Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/5B01916AD15911EE8B8BB151C4F9AE02.roa
File:                     5B01916AD15911EE8B8BB151C4F9AE02.roa (raw, json)
Hash identifier:          RnS0uz9BUOtWm3F3mS8GZ7GfATfkcQHGMPASQ820wCU=
Subject key identifier:   97:81:4E:45:70:49:FB:A7:CF:5A:13:B1:44:CB:3C:C9:8E:C3:7F:FB
Certificate issuer:       /CN=A91BB87C/serialNumber=EAA96DCA7430DFA471CA29B843836C1C80E5439E
Certificate serial:       0D6A
Authority key identifier: EA:A9:6D:CA:74:30:DF:A4:71:CA:29:B8:43:83:6C:1C:80:E5:43:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qltynQw36Rxyim4Q4NsHIDlQ54.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/5B01916AD15911EE8B8BB151C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 19:21:44 +0000
ROA not before:           Tue 30 Jun 2026 19:21:44 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     134204
IP address blocks:        103.58.72.0/22 maxlen: 24
                          203.76.220.0/22 maxlen: 24
                          2400:4d40::/32 maxlen: 32
                          2400:4d40::/36 maxlen: 36
                          2400:4d40:1000::/36 maxlen: 36
                          2400:4d40:2000::/36 maxlen: 36
                          2400:4d40:3000::/36 maxlen: 36
                          2400:4d40:4000::/36 maxlen: 36
                          2400:4d40:5000::/36 maxlen: 36
                          2400:4d40:6000::/36 maxlen: 36
                          2400:4d40:7000::/36 maxlen: 36
                          2400:4d40:8000::/36 maxlen: 36
                          2400:4d40:9000::/36 maxlen: 36
                          2400:4d40:a000::/36 maxlen: 36
                          2400:4d40:b000::/36 maxlen: 36
                          2400:4d40:c000::/36 maxlen: 36
                          2400:4d40:d000::/36 maxlen: 36
                          2400:4d40:e000::/36 maxlen: 36
                          2400:4d40:f000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/6qltynQw36Rxyim4Q4NsHIDlQ54.crl
                          rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/6qltynQw36Rxyim4Q4NsHIDlQ54.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qltynQw36Rxyim4Q4NsHIDlQ54.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 18:09:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3434 (0xd6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BB87C, serialNumber=EAA96DCA7430DFA471CA29B843836C1C80E5439E
        Validity
            Not Before: Jun 30 19:21:44 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a441748-72f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7b:4c:1a:c6:1d:4b:39:05:b8:23:48:21:c2:
                    bc:a2:d4:af:d9:b4:64:72:62:67:51:d8:08:77:0c:
                    73:b8:1f:37:15:3d:ee:fb:ad:ea:a0:92:0f:b2:36:
                    99:ed:67:0c:83:02:3a:fc:2f:99:92:a4:2a:d2:d6:
                    d8:2f:10:39:fc:eb:e2:c4:06:4b:04:8d:c2:95:96:
                    29:60:94:81:be:7f:33:82:7f:36:1d:33:8c:8e:3a:
                    70:d4:6d:c2:da:84:4e:5f:31:17:07:f8:86:fa:e6:
                    a9:d1:bb:d1:b8:e9:84:d0:7b:ea:1d:97:54:32:58:
                    c4:43:c7:58:67:68:a1:bb:50:01:37:2e:aa:a8:0d:
                    37:bc:c9:b1:fe:61:f6:ea:ff:5f:a9:8c:0c:c0:d1:
                    8d:05:f1:4d:8e:22:0f:f3:8e:9a:f6:35:59:7b:35:
                    3f:13:25:ad:01:52:0d:09:49:72:3d:cd:0a:f4:d0:
                    58:98:f7:23:6b:e5:aa:ad:98:25:ea:97:b7:19:56:
                    f3:81:5f:63:00:55:d6:96:56:28:c4:5e:f7:27:20:
                    ba:15:74:a6:6a:cf:8b:68:eb:2d:40:05:6b:23:bf:
                    5f:80:b8:08:f9:32:8a:d2:ff:7e:26:ec:30:70:74:
                    f7:e8:08:72:67:34:12:3a:b9:37:6e:09:28:37:56:
                    f9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:81:4E:45:70:49:FB:A7:CF:5A:13:B1:44:CB:3C:C9:8E:C3:7F:FB
            X509v3 Authority Key Identifier:
                keyid:EA:A9:6D:CA:74:30:DF:A4:71:CA:29:B8:43:83:6C:1C:80:E5:43:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/6qltynQw36Rxyim4Q4NsHIDlQ54.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qltynQw36Rxyim4Q4NsHIDlQ54.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB87C/63D90312FC0211E9A419F340C4F9AE02/5B01916AD15911EE8B8BB151C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.58.72.0/22
                  203.76.220.0/22
                IPv6:
                  2400:4d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:cd:b9:b0:eb:6d:2b:48:3a:ef:fb:76:af:08:09:0d:54:1d:
         bf:21:09:76:c6:7b:fe:6c:53:e1:20:84:16:16:6e:35:19:05:
         ed:6b:09:69:5b:ba:e9:cb:c1:c5:40:c9:86:46:69:80:bd:17:
         63:f1:11:ec:e2:e4:93:ec:35:40:6d:7f:11:04:36:0f:4a:01:
         15:62:24:ad:10:29:d9:94:4e:fc:d7:ac:d3:18:32:38:41:25:
         4e:28:46:de:9c:a4:13:a5:d1:2c:f2:e4:46:92:c2:c4:b0:8b:
         bd:d5:7b:39:d3:d0:53:17:42:59:8b:67:86:e3:62:bd:24:ae:
         25:54:ff:1d:66:dd:d4:03:89:dc:f0:d3:53:df:9f:b7:ff:18:
         af:8b:47:c9:cb:fe:9e:5f:33:97:8d:da:ca:15:46:6d:03:74:
         de:78:9a:c4:28:14:71:22:8f:8e:66:4c:aa:b4:cc:47:e8:b2:
         02:5d:c6:d3:85:84:3f:93:f1:eb:8d:14:cf:90:68:df:65:5c:
         d6:b6:5c:a0:78:66:8c:f2:90:24:e1:9c:ec:d4:07:a8:9e:ac:
         74:8f:ae:0b:ce:fd:cd:e9:31:67:91:c0:9c:82:82:c9:7a:12:
         0c:ec:ae:95:de:ad:e0:d8:a7:a9:c0:77:21:5e:d3:c1:f9:a6:
         74:77:9e:ed
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI4N0MxMTAvBgNVBAUTKEVBQTk2RENBNzQzMERGQTQ3MUNBMjlCODQzODM2QzFD
ODBFNTQzOUUwHhcNMjYwNjMwMTkyMTQ0WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0MTc0OC03MmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwHtMGsYdSzkFuCNIIcK8otSv2bRkcmJnUdgIdwxzuB83FT3u+63qoJIPsjaZ
7WcMgwI6/C+ZkqQq0tbYLxA5/OvixAZLBI3ClZYpYJSBvn8zgn82HTOMjjpw1G3C
2oROXzEXB/iG+uap0bvRuOmE0HvqHZdUMljEQ8dYZ2ihu1ABNy6qqA03vMmx/mH2
6v9fqYwMwNGNBfFNjiIP846a9jVZezU/EyWtAVINCUlyPc0K9NBYmPcja+WqrZgl
6pe3GVbzgV9jAFXWllYoxF73JyC6FXSmas+LaOstQAVrI79fgLgI+TKK0v9+Juww
cHT36AhyZzQSOrk3bgkoN1b5IwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFJeBTkVw
Sfunz1oTsUTLPMmOw3/7MB8GA1UdIwQYMBaAFOqpbcp0MN+kccopuEODbByA5UOe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjg3Qy82M0Q5MDMxMkZD
MDIxMUU5QTQxOUYzNDBDNEY5QUUwMi82cWx0eW5RdzM2Unh5aW00UTROc0hJRGxR
NTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZxbHR5blF3MzZSeHlpbTRRNE5zSElEbFE1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI4N0MvNjNEOTAzMTJGQzAyMTFFOUE0MTlGMzQwQzRGOUFFMDIvNUIwMTkxNkFE
MTU5MTFFRThCOEJCMTUxQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZzpIAwQCy0zcMA0EAgACMAcDBQAkAE1AMA0GCSqGSIb3DQEBCwUA
A4IBAQBAzbmw620rSDrv+3avCAkNVB2/IQl2xnv+bFPhIIQWFm41GQXtawlpW7rp
y8HFQMmGRmmAvRdj8RHs4uST7DVAbX8RBDYPSgEVYiStECnZlE7816zTGDI4QSVO
KEbenKQTpdEs8uRGksLEsIu91Xs509BTF0JZi2eG42K9JK4lVP8dZt3UA4nc8NNT
35+3/xivi0fJy/6eXzOXjdrKFUZtA3TeeJrEKBRxIo+OZkyqtMxH6LICXcbThYQ/
k/HrjRTPkGjfZVzWtlygeGaM8pAk4Zzs1Aeonqx0j64Lzv3N6TFnkcCcgoLJehIM
7K6V3q3g2KepwHchXtPB+aZ0d57t
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:13:03 2026 by rpki-client