Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/05287CD492B611F0841D2F21C4F9AE02.roa
File:                     05287CD492B611F0841D2F21C4F9AE02.roa (raw, json)
Hash identifier:          ybbS8h1hbsSyDEQM98hgj9lmZDZkRjlad4a8ps5Pr7Q=
Subject key identifier:   57:5B:65:DF:3C:56:06:28:7D:0C:75:9F:5F:0D:24:E9:AC:2F:FB:B2
Certificate issuer:       /CN=A91C7B68/serialNumber=9B5A5365DA2B25FA698B703093CFBDC2A2C23FCF
Certificate serial:       AE
Authority key identifier: 9B:5A:53:65:DA:2B:25:FA:69:8B:70:30:93:CF:BD:C2:A2:C2:3F:CF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1pTZdorJfppi3Awk8-9wqLCP88.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/05287CD492B611F0841D2F21C4F9AE02.roa
Signing time:             Tue 30 Jun 2026 21:24:19 +0000
ROA not before:           Tue 30 Jun 2026 21:24:19 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     58945
IP address blocks:        103.214.159.0/24 maxlen: 24
                          144.48.115.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/m1pTZdorJfppi3Awk8-9wqLCP88.crl
                          rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/m1pTZdorJfppi3Awk8-9wqLCP88.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1pTZdorJfppi3Awk8-9wqLCP88.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 09 Jul 2026 20:10:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174 (0xae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C7B68, serialNumber=9B5A5365DA2B25FA698B703093CFBDC2A2C23FCF
        Validity
            Not Before: Jun 30 21:24:19 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a443403-ded9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:59:c2:c6:c3:ef:c0:d0:30:3e:f3:70:eb:95:
                    02:b6:b5:ca:4a:90:0e:a2:1d:aa:39:ce:b3:5d:6e:
                    29:79:f4:28:d6:9e:3b:6c:08:06:fa:69:a1:60:b1:
                    d3:6e:1f:a2:8d:2a:5b:80:4a:24:a2:3d:16:78:eb:
                    7d:2a:71:20:3c:46:9c:59:de:4d:06:d7:9c:b0:a9:
                    c7:c7:28:cc:06:39:33:d3:b9:51:3f:e7:5c:07:0d:
                    65:f3:46:c1:91:20:1c:c4:01:2e:93:ed:a4:6d:0e:
                    09:aa:d6:6e:26:1c:e0:cb:3c:b6:85:e4:9a:3a:9e:
                    ac:d9:f9:c0:65:3b:1e:b4:29:07:ee:4e:9c:52:7e:
                    89:98:6a:fa:bf:59:b8:a6:c6:f7:e8:4c:b8:30:8d:
                    7c:6f:1d:d8:c2:7e:91:2c:06:5e:80:f4:ba:8b:4e:
                    96:a7:b4:cf:be:d8:24:2d:c9:c5:e6:78:c8:6c:55:
                    c6:50:9d:94:e3:30:c2:10:5a:c7:28:04:60:37:c1:
                    35:7f:ee:11:3d:e5:dc:2b:62:b5:eb:89:19:6a:41:
                    22:88:0d:99:97:16:26:83:1c:74:82:a5:73:48:91:
                    89:89:4f:5f:5d:cd:4a:27:49:d7:46:ad:5d:85:14:
                    4f:20:48:dc:4f:fc:b0:e1:27:64:f3:94:a7:1c:4c:
                    c6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5B:65:DF:3C:56:06:28:7D:0C:75:9F:5F:0D:24:E9:AC:2F:FB:B2
            X509v3 Authority Key Identifier:
                keyid:9B:5A:53:65:DA:2B:25:FA:69:8B:70:30:93:CF:BD:C2:A2:C2:3F:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/m1pTZdorJfppi3Awk8-9wqLCP88.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1pTZdorJfppi3Awk8-9wqLCP88.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/05287CD492B611F0841D2F21C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.214.159.0/24
                  144.48.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:de:40:0a:85:a3:d1:a4:f4:72:5b:d1:3e:52:25:77:ee:3c:
         f4:1e:f3:e9:aa:5d:4c:66:9a:6e:ec:ae:a5:44:4f:d0:3f:aa:
         a5:30:01:40:09:9f:06:53:e6:06:0f:89:15:bf:6f:54:16:54:
         99:39:8f:5b:7c:1a:3e:07:82:c8:aa:ea:ee:ee:cc:e3:d0:00:
         be:05:ad:52:b3:fb:ed:69:02:03:e5:d5:af:90:9c:f2:1e:ad:
         51:ad:d2:ab:e2:29:55:29:90:e8:0a:b4:3b:b8:c0:81:ad:3e:
         54:4f:1f:c1:e0:41:a1:53:f2:0f:12:07:9f:5d:9b:ed:fa:d5:
         65:fe:10:ac:d1:75:cd:24:57:25:93:27:67:84:c7:89:7f:16:
         ef:71:9f:64:ce:3c:ba:2b:2f:d6:6b:97:57:72:a7:fc:d4:53:
         b8:7b:0c:4b:c8:38:69:bc:2c:64:45:db:a8:3d:50:81:e0:7e:
         44:95:79:bf:fd:4d:31:36:d1:74:71:b2:86:01:ed:1c:de:7d:
         e6:5e:f2:6f:d5:d5:b2:ff:8f:52:52:a1:58:e5:4e:1c:87:27:
         ca:79:f5:39:0f:74:6e:e1:01:a2:80:23:8b:c5:1f:f7:8b:3b:
         43:9a:68:4c:38:47:72:41:fd:f9:96:d7:62:26:53:93:cb:fa:
         0a:3b:b0:96
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICAK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdCNjgxMTAvBgNVBAUTKDlCNUE1MzY1REEyQjI1RkE2OThCNzAzMDkzQ0ZCREMy
QTJDMjNGQ0YwHhcNMjYwNjMwMjEyNDE5WhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0MzQwMy1kZWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwVnCxsPvwNAwPvNw65UCtrXKSpAOoh2qOc6zXW4pefQo1p47bAgG+mmhYLHT
bh+ijSpbgEokoj0WeOt9KnEgPEacWd5NBtecsKnHxyjMBjkz07lRP+dcBw1l80bB
kSAcxAEuk+2kbQ4JqtZuJhzgyzy2heSaOp6s2fnAZTsetCkH7k6cUn6JmGr6v1m4
psb36Ey4MI18bx3Ywn6RLAZegPS6i06Wp7TPvtgkLcnF5njIbFXGUJ2U4zDCEFrH
KARgN8E1f+4RPeXcK2K164kZakEiiA2ZlxYmgxx0gqVzSJGJiU9fXc1KJ0nXRq1d
hRRPIEjcT/yw4Sdk85SnHEzGdQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFFdbZd88
VgYofQx1n18NJOmsL/uyMB8GA1UdIwQYMBaAFJtaU2XaKyX6aYtwMJPPvcKiwj/P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0I2OC81M0E3QjkyQ0Iw
QTUxMUVBOEY5MkVEMTdDNEY5QUUwMi9tMXBUWmRvckpmcHBpM0F3azgtOXdxTENQ
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20xcFRaZG9ySmZwcGkzQXdrOC05d3FMQ1A4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCNjgvNTNBN0I5MkNCMEE1MTFFQThGOTJFRDE3QzRGOUFFMDIvMDUyODdDRDQ5
MkI2MTFGMDg0MUQyRjIxQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAZ9afAwQAkDBzMA0GCSqGSIb3DQEBCwUAA4IBAQCX3kAKhaPRpPRy
W9E+UiV37jz0HvPpql1MZppu7K6lRE/QP6qlMAFACZ8GU+YGD4kVv29UFlSZOY9b
fBo+B4LIquru7szj0AC+Ba1Ss/vtaQID5dWvkJzyHq1RrdKr4ilVKZDoCrQ7uMCB
rT5UTx/B4EGhU/IPEgefXZvt+tVl/hCs0XXNJFclkydnhMeJfxbvcZ9kzjy6Ky/W
a5dXcqf81FO4ewxLyDhpvCxkRduoPVCB4H5ElXm//U0xNtF0cbKGAe0c3n3mXvJv
1dWy/49SUqFY5U4chyfKefU5D3Ru4QGigCOLxR/3iztDmmhMOEdyQf35ltdiJlOT
y/oKO7CW
-----END CERTIFICATE-----
Generated at Fri Jul 3 20:54:22 2026 by rpki-client