Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8265/4CD5FE0E7DC411ECA9C4431DC4F9AE02/84F58DCA7DCB11EC99806E25C4F9AE02.roa
File:                     84F58DCA7DCB11EC99806E25C4F9AE02.roa (raw, json)
Hash identifier:          swlQZjAkWhXNW6074Sbt7r3gkxAfSn83J/kMG93FCcA=
Subject key identifier:   4B:7F:92:F7:7F:ED:16:A7:79:2A:9C:D0:6E:73:0B:A6:29:F9:40:4C
Certificate issuer:       /CN=A91B8265/serialNumber=8F11C47E2FEA199C2727C86B4990F3BFAE820162
Certificate serial:       04D2
Authority key identifier: 8F:11:C4:7E:2F:EA:19:9C:27:27:C8:6B:49:90:F3:BF:AE:82:01:62
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jxHEfi_qGZwnJ8hrSZDzv66CAWI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B8265/4CD5FE0E7DC411ECA9C4431DC4F9AE02/84F58DCA7DCB11EC99806E25C4F9AE02.roa
Signing time:             Fri 03 Jul 2026 00:25:17 +0000
ROA not before:           Fri 03 Jul 2026 00:25:17 +0000
ROA not after:            Sun 01 Nov 2026 00:00:00 +0000
asID:                     131284
IP address blocks:        103.133.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B8265/4CD5FE0E7DC411ECA9C4431DC4F9AE02/jxHEfi_qGZwnJ8hrSZDzv66CAWI.crl
                          rsync://rpki.apnic.net/member_repository/A91B8265/4CD5FE0E7DC411ECA9C4431DC4F9AE02/jxHEfi_qGZwnJ8hrSZDzv66CAWI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jxHEfi_qGZwnJ8hrSZDzv66CAWI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 00:25:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1234 (0x4d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B8265, serialNumber=8F11C47E2FEA199C2727C86B4990F3BFAE820162
        Validity
            Not Before: Jul  3 00:25:17 2026 GMT
            Not After : Nov  1 00:00:00 2026 GMT
        Subject: CN=6a47016d-bff2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:91:8f:6c:c6:66:ab:c5:a2:3d:8a:ac:95:e2:
                    14:4f:61:73:67:7b:22:d9:db:6a:30:82:73:e4:8a:
                    c7:bf:18:84:7c:ee:5c:55:a7:f5:5f:07:aa:41:a9:
                    1a:d6:13:28:ff:f8:31:da:31:d7:62:51:a9:58:73:
                    45:28:67:29:76:65:4f:15:bd:d2:90:c6:54:1d:33:
                    98:79:ea:db:ef:8a:53:e4:1b:11:e1:e5:87:d0:ae:
                    6e:3e:60:48:be:7e:99:14:6b:07:56:55:c9:3b:8d:
                    71:86:01:59:99:fb:4d:80:14:96:25:8a:15:02:3f:
                    8c:c5:16:8a:86:d1:66:d8:3c:fd:58:5d:8c:6b:bd:
                    71:72:2f:1a:08:3b:aa:36:ec:7d:e9:6a:36:98:b9:
                    fa:dd:b6:c3:a3:ab:d1:48:77:06:80:24:d9:d5:41:
                    e8:93:57:fc:07:2c:73:4b:d5:44:6d:0e:e5:67:b7:
                    59:3a:d7:16:39:7b:c0:bd:a7:d5:08:98:92:a6:90:
                    6f:07:4a:3d:f4:c8:c8:d6:0a:73:b8:6b:4e:7e:bb:
                    92:78:d5:e2:65:67:1e:d9:f1:de:95:8e:0b:f2:eb:
                    ce:ff:c3:be:9f:78:55:b7:1c:07:1e:87:2f:ca:0f:
                    51:94:f0:0e:8e:3b:59:bd:67:d6:2f:0d:d5:ba:04:
                    7d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:7F:92:F7:7F:ED:16:A7:79:2A:9C:D0:6E:73:0B:A6:29:F9:40:4C
            X509v3 Authority Key Identifier:
                keyid:8F:11:C4:7E:2F:EA:19:9C:27:27:C8:6B:49:90:F3:BF:AE:82:01:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B8265/4CD5FE0E7DC411ECA9C4431DC4F9AE02/jxHEfi_qGZwnJ8hrSZDzv66CAWI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jxHEfi_qGZwnJ8hrSZDzv66CAWI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8265/4CD5FE0E7DC411ECA9C4431DC4F9AE02/84F58DCA7DCB11EC99806E25C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.133.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:37:6c:52:1a:9f:90:59:7d:61:00:0a:ca:5d:6e:81:77:83:
         d1:85:b0:c7:c1:0b:44:09:7f:06:4c:59:b9:4a:ca:58:ef:42:
         1e:e7:65:aa:40:16:db:25:92:35:69:cf:1a:f8:6d:2c:23:51:
         e0:51:0f:06:98:d2:fa:2e:57:92:34:e4:92:01:53:41:ac:93:
         d4:d9:c8:a6:73:4e:60:ca:79:7a:97:a8:96:5e:1f:29:4c:9c:
         88:68:b3:f0:e0:e9:8a:ed:68:73:e4:5d:16:d7:5d:a0:ba:0e:
         24:a1:50:80:8d:a7:f9:7d:3d:16:b5:e4:cc:4a:7c:af:07:e2:
         81:56:5a:a0:48:9e:63:dd:11:4b:c1:da:16:c5:48:5f:5f:99:
         db:01:6f:12:9b:3b:b9:d7:39:51:98:d4:4f:00:3f:96:1a:ee:
         15:ff:2f:27:bc:67:fb:ca:07:62:ad:7f:7c:fe:aa:f5:b5:6f:
         9f:28:f3:b7:90:79:18:ff:21:94:ab:d9:69:45:a6:31:99:c3:
         aa:0e:c2:2b:01:61:32:b9:c7:33:ca:cc:03:e5:b6:e2:1d:8e:
         5d:68:e4:6e:25:4f:3c:c5:3e:58:93:45:e2:49:f9:de:0b:28:
         f9:c2:01:6b:44:7f:b4:28:0f:23:96:85:5d:cd:db:d3:95:4e:
         5e:1c:78:d9
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjgyNjUxMTAvBgNVBAUTKDhGMTFDNDdFMkZFQTE5OUMyNzI3Qzg2QjQ5OTBGM0JG
QUU4MjAxNjIwHhcNMjYwNzAzMDAyNTE3WhcNMjYxMTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3MDE2ZC1iZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoJGPbMZmq8WiPYqsleIUT2FzZ3si2dtqMIJz5IrHvxiEfO5cVaf1XweqQaka
1hMo//gx2jHXYlGpWHNFKGcpdmVPFb3SkMZUHTOYeerb74pT5BsR4eWH0K5uPmBI
vn6ZFGsHVlXJO41xhgFZmftNgBSWJYoVAj+MxRaKhtFm2Dz9WF2Ma71xci8aCDuq
Nux96Wo2mLn63bbDo6vRSHcGgCTZ1UHok1f8ByxzS9VEbQ7lZ7dZOtcWOXvAvafV
CJiSppBvB0o99MjI1gpzuGtOfruSeNXiZWce2fHelY4L8uvO/8O+n3hVtxwHHocv
yg9RlPAOjjtZvWfWLw3VugR9OQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFEt/kvd/
7RaneSqc0G5zC6Yp+UBMMB8GA1UdIwQYMBaAFI8RxH4v6hmcJyfIa0mQ87+uggFi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODI2NS80Q0Q1RkUwRTdE
QzQxMUVDQTlDNDQzMURDNEY5QUUwMi9qeEhFZmlfcUdad25KOGhyU1pEenY2NkNB
V0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2p4SEVmaV9xR1p3bko4aHJTWkR6djY2Q0FXSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjgyNjUvNENENUZFMEU3REM0MTFFQ0E5QzQ0MzFEQzRGOUFFMDIvODRGNThEQ0E3
RENCMTFFQzk5ODA2RTI1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ4VLMA0GCSqGSIb3DQEBCwUAA4IBAQBzN2xSGp+QWX1hAArKXW6B
d4PRhbDHwQtECX8GTFm5SspY70Ie52WqQBbbJZI1ac8a+G0sI1HgUQ8GmNL6LleS
NOSSAVNBrJPU2cimc05gynl6l6iWXh8pTJyIaLPw4OmK7Whz5F0W112gug4koVCA
jaf5fT0WteTMSnyvB+KBVlqgSJ5j3RFLwdoWxUhfX5nbAW8Smzu51zlRmNRPAD+W
Gu4V/y8nvGf7ygdirX98/qr1tW+fKPO3kHkY/yGUq9lpRaYxmcOqDsIrAWEyuccz
yswD5bbiHY5daORuJU88xT5Yk0XiSfneCyj5wgFrRH+0KA8jloVdzdvTlU5eHHjZ
-----END CERTIFICATE-----
Generated at Sat Jul 18 10:31:17 2026 by rpki-client