Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/A30B17FAA81911EF862F3A56C4F9AE02.roa
File:                     A30B17FAA81911EF862F3A56C4F9AE02.roa (raw, json)
Hash identifier:          vVE/wYQljIOEW6qq0MvXd9SjBMo9AS5Tw8SXEPHuwyo=
Subject key identifier:   8F:2C:F2:FB:6F:58:CC:A8:01:F8:97:EE:60:5E:4F:9F:A3:E0:14:F8
Certificate issuer:       /CN=A91E520F/serialNumber=B1BD4DB021F54C7263F3C3535F8836849BA2E60E
Certificate serial:       013C
Authority key identifier: B1:BD:4D:B0:21:F5:4C:72:63:F3:C3:53:5F:88:36:84:9B:A2:E6:0E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sb1NsCH1THJj88NTX4g2hJui5g4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/A30B17FAA81911EF862F3A56C4F9AE02.roa
Signing time:             Thu 09 Jul 2026 07:33:13 +0000
ROA not before:           Thu 09 Jul 2026 07:33:13 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     151358
IP address blocks:        103.151.210.0/24 maxlen: 24
                          2001:df5:a900::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.crl
                          rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sb1NsCH1THJj88NTX4g2hJui5g4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 06:39:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 316 (0x13c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E520F, serialNumber=B1BD4DB021F54C7263F3C3535F8836849BA2E60E
        Validity
            Not Before: Jul  9 07:33:13 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4f4eb9-87f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:10:ee:5c:bb:f3:45:54:e0:1e:b7:de:57:d4:
                    69:23:aa:68:60:0d:73:00:69:29:0c:35:71:2e:1a:
                    a9:48:62:27:25:0a:f7:45:0e:27:ce:58:de:b1:7c:
                    c4:55:50:e7:24:e6:55:5e:5a:d7:1c:85:42:79:2e:
                    46:2e:23:32:08:62:37:f7:66:05:20:2b:8c:85:d5:
                    f2:63:9c:99:ac:26:be:2e:37:ba:c3:a2:d6:84:62:
                    23:e8:0f:85:ed:72:8c:8e:b0:11:6e:d0:88:75:0b:
                    0c:6d:5c:ed:40:ab:5a:9e:2a:d8:d7:ee:d8:73:36:
                    2f:0a:3a:ed:11:a9:4f:2e:9f:8a:13:aa:3c:ea:9f:
                    3c:ab:a6:2f:3e:0c:b6:79:b7:05:c7:e3:eb:dc:e5:
                    04:73:e6:93:22:ff:1f:1b:f2:1b:be:2b:05:08:f0:
                    df:a7:05:67:1a:2e:a7:a0:7b:63:9d:c8:ee:db:d2:
                    a0:af:f3:df:7a:e3:53:c7:e7:c8:85:b3:7f:42:77:
                    99:75:82:a0:6e:64:4e:97:f9:24:62:51:55:0b:72:
                    7a:5c:91:73:df:60:53:f4:e7:f4:33:72:77:a5:8c:
                    5b:92:28:08:b5:13:5d:b2:90:ca:9f:d1:05:5a:d9:
                    66:6e:ae:13:b3:49:76:21:11:7c:8f:c2:99:06:d8:
                    35:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:2C:F2:FB:6F:58:CC:A8:01:F8:97:EE:60:5E:4F:9F:A3:E0:14:F8
            X509v3 Authority Key Identifier:
                keyid:B1:BD:4D:B0:21:F5:4C:72:63:F3:C3:53:5F:88:36:84:9B:A2:E6:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sb1NsCH1THJj88NTX4g2hJui5g4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/A30B17FAA81911EF862F3A56C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.210.0/24
                IPv6:
                  2001:df5:a900::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:ee:d0:9a:2e:bc:71:c4:ce:d5:13:11:7b:c0:b2:81:27:cb:
         51:c0:06:a6:99:11:c4:d8:5f:2f:99:80:ac:ed:7b:14:cf:e6:
         ac:5a:2a:0d:c4:64:c8:f4:05:3a:b5:24:f5:c9:39:3a:95:7e:
         df:f8:99:30:b2:66:a9:43:41:2f:f7:00:8c:20:cb:29:1a:2b:
         40:99:5a:fa:a4:c9:69:89:7b:92:86:30:c4:d7:c6:6a:b2:f7:
         35:78:eb:3f:2b:26:49:f0:97:34:54:31:8e:c7:35:b0:9f:26:
         a7:59:d5:9c:a0:3c:bb:5d:20:a0:ca:fc:76:62:48:be:c9:f0:
         5c:b4:a1:8e:e1:cd:d8:c2:20:10:b3:dd:af:4e:98:e3:7a:07:
         f5:cd:cd:8f:b2:b9:18:f7:1a:3b:b2:3d:2a:ea:07:d3:a3:1d:
         d1:da:84:34:39:15:0f:c0:df:72:a7:3f:7e:ec:07:01:97:b1:
         f3:93:dd:64:93:ff:c3:b1:e2:30:b3:11:22:04:46:ba:d3:30:
         b7:bf:7e:d8:67:5d:f7:23:93:4e:1c:48:f9:ce:a8:60:2d:b3:
         a9:d2:22:9a:80:fb:7c:89:be:cf:62:ba:f6:77:d8:4b:c6:f7:
         1f:5a:cd:86:d3:ef:f3:50:74:54:b1:f5:49:94:22:1d:9c:02:
         44:c7:a5:0d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUyMEYxMTAvBgNVBAUTKEIxQkQ0REIwMjFGNTRDNzI2M0YzQzM1MzVGODgzNjg0
OUJBMkU2MEUwHhcNMjYwNzA5MDczMzEzWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRmNGViOS04N2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtxDuXLvzRVTgHrfeV9RpI6poYA1zAGkpDDVxLhqpSGInJQr3RQ4nzljesXzE
VVDnJOZVXlrXHIVCeS5GLiMyCGI392YFICuMhdXyY5yZrCa+Lje6w6LWhGIj6A+F
7XKMjrARbtCIdQsMbVztQKtanirY1+7YczYvCjrtEalPLp+KE6o86p88q6YvPgy2
ebcFx+Pr3OUEc+aTIv8fG/IbvisFCPDfpwVnGi6noHtjncju29Kgr/PfeuNTx+fI
hbN/QneZdYKgbmROl/kkYlFVC3J6XJFz32BT9Of0M3J3pYxbkigItRNdspDKn9EF
Wtlmbq4Ts0l2IRF8j8KZBtg1fwIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFI8s8vtv
WMyoAfiX7mBeT5+j4BT4MB8GA1UdIwQYMBaAFLG9TbAh9UxyY/PDU1+INoSbouYO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTIwRi80MUNDQkM2RUE4
MTkxMUVGQjlCREVENzFDNEY5QUUwMi9zYjFOc0NIMVRISmo4OE5UWDRnMmhKdWk1
ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NiMU5zQ0gxVEhKajg4TlRYNGcyaEp1aTVnNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUyMEYvNDFDQ0JDNkVBODE5MTFFRkI5QkRFRDcxQzRGOUFFMDIvQTMwQjE3RkFB
ODE5MTFFRjg2MkYzQTU2QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQAZ5fSMA8EAgACMAkDBwAgAQ31qQAwDQYJKoZIhvcNAQELBQADggEB
AAXu0JouvHHEztUTEXvAsoEny1HABqaZEcTYXy+ZgKztexTP5qxaKg3EZMj0BTq1
JPXJOTqVft/4mTCyZqlDQS/3AIwgyykaK0CZWvqkyWmJe5KGMMTXxmqy9zV46z8r
JknwlzRUMY7HNbCfJqdZ1ZygPLtdIKDK/HZiSL7J8Fy0oY7hzdjCIBCz3a9OmON6
B/XNzY+yuRj3GjuyPSrqB9OjHdHahDQ5FQ/A33KnP37sBwGXsfOT3WST/8Ox4jCz
ESIERrrTMLe/fthnXfcjk04cSPnOqGAts6nSIpqA+3yJvs9iuvZ32EvG9x9azYbT
7/NQdFSx9UmUIh2cAkTHpQ0=
-----END CERTIFICATE-----
Generated at Sat Jul 18 02:21:21 2026 by rpki-client