Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/5B6AD2DCF1C811ECBBC34549C4F9AE02.roa
File:                     5B6AD2DCF1C811ECBBC34549C4F9AE02.roa (raw, json)
Hash identifier:          FOfdiHMNOd30v0oc6GtprNkh43RjvZ+FfeSOC8C9Y9g=
Subject key identifier:   B2:43:74:79:92:B0:E1:1D:54:17:E8:F9:6C:7B:AC:83:24:E5:71:1B
Certificate issuer:       /CN=A91BF5C0/serialNumber=8579377261CA279F1C2FF2EBC44297437DD6E694
Certificate serial:       039B
Authority key identifier: 85:79:37:72:61:CA:27:9F:1C:2F:F2:EB:C4:42:97:43:7D:D6:E6:94
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/5B6AD2DCF1C811ECBBC34549C4F9AE02.roa
Signing time:             Sat 27 Jun 2026 01:32:00 +0000
ROA not before:           Sat 27 Jun 2026 01:32:00 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     16509
IP address blocks:        103.58.192.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.crl
                          rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 01:09:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 923 (0x39b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BF5C0, serialNumber=8579377261CA279F1C2FF2EBC44297437DD6E694
        Validity
            Not Before: Jun 27 01:32:00 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3f2810-3cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b3:2a:ca:04:66:f4:d1:24:e2:e7:3a:3a:b5:
                    f2:1c:2d:62:aa:c9:c8:0f:f6:eb:c3:e1:11:92:9e:
                    e9:de:ce:9c:c8:24:4e:9e:f2:13:d7:03:ea:ef:1e:
                    7a:ae:45:2a:12:05:4b:79:f0:27:06:94:5d:63:ea:
                    21:b9:d5:39:3f:cd:7d:18:3f:58:c2:14:09:bb:82:
                    38:02:db:9c:4b:48:06:45:8f:62:4a:54:d7:52:23:
                    c2:40:b6:44:33:b3:b0:2f:2b:e5:7a:ba:a1:b6:b2:
                    20:09:e3:4d:b8:0b:e4:b6:69:ce:a1:b2:e7:8c:18:
                    b3:da:1e:1b:bd:c9:9a:e3:8a:f7:c8:0f:dc:2a:ad:
                    fc:25:33:31:17:ac:03:9a:64:16:b7:38:97:05:67:
                    b1:86:95:a7:0a:6b:b8:1a:fa:da:50:92:f9:f3:6b:
                    f2:42:cb:b7:fb:ee:e6:f4:c6:03:37:7d:1e:c1:09:
                    fd:33:e2:4b:24:a0:c3:53:57:a7:29:51:5d:1b:e5:
                    83:dd:74:f6:b9:c6:6b:d4:c0:b6:3e:19:b7:db:f5:
                    22:0d:4d:50:6a:fc:ad:19:1e:0a:98:03:cf:a2:96:
                    11:c8:e2:d3:19:bc:09:31:dd:a7:51:7e:7c:04:23:
                    23:39:0e:58:fb:31:3f:9c:1b:e7:0a:4e:3c:b5:ac:
                    f1:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:43:74:79:92:B0:E1:1D:54:17:E8:F9:6C:7B:AC:83:24:E5:71:1B
            X509v3 Authority Key Identifier:
                keyid:85:79:37:72:61:CA:27:9F:1C:2F:F2:EB:C4:42:97:43:7D:D6:E6:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hXk3cmHKJ58cL_LrxEKXQ33W5pQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF5C0/BCBD4FB6F1C211ECA163FD42C4F9AE02/5B6AD2DCF1C811ECBBC34549C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.58.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:a9:ba:33:b3:15:41:71:c4:5d:f7:b7:a9:de:d5:ee:da:2b:
         59:69:0f:02:b5:42:dd:9c:e4:66:74:47:4c:8e:8f:3d:b5:c0:
         fe:3f:b3:b9:b4:ef:69:ee:6c:67:56:3a:67:53:aa:99:49:45:
         46:a8:70:bc:ab:1d:03:71:87:f0:c7:62:30:b8:e8:6c:4e:e8:
         2e:9b:10:d4:53:dd:39:be:a3:bd:34:be:8e:25:43:1e:d9:fe:
         67:f3:dc:93:03:fc:fa:ca:f9:30:69:24:03:a9:ce:8c:72:8a:
         c4:e2:2f:3b:94:2f:68:34:90:dc:0b:76:a3:fd:e6:af:31:09:
         94:d4:55:3c:c6:bf:06:8b:36:60:7b:17:c4:0b:3a:db:f9:e8:
         23:f3:f0:e4:49:83:bc:94:4b:c0:12:04:6c:ef:6f:37:ad:3f:
         1e:90:d5:6b:7d:1a:36:b5:76:c1:29:58:88:8e:7f:f5:02:c3:
         99:e8:6d:d7:b5:ad:7b:d4:a4:9a:35:d9:5c:1d:a0:a4:9a:f5:
         97:b2:05:41:d1:9f:80:ce:b1:22:d6:d4:96:4a:32:7e:b3:d8:
         ae:14:5a:f5:da:1a:8d:12:c7:95:9d:37:41:a4:20:61:27:6f:
         d7:fe:b0:e1:c1:15:72:41:1a:16:9b:cb:6a:67:4a:76:d2:0b:
         89:e4:c1:60
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICA5swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkY1QzAxMTAvBgNVBAUTKDg1NzkzNzcyNjFDQTI3OUYxQzJGRjJFQkM0NDI5NzQz
N0RENkU2OTQwHhcNMjYwNjI3MDEzMjAwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNmMjgxMC0zY2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1rMqygRm9NEk4uc6OrXyHC1iqsnID/brw+ERkp7p3s6cyCROnvIT1wPq7x56
rkUqEgVLefAnBpRdY+ohudU5P819GD9YwhQJu4I4AtucS0gGRY9iSlTXUiPCQLZE
M7OwLyvlerqhtrIgCeNNuAvktmnOobLnjBiz2h4bvcma44r3yA/cKq38JTMxF6wD
mmQWtziXBWexhpWnCmu4GvraUJL582vyQsu3++7m9MYDN30ewQn9M+JLJKDDU1en
KVFdG+WD3XT2ucZr1MC2Phm32/UiDU1QavytGR4KmAPPopYRyOLTGbwJMd2nUX58
BCMjOQ5Y+zE/nBvnCk48tazxXQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFLJDdHmS
sOEdVBfo+Wx7rIMk5XEbMB8GA1UdIwQYMBaAFIV5N3JhyiefHC/y68RCl0N91uaU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjVDMC9CQ0JENEZCNkYx
QzIxMUVDQTE2M0ZENDJDNEY5QUUwMi9oWGszY21IS0o1OGNMX0xyeEVLWFEzM1c1
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hYazNjbUhLSjU4Y0xfTHJ4RUtYUTMzVzVwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkY1QzAvQkNCRDRGQjZGMUMyMTFFQ0ExNjNGRDQyQzRGOUFFMDIvNUI2QUQyRENG
MUM4MTFFQ0JCQzM0NTQ5QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZzrAMA0GCSqGSIb3DQEBCwUAA4IBAQDEqbozsxVBccRd97ep3tXu
2itZaQ8CtULdnORmdEdMjo89tcD+P7O5tO9p7mxnVjpnU6qZSUVGqHC8qx0DcYfw
x2IwuOhsTugumxDUU905vqO9NL6OJUMe2f5n89yTA/z6yvkwaSQDqc6McorE4i87
lC9oNJDcC3aj/eavMQmU1FU8xr8GizZgexfECzrb+egj8/DkSYO8lEvAEgRs7283
rT8ekNVrfRo2tXbBKViIjn/1AsOZ6G3Xta171KSaNdlcHaCkmvWXsgVB0Z+AzrEi
1tSWSjJ+s9iuFFr12hqNEseVnTdBpCBhJ2/X/rDhwRVyQRoWm8tqZ0p20guJ5MFg
-----END CERTIFICATE-----
Generated at Mon Jul 6 20:08:57 2026 by rpki-client