Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5ECA/BFD23206B92511EBB0E2CB82C4F9AE02/F4740B2CB92711EBA6B43A86C4F9AE02.roa
File:                     F4740B2CB92711EBA6B43A86C4F9AE02.roa (raw, json)
Hash identifier:          INJtLF8qaoeCDqTi9hekv0X3r1aZb5PkSaaKhdeU4+0=
Subject key identifier:   A6:7B:46:D4:90:E9:ED:E4:68:54:DE:5B:3A:6D:C5:7E:22:D4:0E:1E
Certificate issuer:       /CN=A91D5ECA/serialNumber=FB805D5379CB07D52A411EFFFD0491CA39B7BF27
Certificate serial:       06B2
Authority key identifier: FB:80:5D:53:79:CB:07:D5:2A:41:1E:FF:FD:04:91:CA:39:B7:BF:27
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-4BdU3nLB9UqQR7__QSRyjm3vyc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D5ECA/BFD23206B92511EBB0E2CB82C4F9AE02/F4740B2CB92711EBA6B43A86C4F9AE02.roa
Signing time:             Thu 18 Jun 2026 22:27:16 +0000
ROA not before:           Thu 18 Jun 2026 22:27:16 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     142271
IP address blocks:        103.167.66.0/24 maxlen: 24
                          2400:c3e0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D5ECA/BFD23206B92511EBB0E2CB82C4F9AE02/-4BdU3nLB9UqQR7__QSRyjm3vyc.crl
                          rsync://rpki.apnic.net/member_repository/A91D5ECA/BFD23206B92511EBB0E2CB82C4F9AE02/-4BdU3nLB9UqQR7__QSRyjm3vyc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-4BdU3nLB9UqQR7__QSRyjm3vyc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 22:49:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1714 (0x6b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D5ECA, serialNumber=FB805D5379CB07D52A411EFFFD0491CA39B7BF27
        Validity
            Not Before: Jun 18 22:27:16 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3470c4-0f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e6:e9:61:4c:48:7e:49:ec:7b:05:d7:56:c4:
                    d3:84:3c:14:39:3f:34:9c:1f:5c:70:67:4f:59:ec:
                    14:88:a8:22:39:68:fe:1d:05:0a:0e:da:7c:e7:97:
                    94:7c:62:44:b6:04:7b:58:cc:d6:ec:22:1d:a1:82:
                    45:12:63:ab:f5:bd:f4:43:e1:d5:e8:e2:80:9e:9d:
                    69:bf:97:ba:02:5c:18:10:9c:d3:e0:85:c7:32:5b:
                    75:dd:bf:91:81:c8:81:c5:9e:e1:e0:db:8f:e0:a0:
                    c1:1b:4c:71:ce:9d:69:02:9b:91:e9:4b:2e:81:bd:
                    8a:aa:d4:0b:78:54:ea:f6:e7:dc:84:f4:f0:7e:b2:
                    db:43:82:0f:f7:ba:8e:6d:07:c5:27:52:75:1e:f1:
                    ef:d5:f7:6b:e7:90:8d:6d:2e:9f:ce:89:ac:8e:58:
                    a1:c1:34:71:39:dc:9b:e6:bf:01:33:61:8a:00:04:
                    19:2e:64:cb:73:f5:60:a9:52:3b:2a:65:f2:9f:7d:
                    d6:2f:ad:7a:62:ec:d4:3b:db:e9:98:e4:cd:08:7d:
                    1c:6d:28:11:a2:9e:ff:fd:a7:95:50:74:38:a2:dc:
                    77:e5:51:34:38:17:bc:2b:29:a5:d4:00:fa:77:c5:
                    5e:ca:ad:3a:35:25:fc:d9:6e:ac:20:af:95:6b:a5:
                    58:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:7B:46:D4:90:E9:ED:E4:68:54:DE:5B:3A:6D:C5:7E:22:D4:0E:1E
            X509v3 Authority Key Identifier:
                keyid:FB:80:5D:53:79:CB:07:D5:2A:41:1E:FF:FD:04:91:CA:39:B7:BF:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D5ECA/BFD23206B92511EBB0E2CB82C4F9AE02/-4BdU3nLB9UqQR7__QSRyjm3vyc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-4BdU3nLB9UqQR7__QSRyjm3vyc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5ECA/BFD23206B92511EBB0E2CB82C4F9AE02/F4740B2CB92711EBA6B43A86C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.167.66.0/24
                IPv6:
                  2400:c3e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         98:db:9d:73:c1:15:73:43:87:5b:99:0c:fc:c9:2f:e4:3b:68:
         36:94:3c:65:97:82:78:7d:82:b0:a2:8f:fb:de:26:c8:18:02:
         a8:80:af:a4:78:3f:49:a2:76:12:7f:f4:83:7e:53:65:0b:1a:
         e2:5d:25:4d:7d:a2:ac:d8:d8:2e:b5:fb:a0:7b:70:c4:1c:d1:
         e6:ce:62:ba:11:cc:92:2d:c0:51:3b:cd:32:73:9a:4f:dc:49:
         fa:46:80:84:84:5c:52:c3:bf:f2:f7:ef:70:cc:44:f8:c7:c1:
         74:df:10:94:b2:c3:b4:15:bc:45:b7:e9:81:2f:ac:50:b2:9b:
         4f:e6:25:2a:43:fb:a4:5c:23:6f:69:52:ad:e7:c6:f1:78:53:
         ee:94:75:95:ff:5a:41:19:5e:13:15:0d:5a:15:35:45:64:8a:
         ad:eb:c8:48:43:9f:7e:b7:fe:53:b3:76:5b:9d:ff:b8:e6:fc:
         e1:c7:23:3b:84:af:67:72:3e:99:d6:09:e7:a4:33:a0:42:d3:
         65:01:e1:cc:f0:0d:96:4b:0f:eb:a8:70:48:f6:79:f2:b6:6b:
         d7:56:a2:bc:4e:89:e8:da:3c:26:eb:78:3a:90:98:24:75:7f:
         81:34:a8:69:9d:19:4f:dd:08:96:25:86:cc:91:05:fb:a4:b6:
         3d:6e:26:a7
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICBrIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDVFQ0ExMTAvBgNVBAUTKEZCODA1RDUzNzlDQjA3RDUyQTQxMUVGRkZEMDQ5MUNB
MzlCN0JGMjcwHhcNMjYwNjE4MjIyNzE2WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTM0NzBjNC0wZjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyObpYUxIfknsewXXVsTThDwUOT80nB9ccGdPWewUiKgiOWj+HQUKDtp855eU
fGJEtgR7WMzW7CIdoYJFEmOr9b30Q+HV6OKAnp1pv5e6AlwYEJzT4IXHMlt13b+R
gciBxZ7h4NuP4KDBG0xxzp1pApuR6Usugb2KqtQLeFTq9ufchPTwfrLbQ4IP97qO
bQfFJ1J1HvHv1fdr55CNbS6fzomsjlihwTRxOdyb5r8BM2GKAAQZLmTLc/VgqVI7
KmXyn33WL616YuzUO9vpmOTNCH0cbSgRop7//aeVUHQ4otx35VE0OBe8Kyml1AD6
d8Veyq06NSX82W6sIK+Va6VY2wIDAQABo4ICbzCCAmswHQYDVR0OBBYEFKZ7RtSQ
6e3kaFTeWzptxX4i1A4eMB8GA1UdIwQYMBaAFPuAXVN5ywfVKkEe//0Ekco5t78n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUVDQS9CRkQyMzIwNkI5
MjUxMUVCQjBFMkNCODJDNEY5QUUwMi8tNEJkVTNuTEI5VXFRUjdfX1FTUnlqbTN2
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy00QmRVM25MQjlVcVFSN19fUVNSeWptM3Z5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVFQ0EvQkZEMjMyMDZCOTI1MTFFQkIwRTJDQjgyQzRGOUFFMDIvRjQ3NDBCMkNC
OTI3MTFFQkE2QjQzQTg2QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQAZ6dCMA0EAgACMAcDBQAkAMPgMA0GCSqGSIb3DQEBCwUAA4IBAQCY
251zwRVzQ4dbmQz8yS/kO2g2lDxll4J4fYKwoo/73ibIGAKogK+keD9JonYSf/SD
flNlCxriXSVNfaKs2Ngutfuge3DEHNHmzmK6EcySLcBRO80yc5pP3En6RoCEhFxS
w7/y9+9wzET4x8F03xCUssO0FbxFt+mBL6xQsptP5iUqQ/ukXCNvaVKt58bxeFPu
lHWV/1pBGV4TFQ1aFTVFZIqt68hIQ59+t/5Ts3Zbnf+45vzhxyM7hK9ncj6Z1gnn
pDOgQtNlAeHM8A2WSw/rqHBI9nnytmvXVqK8Tono2jwm63g6kJgkdX+BNKhpnRlP
3QiWJYbMkQX7pLY9bian
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:16:57 2026 by rpki-client