Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/DAC9D5960C7E11EF9A189E18C4F9AE02.roa
File:                     DAC9D5960C7E11EF9A189E18C4F9AE02.roa (raw, json)
Hash identifier:          5vYLI/5h54DHiQvaNO6Px4T+Fes1GIODe0Co3IFIXFk=
Subject key identifier:   1A:10:47:98:39:5F:78:E8:1B:10:D3:58:D4:0D:D8:AE:C3:B5:3C:2A
Certificate issuer:       /CN=A91E2F80/serialNumber=F410C483A4C8C916FFD4CF420C4C110889798891
Certificate serial:       01BA
Authority key identifier: F4:10:C4:83:A4:C8:C9:16:FF:D4:CF:42:0C:4C:11:08:89:79:88:91
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/DAC9D5960C7E11EF9A189E18C4F9AE02.roa
Signing time:             Wed 01 Jul 2026 06:31:22 +0000
ROA not before:           Wed 01 Jul 2026 06:31:22 +0000
ROA not after:            Fri 30 Oct 2026 00:00:00 +0000
asID:                     152711
IP address blocks:        103.51.62.0/24 maxlen: 24
                          103.51.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/9BDEg6TIyRb_1M9CDEwRCIl5iJE.crl
                          rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/9BDEg6TIyRb_1M9CDEwRCIl5iJE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 05:12:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 442 (0x1ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E2F80, serialNumber=F410C483A4C8C916FFD4CF420C4C110889798891
        Validity
            Not Before: Jul  1 06:31:22 2026 GMT
            Not After : Oct 30 00:00:00 2026 GMT
        Subject: CN=6a44b439-86a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:74:e2:d9:56:61:af:55:36:4c:07:23:b5:71:
                    d5:b4:18:7b:ad:06:73:eb:3b:0a:40:86:26:55:5d:
                    0b:b2:c2:e9:0a:7c:66:f0:9c:7a:42:6c:a1:18:d3:
                    2e:fa:fa:a1:47:33:73:b8:d5:de:8f:88:f9:25:b4:
                    68:a6:70:39:0b:d2:3f:66:27:d3:de:3c:9d:9d:26:
                    b9:8f:64:c0:b9:3b:98:75:93:56:e7:01:c4:c4:e5:
                    a9:8b:d7:d0:10:56:2b:b4:12:e4:55:c5:4c:a0:16:
                    ac:82:84:36:0a:63:c6:b3:70:59:21:9c:90:e3:b8:
                    f2:d8:0d:65:f4:a4:4e:0d:55:61:4a:a9:c7:14:f1:
                    42:b5:21:dd:fe:04:88:1c:4e:82:11:c5:9a:0e:b0:
                    b3:97:df:c7:b9:03:ef:9f:bf:61:90:d4:a1:ee:b9:
                    29:86:fa:6c:bd:8c:5f:0f:13:74:cf:44:ba:a2:16:
                    68:4a:7d:f8:91:4d:39:e4:31:cc:5d:08:da:f9:2c:
                    e6:64:d6:45:6b:1d:9e:f2:b9:33:2a:b7:cd:52:1d:
                    34:6e:b4:c6:fa:cf:04:bc:89:e7:21:92:18:b5:96:
                    48:cb:c9:c5:40:7a:04:96:c7:0f:01:90:9d:23:bd:
                    b5:3c:9e:b5:91:61:99:1d:f5:b8:51:24:cf:53:57:
                    fe:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:10:47:98:39:5F:78:E8:1B:10:D3:58:D4:0D:D8:AE:C3:B5:3C:2A
            X509v3 Authority Key Identifier:
                keyid:F4:10:C4:83:A4:C8:C9:16:FF:D4:CF:42:0C:4C:11:08:89:79:88:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/9BDEg6TIyRb_1M9CDEwRCIl5iJE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9BDEg6TIyRb_1M9CDEwRCIl5iJE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2F80/94C54B80039511EF85B69F4EC4F9AE02/DAC9D5960C7E11EF9A189E18C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:18:a6:8f:f5:af:86:39:99:56:24:89:29:71:d7:3e:1d:5d:
         f7:99:cd:c2:cf:38:86:ec:a3:b3:75:e1:7a:6e:bf:2d:d8:55:
         d2:ab:a9:c4:24:bd:b7:17:06:f3:4d:6d:0f:bc:cd:39:99:67:
         1f:aa:a6:1e:d1:01:58:e8:ab:9b:9b:63:78:2a:ad:b6:ee:f9:
         71:5d:41:72:36:14:4f:e9:99:d0:07:fb:f0:48:99:d7:fd:76:
         f0:84:fa:2b:a6:b4:d5:b4:e2:b9:8b:cb:94:a2:c2:15:50:70:
         6a:3f:fa:00:2a:de:58:b7:56:be:41:a1:e3:6b:dc:75:fb:d6:
         82:8b:6c:36:db:9e:22:e5:de:8e:10:7a:3a:ab:21:ad:32:9b:
         91:62:03:95:18:1e:98:61:9a:ac:33:f3:72:25:4a:39:2c:a8:
         e4:e0:fc:76:98:a1:0b:da:45:db:13:04:0b:4d:5c:1a:21:e8:
         f3:c0:08:35:f0:70:08:38:99:a1:e7:5c:a9:ee:f6:ec:9b:26:
         17:d4:b4:d9:6e:3b:e1:fb:bb:3a:d6:55:26:ea:71:38:91:47:
         b1:88:4c:b0:3d:6c:4e:52:cf:15:56:3f:7c:32:c9:63:96:6a:
         08:dd:20:6f:7b:0f:73:f8:52:ec:0c:bc:83:57:e7:00:12:d8:
         fe:f6:78:dd
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTJGODAxMTAvBgNVBAUTKEY0MTBDNDgzQTRDOEM5MTZGRkQ0Q0Y0MjBDNEMxMTA4
ODk3OTg4OTEwHhcNMjYwNzAxMDYzMTIyWhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0YjQzOS04NmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA33Ti2VZhr1U2TAcjtXHVtBh7rQZz6zsKQIYmVV0LssLpCnxm8Jx6QmyhGNMu
+vqhRzNzuNXej4j5JbRopnA5C9I/ZifT3jydnSa5j2TAuTuYdZNW5wHExOWpi9fQ
EFYrtBLkVcVMoBasgoQ2CmPGs3BZIZyQ47jy2A1l9KRODVVhSqnHFPFCtSHd/gSI
HE6CEcWaDrCzl9/HuQPvn79hkNSh7rkphvpsvYxfDxN0z0S6ohZoSn34kU055DHM
XQja+SzmZNZFax2e8rkzKrfNUh00brTG+s8EvInnIZIYtZZIy8nFQHoElscPAZCd
I721PJ61kWGZHfW4USTPU1f+TQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBoQR5g5
X3joGxDTWNQN2K7DtTwqMB8GA1UdIwQYMBaAFPQQxIOkyMkW/9TPQgxMEQiJeYiR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkY4MC85NEM1NEI4MDAz
OTUxMUVGODVCNjlGNEVDNEY5QUUwMi85QkRFZzZUSXlSYl8xTTlDREV3UkNJbDVp
SkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlCREVnNlRJeVJiXzFNOUNERXdSQ0lsNWlKRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTJGODAvOTRDNTRCODAwMzk1MTFFRjg1QjY5RjRFQzRGOUFFMDIvREFDOUQ1OTYw
QzdFMTFFRjlBMTg5RTE4QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBZzM+MA0GCSqGSIb3DQEBCwUAA4IBAQAhGKaP9a+GOZlWJIkpcdc+
HV33mc3CzziG7KOzdeF6br8t2FXSq6nEJL23FwbzTW0PvM05mWcfqqYe0QFY6Kub
m2N4Kq227vlxXUFyNhRP6ZnQB/vwSJnX/XbwhPorprTVtOK5i8uUosIVUHBqP/oA
Kt5Yt1a+QaHja9x1+9aCi2w2254i5d6OEHo6qyGtMpuRYgOVGB6YYZqsM/NyJUo5
LKjk4Px2mKEL2kXbEwQLTVwaIejzwAg18HAIOJmh51yp7vbsmyYX1LTZbjvh+7s6
1lUm6nE4kUexiEywPWxOUs8VVj98MsljlmoI3SBvew9z+FLsDLyDV+cAEtj+9njd
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:49:14 2026 by rpki-client