:0c:d7:59:05:ee:42:0d:a3:62:09:46:16:cf:5a:d5:c4:
         20:46:d6:68:66:99:2a:b7:7e:ba:71:70:5e:c6:0a:b2:64:38:
         5d:63:5d:ef:cd:74:01:60:98:19:01:d4:18:6d:3b:8a:a7:e0:
         9b:e9:68:d9:b9:2b:fa:32:d5:27:77:65:15:e9:3b:97:ac:38:
         fe:14:bd:d1:39:89:a2:17:30:64:9b:77:ab:07:bf:0a:6b:bc:
         a3:f5:23:5f:20:20:0e:d9:67:43:68:44:f9:49:a9:b5:4e:59:
         b0:67:2d:79:f6:54:bc:a8:9b:23:ce:c3:26:8b:74:23:03:a0:
         73:5f:b9:78:4f:7d:ac:c0:77:26:f5:3a:be:9f:33:d2:b9:55:
         31:90:fd:c3
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICCVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1M0IxMTAvBgNVBAUTKEJDQUU1NzMyRUYyMTk3MzJCNDlBQzgyODREQjE4MTRF
OTJDODZCMTEwHhcNMjYwNjMwMjEyNTAwWhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0MzQyYy0zNGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8nIjXQzZaCpGMMS7LruRo9cmk6Y6AQDLPVvDJu/SS6nIGu6U7XH/6oYgw/U2
+AzNKtLbJLcWfzUdWqHZemEKkrt8GaD+xziz0QMY8C512t652yX2j9tsb3wrdzTn
oZjt1Kt9kVUMgwgMxjnsfmmXfbB+OVarWl1GfGn2WvJ1zBU57iMLYz7YW/EqXBUt
Aljim23zT8WFZ1MlH+084nMbEXzFncVqaltrTqYxLPbUE/pZK03y/olQ+UHEmD06
oJFImFehT1D5Ns3Tm89fQv0rTqGvKz83FkisDAtRee8I5znpXw6j/KuNw+RsevBH
nBKFsdk0J4e5ZZVtRSFg+NebVQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFGkSDoAB
elrtnmRyy0IuPkeij7eoMB8GA1UdIwQYMBaAFLyuVzLvIZcytJrIKE2xgU6SyGsR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjUzQi8yOTM4M0NERUMy
MEMxMUVBQjgxMkEwMUFDNEY5QUUwMi92SzVYTXU4aGx6SzBtc2dvVGJHQlRwTElh
eEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZLNVhNdThobHpLMG1zZ29UYkdCVHBMSWF4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1M0IvMjkzODNDREVDMjBDMTFFQUI4MTJBMDFBQzRGOUFFMDIvMjAxNUU2QjJD
NjZGMTFFQUEwQjFCMDE5QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAZ5ahAwQAZ6FNMA0GCSqGSIb3DQEBCwUAA4IBAQB7mRCQSymuz/XJ
T4BZkwwKFSsIAtmjITuPDpcQHbC2ZBPZCHRvXU23QkairhUAKqyOKPnXguA6+jd8
fkSrcQPGVl56vxpK8m/ZmeXcSVpjsKDnjH0hEmDyPZ6AnM5YkmOB0b5lG/v+eMRb
l7EBaAzXWQXuQg2jYglGFs9a1cQgRtZoZpkqt366cXBexgqyZDhdY13vzXQBYJgZ
AdQYbTuKp+Cb6WjZuSv6MtUnd2UV6TuXrDj+FL3ROYmiFzBkm3erB78Ka7yj9SNf
ICAO2WdDaET5Sam1TlmwZy159lS8qJsjzsMmi3QjA6BzX7l4T32swHcm9Tq+nzPS
uVUxkP3D
-----END CERTIFICATE-----
Generated at Mon Jul 6 20:09:12 2026 by rpki-client