Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFB8E/8D9CBB16565B11F1AF6FA27195833773/977C1752565C11F1BEA0792596833773.roa
File:                     977C1752565C11F1BEA0792596833773.roa (raw, json)
Hash identifier:          ox5NKAgpprpPgfswxRMKWjrpU/zZh8UrhKGZzb/wm5I=
Subject key identifier:   E4:90:27:D7:9A:51:DA:81:CD:33:1C:EA:23:03:81:03:D3:D3:54:94
Certificate issuer:       /CN=A91CFB8E/serialNumber=52128B046E39DD6E8543588E5143B5AD25F4ED33
Certificate serial:       04
Authority key identifier: 52:12:8B:04:6E:39:DD:6E:85:43:58:8E:51:43:B5:AD:25:F4:ED:33
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhKLBG453W6FQ1iOUUO1rSX07TM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CFB8E/8D9CBB16565B11F1AF6FA27195833773/977C1752565C11F1BEA0792596833773.roa
Signing time:             Sat 23 May 2026 04:19:10 +0000
ROA not before:           Sat 23 May 2026 04:19:10 +0000
ROA not after:            Sat 31 Oct 2026 00:00:00 +0000
asID:                     134608
IP address blocks:        103.193.68.0/22 maxlen: 22
                          103.193.68.0/24 maxlen: 24
                          103.193.69.0/24 maxlen: 24
                          103.193.70.0/24 maxlen: 24
                          103.193.71.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CFB8E/8D9CBB16565B11F1AF6FA27195833773/UhKLBG453W6FQ1iOUUO1rSX07TM.crl
                          rsync://rpki.apnic.net/member_repository/A91CFB8E/8D9CBB16565B11F1AF6FA27195833773/UhKLBG453W6FQ1iOUUO1rSX07TM.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhKLBG453W6FQ1iOUUO1rSX07TM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 Jul 2026 09:55:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CFB8E, serialNumber=52128B046E39DD6E8543588E5143B5AD25F4ED33
        Validity
            Not Before: May 23 04:19:10 2026 GMT
            Not After : Oct 31 00:00:00 2026 GMT
        Subject: CN=6a112abe-e007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:25:e7:89:a6:7b:4e:62:f2:cc:92:7d:97:3e:
                    d2:2d:c6:b1:57:24:ab:d3:13:9a:4a:e1:ee:61:6a:
                    03:b1:9c:8a:1b:43:39:84:fd:dc:48:fb:ed:29:37:
                    48:4e:5f:4d:c1:92:e3:5d:9e:d7:ee:d7:37:ed:b6:
                    13:2e:d8:9d:19:9d:72:11:c6:3c:b8:a7:fc:55:5e:
                    96:e1:b5:6b:3e:92:70:58:a1:ec:31:87:ef:9f:ca:
                    c5:8f:66:fe:79:48:ed:26:c8:68:9a:7a:6a:60:db:
                    7b:6b:1a:90:df:0f:70:25:4f:64:1b:4a:47:3b:dc:
                    1a:07:10:df:eb:8b:89:07:42:14:3c:13:88:71:9c:
                    72:e0:7e:5d:34:58:60:e2:ea:01:6e:26:c1:df:a1:
                    86:db:c9:42:8a:d2:d2:da:3e:bc:1d:17:38:ac:68:
                    40:f6:06:e3:a0:9d:19:81:85:6f:87:8d:6f:b4:99:
                    56:ea:02:95:91:7e:c8:ce:67:82:34:7e:92:0f:42:
                    60:26:3c:a5:f7:4c:dd:43:0f:41:6a:48:6d:69:3b:
                    b6:fc:05:1c:3a:19:45:d6:91:17:60:64:cc:e4:4d:
                    18:5a:71:02:19:48:40:4f:c1:46:7d:ec:7d:68:2d:
                    9a:d6:9b:20:92:22:fa:95:2a:97:1e:2e:0c:9e:ca:
                    f2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:90:27:D7:9A:51:DA:81:CD:33:1C:EA:23:03:81:03:D3:D3:54:94
            X509v3 Authority Key Identifier:
                keyid:52:12:8B:04:6E:39:DD:6E:85:43:58:8E:51:43:B5:AD:25:F4:ED:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CFB8E/8D9CBB16565B11F1AF6FA27195833773/UhKLBG453W6FQ1iOUUO1rSX07TM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UhKLBG453W6FQ1iOUUO1rSX07TM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFB8E/8D9CBB16565B11F1AF6FA27195833773/977C1752565C11F1BEA0792596833773.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.193.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3e:76:5f:72:07:38:fe:38:3b:3c:36:ed:17:75:73:69:19:3d:
         7a:bf:5e:77:c9:c2:13:95:bf:da:78:18:dd:81:27:67:9d:e1:
         3e:4b:36:a0:80:cb:de:62:76:0b:34:d1:72:b9:cb:fb:11:be:
         2c:9c:65:07:db:c6:1a:b3:84:bb:bb:b4:1d:8d:54:e8:e6:7a:
         97:b6:e1:a1:dc:d3:ef:25:c0:cb:b7:9b:02:96:61:7f:4f:97:
         a0:82:ed:dd:d9:c7:69:f0:0c:a5:20:eb:ce:33:17:31:8a:a1:
         e1:20:7a:d9:6b:b3:89:bd:2f:c3:02:e6:79:0a:7d:cb:80:6f:
         bd:22:9b:f4:02:b7:b0:21:bb:c8:51:48:16:60:5d:10:f7:98:
         d0:99:0f:c3:6d:54:42:a0:87:54:57:5a:90:e4:a3:d2:72:91:
         9a:e3:93:3f:fa:01:29:3f:84:26:5b:38:77:83:7a:1c:4e:9d:
         e9:29:76:30:cf:39:e0:60:35:5b:6b:1b:de:6d:97:c8:e3:cc:
         07:d9:a7:59:51:dd:d8:11:db:7f:76:d0:db:8d:39:10:7f:f1:
         58:25:10:dc:44:4a:a9:bc:88:62:d9:ce:c5:0c:3c:e4:2c:22:
         c3:6c:d9:21:0f:f2:3f:ea:68:7f:30:7b:2d:41:42:ce:06:f9:
         c3:44:21:a8
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RkI4RTExMC8GA1UEBRMoNTIxMjhCMDQ2RTM5REQ2RTg1NDM1ODhFNTE0M0I1QUQy
NUY0RUQzMzAeFw0yNjA1MjMwNDE5MTBaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTZhMTEyYWJlLWUwMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCaJeeJpntOYvLMkn2XPtItxrFXJKvTE5pK4e5hagOxnIobQzmE/dxI++0pN0hO
X03BkuNdntfu1zftthMu2J0ZnXIRxjy4p/xVXpbhtWs+knBYoewxh++fysWPZv55
SO0myGiaempg23trGpDfD3AlT2QbSkc73BoHEN/ri4kHQhQ8E4hxnHLgfl00WGDi
6gFuJsHfoYbbyUKK0tLaPrwdFzisaED2BuOgnRmBhW+HjW+0mVbqApWRfsjOZ4I0
fpIPQmAmPKX3TN1DD0FqSG1pO7b8BRw6GUXWkRdgZMzkTRhacQIZSEBPwUZ97H1o
LZrWmyCSIvqVKpceLgyeyvI1AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQU5JAn15pR
2oHNMxzqIwOBA9PTVJQwHwYDVR0jBBgwFoAUUhKLBG453W6FQ1iOUUO1rSX07TMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGQjhFLzhEOUNCQjE2NTY1
QjExRjFBRjZGQTI3MTk1ODMzNzczL1VoS0xCRzQ1M1c2RlExaU9VVU8xclNYMDdU
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWhLTEJHNDUzVzZGUTFpT1VVTzFyU1gwN1RNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RkI4RS84RDlDQkIxNjU2NUIxMUYxQUY2RkEyNzE5NTgzMzc3My85NzdDMTc1MjU2
NUMxMUYxQkVBMDc5MjU5NjgzMzc3My5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAJnwUQwDQYJKoZIhvcNAQELBQADggEBAD52X3IHOP44Ozw27Rd1c2kZ
PXq/XnfJwhOVv9p4GN2BJ2ed4T5LNqCAy95idgs00XK5y/sRviycZQfbxhqzhLu7
tB2NVOjmepe24aHc0+8lwMu3mwKWYX9Pl6CC7d3Zx2nwDKUg684zFzGKoeEgetlr
s4m9L8MC5nkKfcuAb70im/QCt7Ahu8hRSBZgXRD3mNCZD8NtVEKgh1RXWpDko9Jy
kZrjkz/6ASk/hCZbOHeDehxOnekpdjDPOeBgNVtrG95tl8jjzAfZp1lR3dgR2392
0NuNORB/8VglENxESqm8iGLZzsUMPOQsIsNs2SEP8j/qaH8wey1BQs4G+cNEIag=
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:36:14 2026 by rpki-client