Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C89A2/BC62C970DF5611EC8C6F160FC4F9AE02/2E5E44C40D7311ED90DA6411C4F9AE02.roa
File:                     2E5E44C40D7311ED90DA6411C4F9AE02.roa (raw, json)
Hash identifier:          sxlGdaSF33nxa5FY5NtT2VNBoo8bCx2h5bnPzXqou6c=
Subject key identifier:   27:A9:27:01:F6:A4:3F:92:D1:35:27:AE:0A:81:AF:0C:5B:E6:39:32
Certificate issuer:       /CN=A91C89A2/serialNumber=C30854C9951F2D866BFFA9C4D53D399379D80FAC
Certificate serial:       03C6
Authority key identifier: C3:08:54:C9:95:1F:2D:86:6B:FF:A9:C4:D5:3D:39:93:79:D8:0F:AC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wwhUyZUfLYZr_6nE1T05k3nYD6w.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C89A2/BC62C970DF5611EC8C6F160FC4F9AE02/2E5E44C40D7311ED90DA6411C4F9AE02.roa
Signing time:             Wed 01 Jul 2026 02:28:10 +0000
ROA not before:           Wed 01 Jul 2026 02:28:10 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     149843
IP address blocks:        103.188.44.0/23 maxlen: 23
                          103.188.44.0/24 maxlen: 24
                          103.188.45.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C89A2/BC62C970DF5611EC8C6F160FC4F9AE02/wwhUyZUfLYZr_6nE1T05k3nYD6w.crl
                          rsync://rpki.apnic.net/member_repository/A91C89A2/BC62C970DF5611EC8C6F160FC4F9AE02/wwhUyZUfLYZr_6nE1T05k3nYD6w.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wwhUyZUfLYZr_6nE1T05k3nYD6w.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 12 Jul 2026 01:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 966 (0x3c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C89A2, serialNumber=C30854C9951F2D866BFFA9C4D53D399379D80FAC
        Validity
            Not Before: Jul  1 02:28:10 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a447b3a-a428
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:04:6c:18:df:37:63:51:2f:11:24:2c:be:cb:
                    02:6c:ca:90:05:e9:f8:7e:a4:f0:f3:dc:c9:57:5b:
                    d6:2d:41:35:58:1e:ee:3d:1e:e9:a8:bc:79:0e:df:
                    57:0c:25:44:72:d3:a0:c7:9d:b6:01:67:75:ad:13:
                    1a:1d:68:6a:1f:5e:cb:2d:0e:5a:67:09:da:8e:2e:
                    36:8d:c2:fd:28:69:f0:cb:01:82:66:9d:0b:03:f5:
                    32:48:60:3a:ec:93:ab:41:41:d3:2a:5d:6f:23:f1:
                    f2:bb:c7:88:45:3e:8e:a1:b0:01:e9:2c:c1:b3:1d:
                    a1:24:3d:aa:74:76:85:c5:f2:bf:81:c1:75:95:25:
                    a6:53:29:2e:1c:43:91:48:68:ff:9c:77:bb:41:44:
                    2d:73:16:43:26:2d:9b:c0:d7:54:81:e5:06:14:a0:
                    26:04:3e:a5:c7:bf:44:b8:e4:f6:45:19:34:b7:d6:
                    1d:97:d6:95:8b:c4:0b:00:c6:96:05:93:af:00:dc:
                    8a:fd:66:79:a2:59:f5:1f:c6:ad:61:a2:5d:c4:86:
                    66:3a:66:59:9b:63:eb:fd:8a:42:f2:ae:df:bb:4c:
                    d7:10:11:71:b6:3b:a5:ab:65:b6:73:d8:61:b8:0f:
                    cd:8f:b8:9b:aa:c1:34:53:e8:91:d9:ef:2a:d7:b0:
                    36:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A9:27:01:F6:A4:3F:92:D1:35:27:AE:0A:81:AF:0C:5B:E6:39:32
            X509v3 Authority Key Identifier:
                keyid:C3:08:54:C9:95:1F:2D:86:6B:FF:A9:C4:D5:3D:39:93:79:D8:0F:AC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C89A2/BC62C970DF5611EC8C6F160FC4F9AE02/wwhUyZUfLYZr_6nE1T05k3nYD6w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wwhUyZUfLYZr_6nE1T05k3nYD6w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C89A2/BC62C970DF5611EC8C6F160FC4F9AE02/2E5E44C40D7311ED90DA6411C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.188.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:dd:b1:86:88:b7:e8:c9:93:7b:45:57:f6:25:cd:1a:37:d1:
         36:0b:38:d1:03:b9:1a:ee:e4:44:cc:17:97:21:31:55:ce:6e:
         0a:6b:9a:ee:64:72:6f:0d:fb:e9:72:a9:74:e6:ea:94:c5:97:
         62:54:f8:b6:b7:34:d8:ce:9e:d2:c1:d8:ee:2a:1e:32:43:b5:
         dc:ed:ed:01:31:fc:aa:13:8f:40:42:e8:a8:34:e5:6f:e7:b6:
         07:b1:fb:64:fd:e8:b1:f2:91:53:8f:fa:af:a6:ed:44:4f:68:
         5d:15:29:f9:6d:b0:73:4c:15:83:4c:84:6f:8b:a5:d2:37:82:
         76:c8:d9:49:70:49:69:ec:5d:5b:56:8b:c2:5d:15:b6:95:ce:
         6a:95:dd:69:9f:00:16:21:62:0b:14:6a:9b:fd:60:59:8c:5b:
         39:bd:67:fc:77:f1:b3:ee:a9:bd:18:1c:7d:c1:5a:23:1a:c7:
         0d:7f:be:5b:ac:7b:dd:2c:f6:f4:44:6e:4c:dd:6e:d1:b0:c0:
         7b:f7:56:6e:96:4e:0a:0b:22:ef:d7:5b:43:78:40:93:26:11:
         0d:8b:48:bb:ab:31:9b:8d:c3:28:fd:b7:64:8a:98:bf:a2:3b:
         b8:b5:9e:a1:6e:dd:b1:84:82:8c:be:1d:a6:7b:4e:1c:d8:6c:
         6d:c5:c8:fa
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICA8YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzg5QTIxMTAvBgNVBAUTKEMzMDg1NEM5OTUxRjJEODY2QkZGQTlDNEQ1M0QzOTkz
NzlEODBGQUMwHhcNMjYwNzAxMDIyODEwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0N2IzYS1hNDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1QRsGN83Y1EvESQsvssCbMqQBen4fqTw89zJV1vWLUE1WB7uPR7pqLx5Dt9X
DCVEctOgx522AWd1rRMaHWhqH17LLQ5aZwnaji42jcL9KGnwywGCZp0LA/UySGA6
7JOrQUHTKl1vI/Hyu8eIRT6OobAB6SzBsx2hJD2qdHaFxfK/gcF1lSWmUykuHEOR
SGj/nHe7QUQtcxZDJi2bwNdUgeUGFKAmBD6lx79EuOT2RRk0t9Ydl9aVi8QLAMaW
BZOvANyK/WZ5oln1H8atYaJdxIZmOmZZm2Pr/YpC8q7fu0zXEBFxtjulq2W2c9hh
uA/Nj7ibqsE0U+iR2e8q17A2DwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFCepJwH2
pD+S0TUnrgqBrwxb5jkyMB8GA1UdIwQYMBaAFMMIVMmVHy2Ga/+pxNU9OZN52A+s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODlBMi9CQzYyQzk3MERG
NTYxMUVDOEM2RjE2MEZDNEY5QUUwMi93d2hVeVpVZkxZWnJfNm5FMVQwNWszbllE
NncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d3aFV5WlVmTFlacl82bkUxVDA1azNuWUQ2dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzg5QTIvQkM2MkM5NzBERjU2MTFFQzhDNkYxNjBGQzRGOUFFMDIvMkU1RTQ0QzQw
RDczMTFFRDkwREE2NDExQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZ7wsMA0GCSqGSIb3DQEBCwUAA4IBAQCU3bGGiLfoyZN7RVf2Jc0a
N9E2CzjRA7ka7uREzBeXITFVzm4Ka5ruZHJvDfvpcql05uqUxZdiVPi2tzTYzp7S
wdjuKh4yQ7Xc7e0BMfyqE49AQuioNOVv57YHsftk/eix8pFTj/qvpu1ET2hdFSn5
bbBzTBWDTIRvi6XSN4J2yNlJcElp7F1bVovCXRW2lc5qld1pnwAWIWILFGqb/WBZ
jFs5vWf8d/Gz7qm9GBx9wVojGscNf75brHvdLPb0RG5M3W7RsMB791Zulk4KCyLv
11tDeECTJhENi0i7qzGbjcMo/bdkipi/oju4tZ6hbt2xhIKMvh2me04c2Gxtxcj6
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:23:22 2026 by rpki-client