Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/1D52E8E860D711EEA524AE64C4F9AE02.roa
File:                     1D52E8E860D711EEA524AE64C4F9AE02.roa (raw, json)
Hash identifier:          3JU/RdBTU+wotb53bcqVAvYiAzucQIeHWQfmEF0cNOM=
Subject key identifier:   80:00:FB:9E:85:37:D2:4B:B0:03:29:5E:DA:2E:24:43:22:D9:FE:E2
Certificate issuer:       /CN=A91D61DF/serialNumber=15BF210B73781D5CC0BE99BD39D70B2FEB4EB86C
Certificate serial:       0241
Authority key identifier: 15:BF:21:0B:73:78:1D:5C:C0:BE:99:BD:39:D7:0B:2F:EB:4E:B8:6C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/1D52E8E860D711EEA524AE64C4F9AE02.roa
Signing time:             Fri 03 Jul 2026 03:30:30 +0000
ROA not before:           Fri 03 Jul 2026 03:30:30 +0000
ROA not after:            Sun 01 Nov 2026 00:00:00 +0000
asID:                     141199
IP address blocks:        103.160.146.0/24 maxlen: 24
                          2001:df1:ea40::/48 maxlen: 50
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.crl
                          rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 03:25:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 577 (0x241)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D61DF, serialNumber=15BF210B73781D5CC0BE99BD39D70B2FEB4EB86C
        Validity
            Not Before: Jul  3 03:30:30 2026 GMT
            Not After : Nov  1 00:00:00 2026 GMT
        Subject: CN=6a472cd6-654f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:08:20:75:05:36:56:ad:ae:ec:ec:14:ea:2e:
                    49:79:b2:28:cf:f0:14:ca:39:21:d9:81:4e:fc:37:
                    9e:9d:fd:cb:88:e9:38:b4:66:20:3d:69:e6:89:ec:
                    c9:70:83:4c:d9:5a:ff:1f:c2:2d:4b:86:9d:a1:9c:
                    30:28:b1:52:f0:1b:2b:ed:a5:97:1b:16:25:a8:30:
                    07:d2:9f:7a:61:de:11:cc:8e:29:5b:8d:11:e5:08:
                    c0:87:6d:01:e1:fb:69:c5:18:32:2d:98:f5:a3:11:
                    88:0d:cd:fd:6c:17:32:c4:de:38:ff:96:fb:c2:ee:
                    06:54:e1:c8:89:dc:e9:1b:5a:7b:39:d8:bc:fa:ad:
                    47:58:84:bc:9f:e1:f1:01:fa:ca:88:65:17:de:65:
                    35:cf:0f:a3:bd:73:6f:3f:f6:fb:d5:f8:f8:40:c5:
                    88:24:88:b5:fb:99:11:8b:d4:8a:d5:3d:3b:61:40:
                    ac:49:8e:1e:5c:6e:7e:f0:d2:06:f8:b8:3f:05:a7:
                    06:e7:44:b2:7b:ce:90:48:b3:44:a0:25:b2:29:2f:
                    d9:99:da:ac:06:a2:71:76:54:59:1e:b0:e8:4f:3e:
                    9c:c6:a1:cd:6e:96:25:53:69:1a:6e:78:22:1c:5d:
                    0a:51:3a:0f:a9:56:fa:e4:31:a4:a2:b4:0a:c1:38:
                    f6:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:00:FB:9E:85:37:D2:4B:B0:03:29:5E:DA:2E:24:43:22:D9:FE:E2
            X509v3 Authority Key Identifier:
                keyid:15:BF:21:0B:73:78:1D:5C:C0:BE:99:BD:39:D7:0B:2F:EB:4E:B8:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fb8hC3N4HVzAvpm9OdcLL-tOuGw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D61DF/0D0C5F741C6611EE9A132B84C4F9AE02/1D52E8E860D711EEA524AE64C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.160.146.0/24
                IPv6:
                  2001:df1:ea40::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:97:52:df:25:e7:1e:04:87:35:fd:b1:bb:fd:3a:aa:12:b3:
         00:1a:21:ee:96:54:59:7b:89:80:de:29:ca:f0:6a:6a:c5:0f:
         d7:27:27:56:98:c4:48:4e:9e:00:b1:5a:97:03:65:ee:5d:c5:
         ed:ca:5a:9a:48:58:fe:5a:8d:62:b6:ef:05:9a:a8:51:c1:a8:
         97:33:e9:71:76:38:bf:45:ad:2b:f0:27:0c:67:f4:96:13:aa:
         cd:9b:41:a3:ac:cc:e2:51:45:0d:f1:ba:1d:1e:9b:78:fc:5d:
         39:ec:7e:51:b3:e9:8e:bb:b4:aa:21:f3:c0:e9:ed:98:3e:22:
         93:a9:db:5e:49:05:7c:3d:b6:a6:be:6d:0c:0e:c2:00:58:98:
         29:5c:a7:17:66:e1:b9:62:a7:10:87:58:98:6d:28:2f:07:e1:
         1e:db:37:33:d8:81:72:dd:ed:a3:d9:1f:29:74:7b:a5:f2:97:
         5c:11:4d:28:7e:b2:55:e8:72:00:bb:df:af:f2:ea:83:52:5b:
         61:d2:0e:e8:bc:3d:ba:9f:cb:36:e6:19:fb:6f:81:fe:2c:d2:
         b5:93:d8:c4:cd:7b:47:ac:61:9f:dc:42:b0:d5:65:a5:af:9b:
         17:2e:e3:5c:93:ce:3f:37:7a:ab:2b:ff:ee:fd:2c:c4:43:74:
         3b:0d:5c:54
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICAkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDYxREYxMTAvBgNVBAUTKDE1QkYyMTBCNzM3ODFENUNDMEJFOTlCRDM5RDcwQjJG
RUI0RUI4NkMwHhcNMjYwNzAzMDMzMDMwWhcNMjYxMTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3MmNkNi02NTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqgggdQU2Vq2u7OwU6i5JebIoz/AUyjkh2YFO/Deenf3LiOk4tGYgPWnmiezJ
cINM2Vr/H8ItS4adoZwwKLFS8Bsr7aWXGxYlqDAH0p96Yd4RzI4pW40R5QjAh20B
4ftpxRgyLZj1oxGIDc39bBcyxN44/5b7wu4GVOHIidzpG1p7Odi8+q1HWIS8n+Hx
AfrKiGUX3mU1zw+jvXNvP/b71fj4QMWIJIi1+5kRi9SK1T07YUCsSY4eXG5+8NIG
+Lg/BacG50Sye86QSLNEoCWyKS/ZmdqsBqJxdlRZHrDoTz6cxqHNbpYlU2kabngi
HF0KUToPqVb65DGkorQKwTj2WwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFIAA+56F
N9JLsAMpXtouJEMi2f7iMB8GA1UdIwQYMBaAFBW/IQtzeB1cwL6ZvTnXCy/rTrhs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjFERi8wRDBDNUY3NDFD
NjYxMUVFOUExMzJCODRDNEY5QUUwMi9GYjhoQzNONEhWekF2cG05T2RjTEwtdE91
R3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZiOGhDM040SFZ6QXZwbTlPZGNMTC10T3VHdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDYxREYvMEQwQzVGNzQxQzY2MTFFRTlBMTMyQjg0QzRGOUFFMDIvMUQ1MkU4RTg2
MEQ3MTFFRUE1MjRBRTY0QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQAZ6CSMA8EAgACMAkDBwAgAQ3x6kAwDQYJKoZIhvcNAQELBQADggEB
AF6XUt8l5x4EhzX9sbv9OqoSswAaIe6WVFl7iYDeKcrwamrFD9cnJ1aYxEhOngCx
WpcDZe5dxe3KWppIWP5ajWK27wWaqFHBqJcz6XF2OL9FrSvwJwxn9JYTqs2bQaOs
zOJRRQ3xuh0em3j8XTnsflGz6Y67tKoh88Dp7Zg+IpOp215JBXw9tqa+bQwOwgBY
mClcpxdm4blipxCHWJhtKC8H4R7bNzPYgXLd7aPZHyl0e6Xyl1wRTSh+slXocgC7
36/y6oNSW2HSDui8PbqfyzbmGftvgf4s0rWT2MTNe0esYZ/cQrDVZaWvmxcu41yT
zj83eqsr/+79LMRDdDsNXFQ=
-----END CERTIFICATE-----
Generated at Sat Jul 18 07:12:06 2026 by rpki-client