Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4023/613E3E9E011411EAAADAB253C4F9AE02/E14507F8011411EAAB0EF153C4F9AE02.roa
File:                     E14507F8011411EAAB0EF153C4F9AE02.roa (raw, json)
Hash identifier:          qiDkvBGA0vQoRNYuuefBl5X6My9S37pGkNHkOEYdfqI=
Subject key identifier:   72:7E:86:0B:57:76:B7:70:9C:67:61:0A:BF:64:62:ED:1B:2D:26:65
Certificate issuer:       /CN=A91E4023/serialNumber=6727B8F433EF2FE080842C6EE8A6CC3DC244626F
Certificate serial:       0D41
Authority key identifier: 67:27:B8:F4:33:EF:2F:E0:80:84:2C:6E:E8:A6:CC:3D:C2:44:62:6F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zye49DPvL-CAhCxu6KbMPcJEYm8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4023/613E3E9E011411EAAADAB253C4F9AE02/E14507F8011411EAAB0EF153C4F9AE02.roa
Signing time:             Sat 04 Jul 2026 18:18:42 +0000
ROA not before:           Sat 04 Jul 2026 18:18:42 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     132829
IP address blocks:        103.69.211.0/24 maxlen: 24
                          119.42.48.0/24 maxlen: 24
                          119.42.51.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4023/613E3E9E011411EAAADAB253C4F9AE02/Zye49DPvL-CAhCxu6KbMPcJEYm8.crl
                          rsync://rpki.apnic.net/member_repository/A91E4023/613E3E9E011411EAAADAB253C4F9AE02/Zye49DPvL-CAhCxu6KbMPcJEYm8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zye49DPvL-CAhCxu6KbMPcJEYm8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 18:33:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3393 (0xd41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4023, serialNumber=6727B8F433EF2FE080842C6EE8A6CC3DC244626F
        Validity
            Not Before: Jul  4 18:18:42 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a494e81-fb6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ed:0b:1c:c3:d1:59:6a:3d:26:f0:5c:35:ae:
                    b5:97:8a:8d:70:59:2c:cc:6b:42:75:8a:33:92:0d:
                    f3:9e:03:38:94:76:84:e5:79:17:78:c1:de:7c:14:
                    93:ca:8d:0b:a2:34:e9:4c:2d:ae:45:58:1b:d6:62:
                    a4:e2:95:26:a7:cc:33:f5:e8:86:fd:79:39:93:b0:
                    0c:7e:4c:ef:09:a9:bb:36:dd:7c:72:0e:43:5f:57:
                    62:b3:aa:de:c0:3b:21:49:36:01:b4:38:41:ef:d4:
                    b5:09:7c:8e:a1:63:b9:b7:db:4d:3a:6e:d8:97:c3:
                    85:d0:fd:95:ad:bd:75:ea:6b:12:57:83:03:4e:ef:
                    5f:7d:7a:29:ef:0a:5c:0a:0c:d2:27:c1:44:ea:c3:
                    68:65:ba:ed:09:ac:97:0c:2a:ce:bd:5b:e4:a9:14:
                    2f:96:c2:e0:01:e0:13:0a:1b:47:aa:10:59:a0:50:
                    5a:a7:ed:ea:15:37:d6:73:9a:63:96:4e:b3:dd:bc:
                    75:7f:92:18:98:a4:ec:ca:22:16:15:2f:1b:87:91:
                    0c:3d:ca:55:4e:ab:76:50:a3:d5:d6:44:c0:02:22:
                    b0:35:7a:b0:26:4f:44:88:f0:50:44:b1:0c:92:ad:
                    e5:19:f3:86:d2:15:9a:a5:60:1c:e2:0e:c7:29:5c:
                    4b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7E:86:0B:57:76:B7:70:9C:67:61:0A:BF:64:62:ED:1B:2D:26:65
            X509v3 Authority Key Identifier:
                keyid:67:27:B8:F4:33:EF:2F:E0:80:84:2C:6E:E8:A6:CC:3D:C2:44:62:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4023/613E3E9E011411EAAADAB253C4F9AE02/Zye49DPvL-CAhCxu6KbMPcJEYm8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zye49DPvL-CAhCxu6KbMPcJEYm8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4023/613E3E9E011411EAAADAB253C4F9AE02/E14507F8011411EAAB0EF153C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.211.0/24
                  119.42.48.0/24
                  119.42.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:3f:b5:97:34:4f:19:e6:f0:e3:06:c1:dc:fa:59:2c:f5:40:
         7d:03:9a:af:bf:2b:de:fb:49:64:70:c3:44:c2:d1:95:8e:44:
         4d:b8:56:bf:b6:be:25:15:2e:c6:49:90:f9:fe:3e:e0:ed:45:
         95:07:8b:d8:82:91:b8:09:5a:f7:5e:4f:f4:0a:0c:f4:f3:54:
         5a:e4:b7:a2:54:a9:87:c6:b6:17:f3:e5:95:d9:67:82:46:47:
         0e:8b:8b:77:d2:1d:87:9a:f1:f3:03:94:a7:35:21:47:33:28:
         57:0d:e5:fd:34:1e:e6:86:78:f1:8b:8e:5e:09:90:8a:90:91:
         fb:2d:4e:0e:a1:ed:4b:8d:19:d8:ff:fe:61:4f:77:98:b2:1c:
         59:22:de:b1:b0:63:4c:21:d5:2a:31:04:c1:db:c5:d1:6d:3b:
         02:af:d6:e5:08:bc:da:31:d8:2a:db:e5:c7:20:87:43:76:e5:
         71:c9:1f:de:99:d5:23:1b:02:1e:00:29:9a:ea:b1:15:15:a4:
         1a:b1:91:f6:5d:0d:12:83:7e:c1:87:ee:c3:39:60:c8:68:27:
         8c:3d:01:7f:7b:f9:28:d8:87:9f:43:ab:fd:c6:9a:e6:8c:18:
         a9:42:93:e6:07:1d:52:ee:4d:43:86:33:79:bf:3f:47:96:04:
         2b:d1:b6:8b
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICDUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQwMjMxMTAvBgNVBAUTKDY3MjdCOEY0MzNFRjJGRTA4MDg0MkM2RUU4QTZDQzNE
QzI0NDYyNkYwHhcNMjYwNzA0MTgxODQyWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5NGU4MS1mYjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAue0LHMPRWWo9JvBcNa61l4qNcFkszGtCdYozkg3zngM4lHaE5XkXeMHefBST
yo0LojTpTC2uRVgb1mKk4pUmp8wz9eiG/Xk5k7AMfkzvCam7Nt18cg5DX1dis6re
wDshSTYBtDhB79S1CXyOoWO5t9tNOm7Yl8OF0P2Vrb116msSV4MDTu9ffXop7wpc
CgzSJ8FE6sNoZbrtCayXDCrOvVvkqRQvlsLgAeATChtHqhBZoFBap+3qFTfWc5pj
lk6z3bx1f5IYmKTsyiIWFS8bh5EMPcpVTqt2UKPV1kTAAiKwNXqwJk9EiPBQRLEM
kq3lGfOG0hWapWAc4g7HKVxLEQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFHJ+hgtX
drdwnGdhCr9kYu0bLSZlMB8GA1UdIwQYMBaAFGcnuPQz7y/ggIQsbuimzD3CRGJv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDAyMy82MTNFM0U5RTAx
MTQxMUVBQUFEQUIyNTNDNEY5QUUwMi9aeWU0OURQdkwtQ0FoQ3h1NktiTVBjSkVZ
bTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p5ZTQ5RFB2TC1DQWhDeHU2S2JNUGNKRVltOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQwMjMvNjEzRTNFOUUwMTE0MTFFQUFBREFCMjUzQzRGOUFFMDIvRTE0NTA3Rjgw
MTE0MTFFQUFCMEVGMTUzQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQAZ0XTAwQAdyowAwQAdyozMA0GCSqGSIb3DQEBCwUAA4IBAQCXP7WX
NE8Z5vDjBsHc+lks9UB9A5qvvyve+0lkcMNEwtGVjkRNuFa/tr4lFS7GSZD5/j7g
7UWVB4vYgpG4CVr3Xk/0Cgz081Ra5LeiVKmHxrYX8+WV2WeCRkcOi4t30h2HmvHz
A5SnNSFHMyhXDeX9NB7mhnjxi45eCZCKkJH7LU4Ooe1LjRnY//5hT3eYshxZIt6x
sGNMIdUqMQTB28XRbTsCr9blCLzaMdgq2+XHIIdDduVxyR/emdUjGwIeACma6rEV
FaQasZH2XQ0Sg37Bh+7DOWDIaCeMPQF/e/ko2IefQ6v9xprmjBipQpPmBx1S7k1D
hjN5vz9HlgQr0baL
-----END CERTIFICATE-----
Generated at Thu Jul 9 13:39:45 2026 by rpki-client