Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0FCC/F5C42408A41F11EABDC2F531C4F9AE02/A778AAF6A42111EAB3108934C4F9AE02.roa
File:                     A778AAF6A42111EAB3108934C4F9AE02.roa (raw, json)
Hash identifier:          RChnlqhk/AdCL7WNTqOscOAo8EiLEWYXjeVnfDLTqaE=
Subject key identifier:   E7:03:FF:CA:FD:3A:A8:F3:06:66:C5:DB:14:54:62:C6:88:DC:F5:9C
Certificate issuer:       /CN=A91C0FCC/serialNumber=F92ADB30DB6C0F9CE980B5DB977145F8C19C824B
Certificate serial:       09D9
Authority key identifier: F9:2A:DB:30:DB:6C:0F:9C:E9:80:B5:DB:97:71:45:F8:C1:9C:82:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-SrbMNtsD5zpgLXbl3FF-MGcgks.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C0FCC/F5C42408A41F11EABDC2F531C4F9AE02/A778AAF6A42111EAB3108934C4F9AE02.roa
Signing time:             Mon 18 May 2026 20:24:23 +0000
ROA not before:           Mon 18 May 2026 20:24:23 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     140631
IP address blocks:        103.150.74.0/23 maxlen: 23
                          103.150.74.0/24 maxlen: 24
                          103.150.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C0FCC/F5C42408A41F11EABDC2F531C4F9AE02/-SrbMNtsD5zpgLXbl3FF-MGcgks.crl
                          rsync://rpki.apnic.net/member_repository/A91C0FCC/F5C42408A41F11EABDC2F531C4F9AE02/-SrbMNtsD5zpgLXbl3FF-MGcgks.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-SrbMNtsD5zpgLXbl3FF-MGcgks.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 19:57:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2521 (0x9d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C0FCC, serialNumber=F92ADB30DB6C0F9CE980B5DB977145F8C19C824B
        Validity
            Not Before: May 18 20:24:23 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=6a0b7577-cd9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:03:26:68:5c:f6:84:15:8b:05:fc:21:52:35:
                    bb:4d:ac:f4:c4:69:2e:0c:3b:5c:e0:c5:0b:5f:c6:
                    38:99:38:1a:28:03:10:ad:44:d8:73:2c:29:02:47:
                    12:34:e9:1e:c0:3a:8a:b5:42:80:41:51:ee:7c:ce:
                    79:5c:1a:ee:77:fe:82:a5:c2:52:40:95:7c:11:e4:
                    49:f0:8c:ee:6d:a5:f9:ad:d2:02:cc:d5:93:ad:8b:
                    23:9a:2b:d9:83:c0:27:fa:a6:dd:bc:5c:f4:37:a3:
                    51:89:e7:6f:e1:a1:d3:8d:8d:c4:12:bf:35:81:3f:
                    45:95:e2:13:15:f6:3e:be:af:b0:23:e1:84:47:a8:
                    0d:92:ad:c2:08:ac:f0:26:da:c3:0e:52:b6:95:45:
                    00:05:d6:12:b0:40:bc:38:4a:15:6b:07:d4:9d:92:
                    fb:e0:bc:e4:e1:ee:44:a6:0c:03:79:8e:c2:98:23:
                    96:a5:80:7a:82:a8:93:e4:db:5e:a3:73:3c:10:21:
                    cb:25:52:95:06:c4:9d:6d:1a:5e:28:c5:bd:c3:a0:
                    46:32:6b:5c:7f:69:7c:70:7a:bb:38:08:53:38:a1:
                    2d:33:22:af:7d:d3:1a:d5:f2:13:55:23:92:c0:05:
                    23:5c:11:0a:fe:c0:d3:ce:b1:8f:ad:88:5e:81:cb:
                    14:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:03:FF:CA:FD:3A:A8:F3:06:66:C5:DB:14:54:62:C6:88:DC:F5:9C
            X509v3 Authority Key Identifier:
                keyid:F9:2A:DB:30:DB:6C:0F:9C:E9:80:B5:DB:97:71:45:F8:C1:9C:82:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C0FCC/F5C42408A41F11EABDC2F531C4F9AE02/-SrbMNtsD5zpgLXbl3FF-MGcgks.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-SrbMNtsD5zpgLXbl3FF-MGcgks.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0FCC/F5C42408A41F11EABDC2F531C4F9AE02/A778AAF6A42111EAB3108934C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.74.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:d0:2a:0e:94:a1:4d:cb:7f:67:10:f2:7c:f0:59:5b:32:d1:
         c9:86:89:7c:e9:ad:73:a8:5c:d1:71:83:31:c8:25:f2:ad:f2:
         ed:0f:5b:36:f4:b3:a8:f8:e4:6b:82:37:3c:35:80:f0:c1:b1:
         99:d7:ea:a8:52:c2:ce:ed:fe:5a:2e:d8:02:74:2d:81:d3:75:
         5b:c5:3a:f7:5d:61:ce:49:f0:0d:9b:dc:f2:35:d4:22:37:58:
         ef:59:1e:66:dd:70:79:0a:fb:fd:97:4e:a0:c8:0d:5f:e2:dd:
         84:5b:5a:37:e5:fd:94:44:74:5e:a5:f6:4e:9d:ca:3f:c5:29:
         7e:64:5c:9e:df:f9:29:eb:bb:a6:c7:44:d7:65:34:fe:23:01:
         47:e1:05:a5:ff:ab:c2:13:5c:b9:0c:96:60:0e:17:cf:75:48:
         e8:dd:e4:73:6f:8a:e3:f7:38:44:7a:da:aa:72:00:72:87:22:
         1a:05:d6:81:82:26:8b:a8:61:af:8c:8a:58:5b:0c:5d:95:37:
         3a:15:ac:aa:22:0d:05:36:58:0b:08:02:5b:e1:37:58:ca:8c:
         bc:f8:b2:15:59:ad:a3:5e:7f:22:1e:88:b8:d5:b5:8a:98:a6:
         52:bf:d7:1b:4d:8c:e7:90:62:d8:44:cb:38:cd:43:f3:bd:46:
         39:57:85:c9
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICCdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzBGQ0MxMTAvBgNVBAUTKEY5MkFEQjMwREI2QzBGOUNFOTgwQjVEQjk3NzE0NUY4
QzE5QzgyNEIwHhcNMjYwNTE4MjAyNDIzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTBiNzU3Ny1jZDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0wMmaFz2hBWLBfwhUjW7Taz0xGkuDDtc4MULX8Y4mTgaKAMQrUTYcywpAkcS
NOkewDqKtUKAQVHufM55XBrud/6CpcJSQJV8EeRJ8IzubaX5rdICzNWTrYsjmivZ
g8An+qbdvFz0N6NRiedv4aHTjY3EEr81gT9FleITFfY+vq+wI+GER6gNkq3CCKzw
JtrDDlK2lUUABdYSsEC8OEoVawfUnZL74Lzk4e5EpgwDeY7CmCOWpYB6gqiT5Nte
o3M8ECHLJVKVBsSdbRpeKMW9w6BGMmtcf2l8cHq7OAhTOKEtMyKvfdMa1fITVSOS
wAUjXBEK/sDTzrGPrYhegcsUnQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFOcD/8r9
OqjzBmbF2xRUYsaI3PWcMB8GA1UdIwQYMBaAFPkq2zDbbA+c6YC125dxRfjBnIJL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEZDQy9GNUM0MjQwOEE0
MUYxMUVBQkRDMkY1MzFDNEY5QUUwMi8tU3JiTU50c0Q1enBnTFhibDNGRi1NR2Nn
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1TcmJNTnRzRDV6cGdMWGJsM0ZGLU1HY2drcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzBGQ0MvRjVDNDI0MDhBNDFGMTFFQUJEQzJGNTMxQzRGOUFFMDIvQTc3OEFBRjZB
NDIxMTFFQUIzMTA4OTM0QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ5ZKMA0GCSqGSIb3DQEBCwUAA4IBAQAk0CoOlKFNy39nEPJ88Flb
MtHJhol86a1zqFzRcYMxyCXyrfLtD1s29LOo+ORrgjc8NYDwwbGZ1+qoUsLO7f5a
LtgCdC2B03VbxTr3XWHOSfANm9zyNdQiN1jvWR5m3XB5Cvv9l06gyA1f4t2EW1o3
5f2URHRepfZOnco/xSl+ZFye3/kp67umx0TXZTT+IwFH4QWl/6vCE1y5DJZgDhfP
dUjo3eRzb4rj9zhEetqqcgByhyIaBdaBgiaLqGGvjIpYWwxdlTc6FayqIg0FNlgL
CAJb4TdYyoy8+LIVWa2jXn8iHoi41bWKmKZSv9cbTYznkGLYRMs4zUPzvUY5V4XJ
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:23:21 2026 by rpki-client