Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/A9906244B66611ECAF76DA4CC4F9AE02.roa
File:                     A9906244B66611ECAF76DA4CC4F9AE02.roa (raw, json)
Hash identifier:          K3Ioz+ew3oRAYT6RPNtdUzozr+IYWJNopTpICBz37bk=
Subject key identifier:   26:77:89:A6:4E:24:38:1F:DD:4B:21:78:D9:35:2A:7F:00:AC:DF:59
Certificate issuer:       /CN=A91E01B2/serialNumber=C7E5790B05E0D4D209DB43DC680FB788279814A9
Certificate serial:       0436
Authority key identifier: C7:E5:79:0B:05:E0:D4:D2:09:DB:43:DC:68:0F:B7:88:27:98:14:A9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-V5CwXg1NIJ20PcaA-3iCeYFKk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/A9906244B66611ECAF76DA4CC4F9AE02.roa
Signing time:             Sat 27 Jun 2026 01:30:46 +0000
ROA not before:           Sat 27 Jun 2026 01:30:46 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     396982
IP address blocks:        103.73.115.0/24 maxlen: 24
                          103.232.218.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/x-V5CwXg1NIJ20PcaA-3iCeYFKk.crl
                          rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/x-V5CwXg1NIJ20PcaA-3iCeYFKk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-V5CwXg1NIJ20PcaA-3iCeYFKk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 14 Jul 2026 00:58:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1078 (0x436)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E01B2, serialNumber=C7E5790B05E0D4D209DB43DC680FB788279814A9
        Validity
            Not Before: Jun 27 01:30:46 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a3f27c6-7b6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:dd:74:af:9a:5b:6f:9a:3b:fa:d8:f8:ef:8d:
                    07:e2:06:5c:28:0a:87:a8:8f:31:67:52:de:74:b7:
                    b1:70:ac:68:d2:13:bf:3a:e5:7a:ff:db:05:b1:76:
                    46:fd:72:d7:67:6c:05:60:77:5b:36:c0:cc:a9:04:
                    17:30:de:c3:ca:45:2d:bf:d6:71:ea:d4:4b:2f:30:
                    68:1a:06:bb:21:66:87:36:9b:5d:6f:4d:ad:8a:a9:
                    95:ae:f7:e6:a8:8f:48:69:61:0d:f8:e6:40:c8:36:
                    ea:fe:01:ba:fc:c4:b0:9b:26:71:70:3b:74:32:9c:
                    03:20:0e:13:4e:f1:c2:53:91:b9:1f:1e:0a:ef:d2:
                    ad:1d:e9:0e:94:ca:6c:e3:91:3f:1f:52:c0:1d:dd:
                    90:9f:03:56:13:3c:8e:64:68:e7:2c:6f:b3:6f:a5:
                    62:78:fd:1d:f7:59:06:ad:84:c9:11:f6:44:da:28:
                    b8:78:f9:8a:da:6b:e5:2a:f3:12:f5:b6:f1:e2:8a:
                    44:82:70:f3:ad:81:d1:66:11:cf:64:b4:04:23:66:
                    0b:29:15:64:46:83:a8:c1:27:37:be:19:25:05:73:
                    6f:c5:1a:27:da:40:f4:11:e6:6e:8c:61:2e:1a:a0:
                    ed:d0:d3:f6:5f:20:9d:1b:85:cd:ea:04:d4:ea:49:
                    f9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:77:89:A6:4E:24:38:1F:DD:4B:21:78:D9:35:2A:7F:00:AC:DF:59
            X509v3 Authority Key Identifier:
                keyid:C7:E5:79:0B:05:E0:D4:D2:09:DB:43:DC:68:0F:B7:88:27:98:14:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/x-V5CwXg1NIJ20PcaA-3iCeYFKk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-V5CwXg1NIJ20PcaA-3iCeYFKk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E01B2/6DE9F410B66311EC8D54A449C4F9AE02/A9906244B66611ECAF76DA4CC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.73.115.0/24
                  103.232.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:43:aa:97:ad:09:25:9d:bb:67:87:c4:5d:ef:42:94:c7:82:
         a9:f8:83:83:ff:0e:6d:56:00:e4:b0:cb:ca:55:dc:ec:d1:3d:
         2f:be:99:61:c5:e5:d1:6d:27:c1:ba:8c:93:e5:09:e3:fe:c4:
         d5:b7:d1:0f:82:ae:db:d1:a0:27:47:a5:08:91:33:17:29:6d:
         b7:77:96:ea:eb:71:18:80:4f:81:6f:03:15:f3:d6:2f:71:ed:
         9a:5c:2c:b1:cd:c6:44:71:e7:4b:ec:61:31:db:1c:b0:77:53:
         6a:7a:f2:05:5c:01:ab:23:3e:a5:b9:60:fd:6e:6b:3c:1f:04:
         f0:c6:03:0f:be:33:88:7b:b8:5a:2f:80:3b:f1:4b:18:f4:08:
         0e:11:a2:fc:7a:8e:f3:1c:82:00:61:9e:3d:40:a5:78:1f:32:
         94:1a:c3:d6:0c:45:9c:1c:77:3f:2c:43:34:8c:6f:61:a3:d5:
         b2:63:4a:56:89:88:25:03:3d:e5:ad:e2:c8:47:50:37:68:4a:
         12:18:db:52:e8:22:69:b1:e4:47:46:74:e5:16:47:0c:68:8e:
         46:d2:5a:56:5b:e1:cf:c5:94:f9:7a:e6:09:70:16:56:6a:96:
         67:79:9f:9e:90:3c:aa:59:c7:70:94:ea:f3:eb:ad:d4:ad:be:
         f2:2c:ea:42
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICBDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTAxQjIxMTAvBgNVBAUTKEM3RTU3OTBCMDVFMEQ0RDIwOURCNDNEQzY4MEZCNzg4
Mjc5ODE0QTkwHhcNMjYwNjI3MDEzMDQ2WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTNmMjdjNi03YjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4d10r5pbb5o7+tj4740H4gZcKAqHqI8xZ1LedLexcKxo0hO/OuV6/9sFsXZG
/XLXZ2wFYHdbNsDMqQQXMN7DykUtv9Zx6tRLLzBoGga7IWaHNptdb02tiqmVrvfm
qI9IaWEN+OZAyDbq/gG6/MSwmyZxcDt0MpwDIA4TTvHCU5G5Hx4K79KtHekOlMps
45E/H1LAHd2QnwNWEzyOZGjnLG+zb6VieP0d91kGrYTJEfZE2ii4ePmK2mvlKvMS
9bbx4opEgnDzrYHRZhHPZLQEI2YLKRVkRoOowSc3vhklBXNvxRon2kD0EeZujGEu
GqDt0NP2XyCdG4XN6gTU6kn5tQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFCZ3iaZO
JDgf3UsheNk1Kn8ArN9ZMB8GA1UdIwQYMBaAFMfleQsF4NTSCdtD3GgPt4gnmBSp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDFCMi82REU5RjQxMEI2
NjMxMUVDOEQ1NEE0NDlDNEY5QUUwMi94LVY1Q3dYZzFOSUoyMFBjYUEtM2lDZVlG
S2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gtVjVDd1hnMU5JSjIwUGNhQS0zaUNlWUZLay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTAxQjIvNkRFOUY0MTBCNjYzMTFFQzhENTRBNDQ5QzRGOUFFMDIvQTk5MDYyNDRC
NjY2MTFFQ0FGNzZEQTRDQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAZ0lzAwQAZ+jaMA0GCSqGSIb3DQEBCwUAA4IBAQBmQ6qXrQklnbtn
h8Rd70KUx4Kp+IOD/w5tVgDksMvKVdzs0T0vvplhxeXRbSfBuoyT5Qnj/sTVt9EP
gq7b0aAnR6UIkTMXKW23d5bq63EYgE+BbwMV89Yvce2aXCyxzcZEcedL7GEx2xyw
d1NqevIFXAGrIz6luWD9bms8HwTwxgMPvjOIe7haL4A78UsY9AgOEaL8eo7zHIIA
YZ49QKV4HzKUGsPWDEWcHHc/LEM0jG9ho9WyY0pWiYglAz3lreLIR1A3aEoSGNtS
6CJpseRHRnTlFkcMaI5G0lpWW+HPxZT5euYJcBZWapZneZ+ekDyqWcdwlOrz663U
rb7yLOpC
-----END CERTIFICATE-----
Generated at Wed Jul 8 17:34:09 2026 by rpki-client