Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B7F93F86E33F11EB9832A354C4F9AE02.roa
File:                     B7F93F86E33F11EB9832A354C4F9AE02.roa (raw, json)
Hash identifier:          G/8aDz8DPjEZXvFfNhYpw/I4WqLjzpEnMpTEGGgfejQ=
Subject key identifier:   E5:F5:2B:E8:5D:B7:9C:C2:4B:D3:0D:B6:58:34:C6:D0:A4:24:8A:7E
Certificate issuer:       /CN=A91C56FB/serialNumber=93C058A0DF1773012459164B5A80D85372C7E292
Certificate serial:       153B
Authority key identifier: 93:C0:58:A0:DF:17:73:01:24:59:16:4B:5A:80:D8:53:72:C7:E2:92
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B7F93F86E33F11EB9832A354C4F9AE02.roa
Signing time:             Sat 04 Jul 2026 17:17:05 +0000
ROA not before:           Sat 04 Jul 2026 17:17:05 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     54574
IP address blocks:        103.117.100.0/22 maxlen: 22
                          103.117.100.0/22 maxlen: 24
                          103.117.100.0/24 maxlen: 24
                          103.117.101.0/24 maxlen: 24
                          103.117.102.0/24 maxlen: 24
                          103.117.103.0/24 maxlen: 24
                          103.135.248.0/22 maxlen: 24
                          2403:18c0::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.crl
                          rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 17:06:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5435 (0x153b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C56FB, serialNumber=93C058A0DF1773012459164B5A80D85372C7E292
        Validity
            Not Before: Jul  4 17:17:05 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a494011-66f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e1:f4:54:59:6c:fa:15:33:7b:83:d2:49:80:
                    06:29:cc:9a:0e:6d:d9:5d:2a:12:fa:3a:01:61:e2:
                    60:6a:42:ba:25:bb:7f:41:96:74:75:41:5c:fa:5f:
                    f8:b9:f6:5f:f9:fe:f9:70:6b:70:80:1a:95:4c:44:
                    08:8f:d3:2f:9f:6f:6b:83:dc:5d:aa:75:7d:56:ee:
                    e9:83:ef:c5:bb:fb:75:f9:6a:fe:54:ae:3c:ff:63:
                    79:6a:0f:56:35:c4:2a:26:76:92:55:62:25:c6:50:
                    29:27:51:32:63:7c:ab:24:2a:75:f2:d5:9d:14:f7:
                    3c:ad:f7:40:15:85:4c:2b:0f:4a:4a:24:8d:30:ba:
                    6e:16:41:5f:8c:84:7f:a0:3d:8d:aa:a5:cc:4c:75:
                    0e:85:7f:89:fd:f3:cf:f7:8b:d3:5b:43:04:0c:91:
                    50:e0:82:55:0b:f7:4c:1a:fe:71:0c:ec:95:54:b2:
                    98:95:13:41:95:05:f8:06:24:fa:5d:45:10:16:f9:
                    3f:0a:3b:f2:5f:48:2a:36:5f:c0:b7:e1:77:22:48:
                    33:7c:04:db:a1:09:ac:d6:fa:8d:8a:8e:89:f5:ff:
                    96:50:0f:38:d5:87:07:5c:b0:70:85:e8:60:6b:e3:
                    fb:7f:ee:96:b2:68:e8:94:0d:63:df:79:ff:c7:b6:
                    23:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:F5:2B:E8:5D:B7:9C:C2:4B:D3:0D:B6:58:34:C6:D0:A4:24:8A:7E
            X509v3 Authority Key Identifier:
                keyid:93:C0:58:A0:DF:17:73:01:24:59:16:4B:5A:80:D8:53:72:C7:E2:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B7F93F86E33F11EB9832A354C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.100.0/22
                  103.135.248.0/22
                IPv6:
                  2403:18c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:be:6c:20:5a:f6:96:5a:28:7d:9d:e6:69:df:56:0c:eb:2c:
         95:c4:f3:31:33:53:99:a8:66:bd:7c:c4:4b:ee:aa:ac:74:37:
         19:c1:c3:5f:0c:f3:3d:03:4d:59:ae:2c:12:1d:60:7e:78:c8:
         56:15:a3:1d:fc:ea:b3:8b:b5:aa:bd:ff:87:28:fa:6b:bf:38:
         4c:25:04:c8:b6:6e:1b:ff:84:8f:b3:89:16:d9:b8:fe:ea:eb:
         21:d4:29:65:67:5f:15:7f:e1:42:be:33:d7:f4:56:a9:61:6e:
         f1:c2:db:0d:05:85:04:d8:7a:a7:e6:bc:77:c6:79:1c:aa:a8:
         1e:a4:c3:78:e6:0e:7e:61:c9:07:30:9b:62:90:62:f6:be:98:
         bc:cd:a8:62:c2:ff:72:73:97:b9:e8:3e:d4:91:f1:62:a8:a0:
         91:cf:d6:85:72:e1:3a:39:4b:e0:7a:68:c3:05:b4:ce:dd:be:
         92:7f:70:d2:a8:99:fc:f2:48:b8:fb:e1:a3:ca:01:12:cd:75:
         f7:07:53:e8:e3:f8:5b:9a:96:7f:eb:90:56:45:aa:a0:bb:ab:
         77:69:cd:5f:93:89:80:7e:79:0b:0e:f7:4b:8f:a3:69:b1:7a:
         18:f8:38:d3:46:ee:9b:65:df:d1:c8:98:a9:e9:1c:f7:77:9a:
         b6:43:5e:a1
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICFTswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzU2RkIxMTAvBgNVBAUTKDkzQzA1OEEwREYxNzczMDEyNDU5MTY0QjVBODBEODUz
NzJDN0UyOTIwHhcNMjYwNzA0MTcxNzA1WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5NDAxMS02NmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzOH0VFls+hUze4PSSYAGKcyaDm3ZXSoS+joBYeJgakK6Jbt/QZZ0dUFc+l/4
ufZf+f75cGtwgBqVTEQIj9Mvn29rg9xdqnV9Vu7pg+/Fu/t1+Wr+VK48/2N5ag9W
NcQqJnaSVWIlxlApJ1EyY3yrJCp18tWdFPc8rfdAFYVMKw9KSiSNMLpuFkFfjIR/
oD2NqqXMTHUOhX+J/fPP94vTW0MEDJFQ4IJVC/dMGv5xDOyVVLKYlRNBlQX4BiT6
XUUQFvk/CjvyX0gqNl/At+F3IkgzfATboQms1vqNio6J9f+WUA841YcHXLBwhehg
a+P7f+6WsmjolA1j33n/x7YjcwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFOX1K+hd
t5zCS9MNtlg0xtCkJIp+MB8GA1UdIwQYMBaAFJPAWKDfF3MBJFkWS1qA2FNyx+KS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTZGQi9FOUY1MTA0Njc4
M0ExMUU4OTA3RDUyMUFDNEY5QUUwMi9rOEJZb044WGN3RWtXUlpMV29EWVUzTEg0
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2s4QllvTjhYY3dFa1dSWkxXb0RZVTNMSDRwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzU2RkIvRTlGNTEwNDY3ODNBMTFFODkwN0Q1MjFBQzRGOUFFMDIvQjdGOTNGODZF
MzNGMTFFQjk4MzJBMzU0QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZ3VkAwQCZ4f4MA0EAgACMAcDBQAkAxjAMA0GCSqGSIb3DQEBCwUA
A4IBAQBzvmwgWvaWWih9neZp31YM6yyVxPMxM1OZqGa9fMRL7qqsdDcZwcNfDPM9
A01ZriwSHWB+eMhWFaMd/Oqzi7Wqvf+HKPprvzhMJQTItm4b/4SPs4kW2bj+6ush
1CllZ18Vf+FCvjPX9FapYW7xwtsNBYUE2Hqn5rx3xnkcqqgepMN45g5+YckHMJti
kGL2vpi8zahiwv9yc5e56D7UkfFiqKCRz9aFcuE6OUvgemjDBbTO3b6Sf3DSqJn8
8ki4++GjygESzXX3B1Po4/hbmpZ/65BWRaqgu6t3ac1fk4mAfnkLDvdLj6NpsXoY
+DjTRu6bZd/RyJip6Rz3d5q2Q16h
-----END CERTIFICATE-----
Generated at Wed Jul 8 22:04:39 2026 by rpki-client