Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D959F/068100EA13F111EB974D974EC4F9AE02/F75AEA8A13F111EB950DBC4EC4F9AE02.roa
File:                     F75AEA8A13F111EB950DBC4EC4F9AE02.roa (raw, json)
Hash identifier:          QgpTu41sM6G7HXGpsEzpZ01ASqr1eYUm5aigZVfQiCw=
Subject key identifier:   DE:4D:63:DF:6F:40:74:07:A9:74:36:97:D6:81:C1:43:3A:AA:87:3B
Certificate issuer:       /CN=A91D959F/serialNumber=808401723C2E418456AF9A0FB25F8C321C4970CB
Certificate serial:       0852
Authority key identifier: 80:84:01:72:3C:2E:41:84:56:AF:9A:0F:B2:5F:8C:32:1C:49:70:CB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gIQBcjwuQYRWr5oPsl-MMhxJcMs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D959F/068100EA13F111EB974D974EC4F9AE02/F75AEA8A13F111EB950DBC4EC4F9AE02.roa
Signing time:             Sat 04 Jul 2026 21:22:41 +0000
ROA not before:           Sat 04 Jul 2026 21:22:41 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     55720
IP address blocks:        103.60.108.0/24 maxlen: 24
                          103.60.109.0/24 maxlen: 24
                          103.60.110.0/24 maxlen: 24
                          103.60.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D959F/068100EA13F111EB974D974EC4F9AE02/gIQBcjwuQYRWr5oPsl-MMhxJcMs.crl
                          rsync://rpki.apnic.net/member_repository/A91D959F/068100EA13F111EB974D974EC4F9AE02/gIQBcjwuQYRWr5oPsl-MMhxJcMs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gIQBcjwuQYRWr5oPsl-MMhxJcMs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 21:15:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2130 (0x852)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D959F, serialNumber=808401723C2E418456AF9A0FB25F8C321C4970CB
        Validity
            Not Before: Jul  4 21:22:41 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4979a1-ba87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9f:cb:57:53:0b:1f:31:0e:d5:90:72:e3:6b:
                    b9:50:a0:5c:7e:f5:c3:17:22:61:b2:a2:98:3d:09:
                    e1:9d:b3:b3:72:b2:78:60:05:a6:b6:41:2a:24:8d:
                    9c:0e:b8:4a:c3:12:ae:ee:21:94:89:0a:ac:6c:e8:
                    9b:d5:55:31:be:79:ec:c7:5d:5b:93:7a:7e:f0:16:
                    c1:67:2b:5d:b5:3a:2e:6b:68:76:f7:cf:56:d0:3f:
                    87:b3:7b:56:68:f9:df:4d:d8:52:db:5d:96:fe:38:
                    64:25:01:89:3a:6f:c5:d1:25:89:15:b9:9b:56:8f:
                    c9:af:0e:5b:a5:ff:5d:94:fb:9b:b9:f7:33:65:06:
                    22:3c:17:8c:58:58:26:ab:cc:52:5b:3a:52:8f:21:
                    93:8a:ec:76:06:f8:d8:50:68:90:74:d5:7d:38:3d:
                    f1:5c:32:a7:38:cf:ca:d5:40:9a:a5:e6:bd:e2:0d:
                    ce:80:b2:98:c4:45:30:fb:26:ea:9c:91:93:05:dd:
                    de:e9:90:84:7c:3f:79:dd:a1:6b:f1:09:3d:ba:8b:
                    14:94:0e:d9:ee:6d:8e:56:46:99:96:fb:be:a6:68:
                    36:f3:7a:87:a5:78:8e:f8:f2:f4:16:91:db:c8:20:
                    90:1c:f7:de:19:e3:94:61:cf:2e:af:8f:f3:51:1a:
                    14:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:4D:63:DF:6F:40:74:07:A9:74:36:97:D6:81:C1:43:3A:AA:87:3B
            X509v3 Authority Key Identifier:
                keyid:80:84:01:72:3C:2E:41:84:56:AF:9A:0F:B2:5F:8C:32:1C:49:70:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D959F/068100EA13F111EB974D974EC4F9AE02/gIQBcjwuQYRWr5oPsl-MMhxJcMs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gIQBcjwuQYRWr5oPsl-MMhxJcMs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D959F/068100EA13F111EB974D974EC4F9AE02/F75AEA8A13F111EB950DBC4EC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.60.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:12:00:20:f1:3c:97:b4:5e:6b:68:43:29:04:38:39:bc:91:
         f1:c1:c2:94:26:35:c9:fd:5e:8f:ef:4e:15:f5:4d:d2:a6:2e:
         ed:28:21:68:4f:2f:c2:03:5a:43:04:92:7d:d5:f9:e7:6b:c2:
         b8:32:31:5b:1a:e0:7b:2e:b5:c4:d7:60:fe:48:c5:ac:7b:0e:
         f4:d9:41:41:c6:41:1a:c4:14:9d:ed:4c:5f:cb:11:87:b8:2f:
         3b:3e:df:08:b9:f7:99:0f:7d:60:07:9b:c1:42:b2:a2:0a:27:
         cc:7d:1f:ee:f6:eb:07:f9:24:eb:9f:7f:a5:62:c1:5a:54:cb:
         10:b5:a4:2d:16:25:98:2a:9d:db:f2:d7:9c:6a:77:9c:23:f4:
         73:31:79:a0:7b:5d:9b:2b:c1:90:4e:f2:09:91:0c:13:46:46:
         d4:e0:cb:06:0d:ba:72:be:0c:61:b7:51:ec:f2:b3:c6:ee:e9:
         29:c4:f8:25:22:ad:35:97:4a:ee:f6:b6:61:9e:ca:d9:ff:af:
         5b:72:39:44:0b:37:f3:fd:d1:67:32:a0:ea:69:34:ce:8d:61:
         63:9d:8c:4a:20:e8:53:7a:4a:33:64:68:e4:da:d7:f4:cf:35:
         12:4e:0d:cc:67:00:67:c8:7d:5a:c6:02:1e:d2:d2:03:5f:83:
         23:0b:78:90
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICCFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDk1OUYxMTAvBgNVBAUTKDgwODQwMTcyM0MyRTQxODQ1NkFGOUEwRkIyNUY4QzMy
MUM0OTcwQ0IwHhcNMjYwNzA0MjEyMjQxWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5NzlhMS1iYTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmZ/LV1MLHzEO1ZBy42u5UKBcfvXDFyJhsqKYPQnhnbOzcrJ4YAWmtkEqJI2c
DrhKwxKu7iGUiQqsbOib1VUxvnnsx11bk3p+8BbBZytdtToua2h2989W0D+Hs3tW
aPnfTdhS212W/jhkJQGJOm/F0SWJFbmbVo/Jrw5bpf9dlPubufczZQYiPBeMWFgm
q8xSWzpSjyGTiux2BvjYUGiQdNV9OD3xXDKnOM/K1UCapea94g3OgLKYxEUw+ybq
nJGTBd3e6ZCEfD953aFr8Qk9uosUlA7Z7m2OVkaZlvu+pmg283qHpXiO+PL0FpHb
yCCQHPfeGeOUYc8ur4/zURoUwwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFN5NY99v
QHQHqXQ2l9aBwUM6qoc7MB8GA1UdIwQYMBaAFICEAXI8LkGEVq+aD7JfjDIcSXDL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTU5Ri8wNjgxMDBFQTEz
RjExMUVCOTc0RDk3NEVDNEY5QUUwMi9nSVFCY2p3dVFZUldyNW9Qc2wtTU1oeEpj
TXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dJUUJjand1UVlSV3I1b1BzbC1NTWh4SmNNcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDk1OUYvMDY4MTAwRUExM0YxMTFFQjk3NEQ5NzRFQzRGOUFFMDIvRjc1QUVBOEEx
M0YxMTFFQjk1MERCQzRFQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZzxsMA0GCSqGSIb3DQEBCwUAA4IBAQBUEgAg8TyXtF5raEMpBDg5
vJHxwcKUJjXJ/V6P704V9U3Spi7tKCFoTy/CA1pDBJJ91fnna8K4MjFbGuB7LrXE
12D+SMWsew702UFBxkEaxBSd7UxfyxGHuC87Pt8IufeZD31gB5vBQrKiCifMfR/u
9usH+STrn3+lYsFaVMsQtaQtFiWYKp3b8tecanecI/RzMXmge12bK8GQTvIJkQwT
RkbU4MsGDbpyvgxht1Hs8rPG7ukpxPglIq01l0ru9rZhnsrZ/69bcjlECzfz/dFn
MqDqaTTOjWFjnYxKIOhTekozZGjk2tf0zzUSTg3MZwBnyH1axgIe0tIDX4MjC3iQ
-----END CERTIFICATE-----
Generated at Sat Jul 18 00:15:14 2026 by rpki-client