Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4B86/9306A2C4F7E311EF8ADA8A41C4F9AE02/E2D9B7A6B32611F0BE8DF029C4F9AE02.roa
File:                     E2D9B7A6B32611F0BE8DF029C4F9AE02.roa (raw, json)
Hash identifier:          u+iVKkkYCJUO0WXOE68Cpj6tOjtVLvy0gYGY2wApXr4=
Subject key identifier:   FE:B5:13:FD:AD:0B:28:45:9F:05:1D:1D:AD:B4:E0:AB:6D:D7:BD:E5
Certificate issuer:       /CN=A91E4B86/serialNumber=14D5AD2722ACA86AD34F0F9A344726CB66980831
Certificate serial:       F8
Authority key identifier: 14:D5:AD:27:22:AC:A8:6A:D3:4F:0F:9A:34:47:26:CB:66:98:08:31
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FNWtJyKsqGrTTw-aNEcmy2aYCDE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4B86/9306A2C4F7E311EF8ADA8A41C4F9AE02/E2D9B7A6B32611F0BE8DF029C4F9AE02.roa
Signing time:             Sun 14 Jun 2026 04:51:41 +0000
ROA not before:           Sun 14 Jun 2026 04:51:41 +0000
ROA not after:            Sat 01 May 2027 00:00:00 +0000
asID:                     153551
IP address blocks:        103.95.211.0/24 maxlen: 24
                          2001:df4:f840::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4B86/9306A2C4F7E311EF8ADA8A41C4F9AE02/FNWtJyKsqGrTTw-aNEcmy2aYCDE.crl
                          rsync://rpki.apnic.net/member_repository/A91E4B86/9306A2C4F7E311EF8ADA8A41C4F9AE02/FNWtJyKsqGrTTw-aNEcmy2aYCDE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FNWtJyKsqGrTTw-aNEcmy2aYCDE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 07:19:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 248 (0xf8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4B86, serialNumber=14D5AD2722ACA86AD34F0F9A344726CB66980831
        Validity
            Not Before: Jun 14 04:51:41 2026 GMT
            Not After : May  1 00:00:00 2027 GMT
        Subject: CN=6a2e335d-ddfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c4:12:4c:c7:a7:fe:d4:9b:0c:f2:e6:16:d6:
                    2a:51:68:a2:c3:ce:d5:25:55:24:73:83:ab:3f:50:
                    f1:a6:e6:87:d7:cb:c8:2a:4f:82:2c:f1:61:68:51:
                    b2:60:ff:1b:52:1c:2d:c4:58:a8:c9:20:29:1b:23:
                    dd:fa:a6:7b:3e:e2:b4:a1:bd:2e:99:cd:dc:19:29:
                    dd:60:39:42:5d:a4:8c:21:39:73:3d:50:f8:a3:cd:
                    b2:45:68:ab:eb:25:f1:5e:14:ed:4f:33:8c:1d:61:
                    36:a9:76:db:32:40:4f:cc:61:2a:ca:33:d4:f6:25:
                    0e:cb:f7:58:1b:99:6b:81:73:72:c0:ae:ea:58:c7:
                    da:a1:40:33:4c:df:8c:63:27:8b:14:1c:2e:79:8e:
                    85:87:ab:08:b5:58:21:00:4f:78:c6:f9:b0:c3:8e:
                    54:ad:51:0c:6f:96:b0:dc:42:2c:56:02:64:da:8b:
                    7f:c2:ee:c5:9f:1e:ab:0f:62:37:f1:69:33:7c:8a:
                    4f:c0:1f:34:7d:29:95:05:57:54:7b:66:d0:d6:e4:
                    f9:b1:c5:64:76:a5:16:69:b0:57:05:55:09:65:0f:
                    4e:47:9d:e1:80:54:77:d9:8c:23:8a:e6:83:01:e4:
                    c4:7c:db:fb:5e:59:4a:8d:98:69:98:fa:a6:ce:f9:
                    c5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:B5:13:FD:AD:0B:28:45:9F:05:1D:1D:AD:B4:E0:AB:6D:D7:BD:E5
            X509v3 Authority Key Identifier:
                keyid:14:D5:AD:27:22:AC:A8:6A:D3:4F:0F:9A:34:47:26:CB:66:98:08:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4B86/9306A2C4F7E311EF8ADA8A41C4F9AE02/FNWtJyKsqGrTTw-aNEcmy2aYCDE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FNWtJyKsqGrTTw-aNEcmy2aYCDE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4B86/9306A2C4F7E311EF8ADA8A41C4F9AE02/E2D9B7A6B32611F0BE8DF029C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.95.211.0/24
                IPv6:
                  2001:df4:f840::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:76:04:63:2d:29:10:6d:b0:21:b8:dd:9e:d3:43:cd:d1:a6:
         f3:7d:7b:fe:1a:14:d6:4b:9c:38:af:b6:f3:74:2c:c4:1a:97:
         1d:f1:d1:01:d0:88:c0:3a:89:44:44:a4:4e:6e:97:d1:66:d8:
         6d:bb:90:ae:b1:bd:fe:6f:0f:9f:a1:de:b4:98:54:40:90:08:
         40:56:fd:80:3d:e3:a0:f4:66:02:11:66:6b:c2:43:4f:aa:19:
         44:03:1c:c1:b9:a6:fa:05:50:f7:fc:3e:64:4c:79:41:30:f6:
         a7:02:f0:c6:c9:65:bd:df:f8:bd:8f:ea:71:ea:78:17:c8:e2:
         bd:83:5f:bf:8b:48:30:f5:a0:72:c7:6c:14:b1:41:20:f4:2b:
         fc:93:b3:e3:54:58:13:79:5c:47:6d:85:1e:4b:ef:a0:e7:92:
         1a:62:90:59:af:9d:b9:5d:0c:0d:60:0f:70:cf:29:c9:2f:bc:
         36:9f:65:37:5c:16:7b:30:38:54:ce:d5:ca:c2:dc:c8:bf:11:
         ab:15:cd:f4:fd:9d:5b:44:db:c3:75:f2:10:fe:1a:d4:b2:83:
         ed:86:7b:e4:d6:e0:f3:4a:17:c3:7a:51:73:2b:dd:c7:70:c9:
         aa:d6:01:e0:36:c4:46:c2:1f:13:a7:e7:be:93:6b:df:49:35:
         1b:0a:22:9d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICAPgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRCODYxMTAvBgNVBAUTKDE0RDVBRDI3MjJBQ0E4NkFEMzRGMEY5QTM0NDcyNkNC
NjY5ODA4MzEwHhcNMjYwNjE0MDQ1MTQxWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTJlMzM1ZC1kZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqcQSTMen/tSbDPLmFtYqUWiiw87VJVUkc4OrP1DxpuaH18vIKk+CLPFhaFGy
YP8bUhwtxFioySApGyPd+qZ7PuK0ob0umc3cGSndYDlCXaSMITlzPVD4o82yRWir
6yXxXhTtTzOMHWE2qXbbMkBPzGEqyjPU9iUOy/dYG5lrgXNywK7qWMfaoUAzTN+M
YyeLFBwueY6Fh6sItVghAE94xvmww45UrVEMb5aw3EIsVgJk2ot/wu7Fnx6rD2I3
8WkzfIpPwB80fSmVBVdUe2bQ1uT5scVkdqUWabBXBVUJZQ9OR53hgFR32YwjiuaD
AeTEfNv7XllKjZhpmPqmzvnFewIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFP61E/2t
CyhFnwUdHa204Ktt173lMB8GA1UdIwQYMBaAFBTVrScirKhq008PmjRHJstmmAgx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEI4Ni85MzA2QTJDNEY3
RTMxMUVGOEFEQThBNDFDNEY5QUUwMi9GTld0SnlLc3FHclRUdy1hTkVjbXkyYVlD
REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZOV3RKeUtzcUdyVFR3LWFORWNteTJhWUNERS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRCODYvOTMwNkEyQzRGN0UzMTFFRjhBREE4QTQxQzRGOUFFMDIvRTJEOUI3QTZC
MzI2MTFGMEJFOERGMDI5QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQAZ1/TMA8EAgACMAkDBwAgAQ30+EAwDQYJKoZIhvcNAQELBQADggEB
AH12BGMtKRBtsCG43Z7TQ83RpvN9e/4aFNZLnDivtvN0LMQalx3x0QHQiMA6iURE
pE5ul9Fm2G27kK6xvf5vD5+h3rSYVECQCEBW/YA946D0ZgIRZmvCQ0+qGUQDHMG5
pvoFUPf8PmRMeUEw9qcC8MbJZb3f+L2P6nHqeBfI4r2DX7+LSDD1oHLHbBSxQSD0
K/yTs+NUWBN5XEdthR5L76DnkhpikFmvnbldDA1gD3DPKckvvDafZTdcFnswOFTO
1crC3Mi/EasVzfT9nVtE28N18hD+GtSyg+2Ge+TW4PNKF8N6UXMr3cdwyarWAeA2
xEbCHxOn576Ta99JNRsKIp0=
-----END CERTIFICATE-----
Generated at Sat Jul 18 08:22:01 2026 by rpki-client