Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/B5D3426854F111ED85A7AC66C4F9AE02.roa
File:                     B5D3426854F111ED85A7AC66C4F9AE02.roa (raw, json)
Hash identifier:          OKEj9HXa1f9g4uR6sVBPFlkPnTkz7D9Cnlvm3kiY8Tw=
Subject key identifier:   6D:72:8E:1D:48:5E:9F:E6:E4:24:FA:56:A0:AF:E9:F0:9B:93:0F:75
Certificate issuer:       /CN=A91C8236/serialNumber=ED85EF77343C55412B06A53C2A4E20767AD12F25
Certificate serial:       0BB0
Authority key identifier: ED:85:EF:77:34:3C:55:41:2B:06:A5:3C:2A:4E:20:76:7A:D1:2F:25
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/B5D3426854F111ED85A7AC66C4F9AE02.roa
Signing time:             Sun 14 Jun 2026 19:22:11 +0000
ROA not before:           Sun 14 Jun 2026 19:22:11 +0000
ROA not after:            Fri 28 May 2027 00:00:00 +0000
asID:                     140216
IP address blocks:        103.148.178.0/24 maxlen: 24
                          2001:df2:e180::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.crl
                          rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 19:19:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2992 (0xbb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C8236, serialNumber=ED85EF77343C55412B06A53C2A4E20767AD12F25
        Validity
            Not Before: Jun 14 19:22:11 2026 GMT
            Not After : May 28 00:00:00 2027 GMT
        Subject: CN=6a2eff63-5a8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d3:a2:e7:d7:ee:e3:e2:8e:96:22:34:3c:b1:
                    88:1d:30:1c:69:01:20:15:b9:ac:13:a9:c4:bb:7c:
                    a0:da:0d:99:0e:c7:50:30:d3:b8:92:6f:14:32:20:
                    29:70:d2:17:f4:b5:ca:68:23:bf:c9:a7:f0:27:81:
                    19:6e:38:73:c4:e1:78:e1:93:59:8a:97:6c:63:70:
                    2e:10:4a:94:b9:18:fe:4b:60:3a:0b:55:0d:32:3a:
                    ec:e4:d1:a4:00:ad:26:f1:bf:64:17:75:62:4b:09:
                    65:6a:a6:b1:7b:4f:e4:c5:b5:17:f3:e2:6f:7f:8c:
                    31:c9:ef:0a:42:93:46:ca:9a:03:1e:65:9e:75:29:
                    e1:24:06:98:c7:c6:90:fd:29:d6:65:b7:bb:63:17:
                    fb:d0:41:47:60:fe:a5:e6:04:a9:35:55:0f:cd:39:
                    45:cd:81:b9:98:15:33:16:d8:ae:40:40:df:8d:25:
                    eb:45:38:71:f4:bf:df:fe:5e:5a:be:29:f1:13:57:
                    79:e9:b6:67:85:ff:e5:ed:ef:b9:17:85:a9:e1:2f:
                    28:84:dd:84:6a:c0:04:d5:ed:74:67:07:ec:01:6d:
                    50:fa:fc:7a:95:83:00:18:ca:66:01:d6:d5:8e:e1:
                    81:19:3b:d9:80:35:fe:bb:f8:76:b1:b1:c4:4d:12:
                    d4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:72:8E:1D:48:5E:9F:E6:E4:24:FA:56:A0:AF:E9:F0:9B:93:0F:75
            X509v3 Authority Key Identifier:
                keyid:ED:85:EF:77:34:3C:55:41:2B:06:A5:3C:2A:4E:20:76:7A:D1:2F:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7YXvdzQ8VUErBqU8Kk4gdnrRLyU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8236/D428796E532711EA8C57E37AC4F9AE02/B5D3426854F111ED85A7AC66C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.178.0/24
                IPv6:
                  2001:df2:e180::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:7a:60:2e:66:75:0c:79:02:5d:9a:64:18:04:a1:2f:d6:fb:
         bc:a7:5c:c8:9c:3b:af:33:4b:6b:63:1d:33:ff:48:e2:f2:b6:
         6c:f2:67:48:f2:2b:24:71:4a:2e:11:76:98:d6:96:b0:62:11:
         62:8b:0f:f0:da:34:73:c0:85:f0:4f:80:71:63:4f:1b:4c:91:
         6b:9e:0f:20:5a:7a:67:9e:ac:2c:d2:e0:4d:67:d0:09:f7:f6:
         92:c9:2d:85:48:56:11:50:7f:6b:95:eb:9f:9c:0b:92:51:22:
         aa:47:66:53:63:b1:b5:a8:4f:58:b6:7e:4d:ff:a4:66:c0:4b:
         b2:7a:25:f5:d3:ca:ef:eb:d8:76:75:a7:4b:c5:1a:d0:11:fc:
         ae:50:c8:7d:8b:25:00:26:8d:94:50:f1:62:b6:7c:6e:08:10:
         6d:6d:f6:cb:e1:89:dc:6f:81:69:2a:36:cf:6a:6f:53:b6:f4:
         13:cf:46:9a:fe:7f:26:8c:74:d8:6a:8e:37:d0:e3:7a:b4:4a:
         26:c5:7b:32:25:11:cf:f5:eb:ae:0e:55:0b:83:eb:65:4b:07:
         d5:3f:70:11:c2:0e:8d:9e:9f:48:92:72:18:1f:4f:f2:6c:d5:
         4f:1a:84:03:3f:1c:a6:a5:b2:4f:7e:59:09:08:30:7c:5f:11:
         7e:c4:19:aa
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICC7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzgyMzYxMTAvBgNVBAUTKEVEODVFRjc3MzQzQzU1NDEyQjA2QTUzQzJBNEUyMDc2
N0FEMTJGMjUwHhcNMjYwNjE0MTkyMjExWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02YTJlZmY2My01YThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAptOi59fu4+KOliI0PLGIHTAcaQEgFbmsE6nEu3yg2g2ZDsdQMNO4km8UMiAp
cNIX9LXKaCO/yafwJ4EZbjhzxOF44ZNZipdsY3AuEEqUuRj+S2A6C1UNMjrs5NGk
AK0m8b9kF3ViSwllaqaxe0/kxbUX8+Jvf4wxye8KQpNGypoDHmWedSnhJAaYx8aQ
/SnWZbe7Yxf70EFHYP6l5gSpNVUPzTlFzYG5mBUzFtiuQEDfjSXrRThx9L/f/l5a
vinxE1d56bZnhf/l7e+5F4Wp4S8ohN2EasAE1e10ZwfsAW1Q+vx6lYMAGMpmAdbV
juGBGTvZgDX+u/h2sbHETRLUgQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFG1yjh1I
Xp/m5CT6VqCv6fCbkw91MB8GA1UdIwQYMBaAFO2F73c0PFVBKwalPCpOIHZ60S8l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODIzNi9ENDI4Nzk2RTUz
MjcxMUVBOEM1N0UzN0FDNEY5QUUwMi83WVh2ZHpROFZVRXJCcVU4S2s0Z2RuclJM
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdZWHZkelE4VlVFckJxVThLazRnZG5yUkx5VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzgyMzYvRDQyODc5NkU1MzI3MTFFQThDNTdFMzdBQzRGOUFFMDIvQjVEMzQyNjg1
NEYxMTFFRDg1QTdBQzY2QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQAZ5SyMA8EAgACMAkDBwAgAQ3y4YAwDQYJKoZIhvcNAQELBQADggEB
AJd6YC5mdQx5Al2aZBgEoS/W+7ynXMicO68zS2tjHTP/SOLytmzyZ0jyKyRxSi4R
dpjWlrBiEWKLD/DaNHPAhfBPgHFjTxtMkWueDyBaemeerCzS4E1n0An39pLJLYVI
VhFQf2uV65+cC5JRIqpHZlNjsbWoT1i2fk3/pGbAS7J6JfXTyu/r2HZ1p0vFGtAR
/K5QyH2LJQAmjZRQ8WK2fG4IEG1t9svhidxvgWkqNs9qb1O29BPPRpr+fyaMdNhq
jjfQ43q0SibFezIlEc/1664OVQuD62VLB9U/cBHCDo2en0iSchgfT/Js1U8ahAM/
HKalsk9+WQkIMHxfEX7EGao=
-----END CERTIFICATE-----
Generated at Sat Jul 18 09:22:28 2026 by rpki-client