Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6515/84C4674A60C111F08BD5B82EC4F9AE02/E5723CA260C111F0A9EB0333C4F9AE02.roa
File:                     E5723CA260C111F0A9EB0333C4F9AE02.roa (raw, json)
Hash identifier:          dgVomHsPjy8dnzAeq1krltAgv8t1jsAsT7S8XSGxsvA=
Subject key identifier:   9E:86:9F:D9:43:30:C2:BC:0B:75:58:1B:0E:DE:C2:BF:1D:06:A1:31
Certificate issuer:       /CN=A91C6515/serialNumber=36DB44D4C159886738215A5610B110C24486CA56
Certificate serial:       02
Authority key identifier: 36:DB:44:D4:C1:59:88:67:38:21:5A:56:10:B1:10:C2:44:86:CA:56
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NttE1MFZiGc4IVpWELEQwkSGylY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6515/84C4674A60C111F08BD5B82EC4F9AE02/E5723CA260C111F0A9EB0333C4F9AE02.roa
Signing time:             Mon 14 Jul 2025 14:50:34 +0000
ROA not before:           Mon 14 Jul 2025 14:50:34 +0000
ROA not after:            Mon 31 Aug 2026 00:00:00 +0000
asID:                     151335
IP address blocks:        103.105.22.0/24 maxlen: 24
                          103.196.187.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C6515/84C4674A60C111F08BD5B82EC4F9AE02/NttE1MFZiGc4IVpWELEQwkSGylY.crl
                          rsync://rpki.apnic.net/member_repository/A91C6515/84C4674A60C111F08BD5B82EC4F9AE02/NttE1MFZiGc4IVpWELEQwkSGylY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NttE1MFZiGc4IVpWELEQwkSGylY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Jul 2025 08:23:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6515, serialNumber=36DB44D4C159886738215A5610B110C24486CA56
        Validity
            Not Before: Jul 14 14:50:34 2025 GMT
            Not After : Aug 31 00:00:00 2026 GMT
        Subject: CN=6875193a-c3c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:50:9d:64:01:13:5c:7e:46:e9:d8:18:11:1a:
                    62:ee:a9:ba:bc:4c:b1:fc:51:2e:ad:41:77:6a:4b:
                    a6:d1:d7:ef:cb:97:b3:31:33:bb:ef:89:41:d5:0a:
                    e8:ed:2e:8f:e2:03:6d:92:0c:f3:1f:d1:75:71:60:
                    fe:83:22:19:2c:1e:b4:cc:c5:29:ae:b3:b0:cb:15:
                    3f:bd:9e:ed:ec:ff:62:d1:52:88:ec:7d:92:5e:aa:
                    7e:02:06:5a:c7:17:c3:9c:9e:ed:81:d9:15:32:98:
                    c7:dc:39:a7:2d:08:16:0e:c1:c3:73:72:e2:f3:00:
                    25:a1:8f:be:e3:39:bf:fb:97:ca:4b:cb:60:2d:b2:
                    10:57:8d:3b:0b:48:6c:59:8c:02:78:3f:c5:d4:c1:
                    98:90:2c:2d:de:60:42:10:57:31:35:4c:6d:8b:85:
                    64:c2:e3:ec:85:fe:be:35:ba:82:1a:c7:c5:c6:fa:
                    65:3a:fd:84:80:2a:2f:5b:25:57:ef:8e:26:0a:7a:
                    72:e4:cb:11:ac:ed:e7:4e:a1:42:c5:11:44:bf:30:
                    bb:e4:93:bd:b0:a9:2a:82:38:65:8d:06:5d:1d:e9:
                    ca:e5:f1:6d:61:b8:95:1d:04:57:04:d7:1d:7b:ae:
                    00:55:9c:40:5c:46:e3:b5:5d:ba:00:af:84:8c:e0:
                    c3:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:86:9F:D9:43:30:C2:BC:0B:75:58:1B:0E:DE:C2:BF:1D:06:A1:31
            X509v3 Authority Key Identifier:
                keyid:36:DB:44:D4:C1:59:88:67:38:21:5A:56:10:B1:10:C2:44:86:CA:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6515/84C4674A60C111F08BD5B82EC4F9AE02/NttE1MFZiGc4IVpWELEQwkSGylY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NttE1MFZiGc4IVpWELEQwkSGylY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6515/84C4674A60C111F08BD5B82EC4F9AE02/E5723CA260C111F0A9EB0333C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.22.0/24
                  103.196.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:b4:f5:a1:82:76:74:fa:d4:27:25:92:f8:56:15:bb:79:b1:
         3d:b1:f9:1f:d6:0c:b8:ae:5e:e4:00:08:12:df:e4:1e:02:60:
         22:97:7e:69:f5:f0:56:67:69:e9:ae:66:83:70:a1:17:de:c0:
         d0:d0:42:4f:3b:fa:98:6e:f3:83:cb:c7:4f:45:56:d1:d0:7f:
         d7:af:bf:7e:76:fa:e5:b6:78:92:b3:dc:61:ca:83:42:a3:4c:
         f6:cd:81:49:7e:83:4c:37:bf:5c:8b:97:eb:81:f8:bd:dc:13:
         d4:38:c8:cd:58:ff:2c:18:5a:d2:0e:9d:dc:75:ba:3f:ff:a6:
         f3:18:6b:91:d2:5a:6a:e5:d4:ea:f0:1c:25:b6:67:33:8b:ef:
         99:08:38:6e:d2:81:3b:7b:50:7c:ef:14:e7:52:d1:15:ab:b5:
         90:e7:0a:62:d3:c8:dd:11:6e:5f:a7:5b:ee:40:49:29:27:fe:
         26:7b:ed:1b:23:41:1a:a0:b0:7c:32:17:87:5a:64:00:76:b5:
         6d:cb:ab:5e:a2:08:86:1c:75:a1:32:44:51:18:7f:dd:b7:64:
         8c:58:b0:8f:9c:ce:6d:0b:d6:c9:cb:42:fe:bc:82:dd:44:23:
         84:3b:1a:1d:1d:47:86:7b:4b:b7:ff:1d:a6:49:1d:b8:22:7d:
         ad:35:e1:81
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjUxNTExMC8GA1UEBRMoMzZEQjQ0RDRDMTU5ODg2NzM4MjE1QTU2MTBCMTEwQzI0
NDg2Q0E1NjAeFw0yNTA3MTQxNDUwMzRaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NzUxOTNhLWMzYzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmUJ1kARNcfkbp2BgRGmLuqbq8TLH8US6tQXdqS6bR1+/Ll7MxM7vviUHVCujt
Lo/iA22SDPMf0XVxYP6DIhksHrTMxSmus7DLFT+9nu3s/2LRUojsfZJeqn4CBlrH
F8Ocnu2B2RUymMfcOactCBYOwcNzcuLzACWhj77jOb/7l8pLy2AtshBXjTsLSGxZ
jAJ4P8XUwZiQLC3eYEIQVzE1TG2LhWTC4+yF/r41uoIax8XG+mU6/YSAKi9bJVfv
jiYKenLkyxGs7edOoULFEUS/MLvkk72wqSqCOGWNBl0d6crl8W1huJUdBFcE1x17
rgBVnEBcRuO1XboAr4SM4MOjAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUnoaf2UMw
wrwLdVgbDt7Cvx0GoTEwHwYDVR0jBBgwFoAUNttE1MFZiGc4IVpWELEQwkSGylYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTE1Lzg0QzQ2NzRBNjBD
MTExRjA4QkQ1QjgyRUM0RjlBRTAyL050dEUxTUZaaUdjNElWcFdFTEVRd2tTR3ls
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTnR0RTFNRlppR2M0SVZwV0VMRVF3a1NHeWxZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjUxNS84NEM0Njc0QTYwQzExMUYwOEJENUI4MkVDNEY5QUUwMi9FNTcyM0NBMjYw
QzExMUYwQTlFQjAzMzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGdpFgMEAGfEuzANBgkqhkiG9w0BAQsFAAOCAQEAHbT1oYJ2
dPrUJyWS+FYVu3mxPbH5H9YMuK5e5AAIEt/kHgJgIpd+afXwVmdp6a5mg3ChF97A
0NBCTzv6mG7zg8vHT0VW0dB/16+/fnb65bZ4krPcYcqDQqNM9s2BSX6DTDe/XIuX
64H4vdwT1DjIzVj/LBha0g6d3HW6P/+m8xhrkdJaauXU6vAcJbZnM4vvmQg4btKB
O3tQfO8U51LRFau1kOcKYtPI3RFuX6db7kBJKSf+JnvtGyNBGqCwfDIXh1pkAHa1
bcurXqIIhhx1oTJEURh/3bdkjFiwj5zObQvWyctC/ryC3UQjhDsaHR1HhntLt/8d
pkkduCJ9rTXhgQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:22:59 2025 by rpki-client