Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa
File:                     14ED07C27B8D11EDB395B621C4F9AE02.roa (raw, json)
Hash identifier:          8IEOcn859bdj07hvdLHHiu5te9v+Mf6Y9BRqk4uy5v8=
Subject key identifier:   62:D5:3E:16:E5:AE:5E:A9:00:75:E3:08:1F:81:60:94:09:06:84:3B
Certificate issuer:       /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1
Certificate serial:       0EF4
Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa
Signing time:             Thu 16 Jul 2026 18:18:32 +0000
ROA not before:           Thu 16 Jul 2026 18:18:32 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     134190
IP address blocks:        103.117.128.0/24 maxlen: 24
                          103.117.129.0/24 maxlen: 24
                          103.117.129.0/25 maxlen: 32
                          103.117.129.128/25 maxlen: 32
                          103.117.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl
                          rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 18:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3828 (0xef4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA7B2, serialNumber=1156205EC7380A00F10F3410114D040357F00FF1
        Validity
            Not Before: Jul 16 18:18:32 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a592078-26ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:68:71:51:c4:d1:42:c8:6c:26:b2:66:93:69:
                    00:30:42:2e:2e:df:46:c7:d7:52:d1:7a:7b:69:24:
                    0a:c9:77:be:15:87:cb:28:14:28:49:c0:2b:cb:83:
                    58:f2:05:ea:20:4f:fe:20:19:67:76:4b:21:37:69:
                    f5:24:87:d9:1d:fa:9d:93:03:f8:17:67:de:24:bf:
                    43:75:3b:8d:99:1c:a4:dc:59:89:5a:04:2d:27:bb:
                    53:8a:fb:a2:15:47:e1:9e:1d:3a:35:fe:e9:3b:f4:
                    aa:ef:fc:50:31:11:11:ba:a0:cc:4c:f2:3c:73:7a:
                    d1:37:fa:78:f2:35:64:a2:1c:75:a0:f9:a0:d3:c0:
                    a3:ed:66:de:50:d1:f2:14:52:67:e1:c3:3b:3c:6f:
                    15:a4:10:87:d2:45:f3:a3:f6:6f:e1:20:d9:dd:59:
                    a9:4f:a1:35:92:94:75:76:8c:e9:23:d0:24:1e:17:
                    38:67:63:9d:53:94:d9:35:36:ff:36:c7:b9:d7:b8:
                    1c:23:9b:b7:05:97:4e:54:93:75:72:09:2a:c7:90:
                    0b:0e:f4:a8:f9:f9:c3:3c:93:2f:7d:78:5d:93:fa:
                    59:b6:af:0b:05:90:2f:6c:45:ef:53:73:51:84:11:
                    5d:97:a0:bc:f3:1f:ab:f8:9b:1c:35:e7:a7:01:e9:
                    39:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:D5:3E:16:E5:AE:5E:A9:00:75:E3:08:1F:81:60:94:09:06:84:3B
            X509v3 Authority Key Identifier:
                keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.128.0/23
                  103.117.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:c5:7b:1d:ae:fb:7d:17:d9:6b:64:73:d2:0b:33:ee:9a:48:
         a2:e9:87:01:72:f0:28:03:d7:5c:27:ac:29:10:5f:d4:68:73:
         1d:3a:d1:0d:a5:be:28:ff:5f:ad:d9:14:3e:52:37:2c:f9:6d:
         6c:6b:8b:46:9c:3b:de:b1:47:18:21:a3:d5:cf:92:04:df:31:
         c1:73:2a:6c:ac:84:2d:27:5f:37:00:5a:b9:d3:39:a3:2b:b3:
         e2:1d:86:db:af:5d:8d:4b:e6:66:cf:57:24:da:24:b1:08:ba:
         c5:33:65:52:1c:95:5c:21:16:12:44:14:d7:92:42:39:33:f9:
         f8:73:27:dc:ea:9e:2b:6d:08:32:e8:11:6a:8c:56:93:88:b5:
         c7:8b:b4:83:e6:bf:6f:ce:16:1d:98:be:8b:74:08:7c:2a:85:
         1e:88:31:64:f0:1a:98:2c:9f:c8:f3:9b:7a:d7:5b:2c:bd:36:
         d1:be:f9:ee:cb:ec:e2:ef:ea:0d:e2:98:a6:f2:85:2f:87:8b:
         9f:14:52:b7:cc:23:1d:82:ca:82:fd:ae:82:a8:22:cf:d2:78:
         1b:66:d2:ab:94:ee:d4:bb:72:4f:fd:8e:fe:42:e4:68:ea:84:
         d8:85:47:d9:2c:22:21:04:17:1f:0b:ed:bf:11:30:da:dc:d8:
         5a:49:13:fd
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICDvQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz
NTdGMDBGRjEwHhcNMjYwNzE2MTgxODMyWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU5MjA3OC0yNmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoWhxUcTRQshsJrJmk2kAMEIuLt9Gx9dS0Xp7aSQKyXe+FYfLKBQoScAry4NY
8gXqIE/+IBlndkshN2n1JIfZHfqdkwP4F2feJL9DdTuNmRyk3FmJWgQtJ7tTivui
FUfhnh06Nf7pO/Sq7/xQMRERuqDMTPI8c3rRN/p48jVkohx1oPmg08Cj7WbeUNHy
FFJn4cM7PG8VpBCH0kXzo/Zv4SDZ3VmpT6E1kpR1dozpI9AkHhc4Z2OdU5TZNTb/
Nse517gcI5u3BZdOVJN1cgkqx5ALDvSo+fnDPJMvfXhdk/pZtq8LBZAvbEXvU3NR
hBFdl6C88x+r+JscNeenAek5xwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFGLVPhbl
rl6pAHXjCB+BYJQJBoQ7MB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF
OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE
X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvMTRFRDA3QzI3
QjhEMTFFREIzOTVCNjIxQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQBZ3WAAwQAZ3WDMA0GCSqGSIb3DQEBCwUAA4IBAQA9xXsdrvt9F9lr
ZHPSCzPumkii6YcBcvAoA9dcJ6wpEF/UaHMdOtENpb4o/1+t2RQ+Ujcs+W1sa4tG
nDvesUcYIaPVz5IE3zHBcypsrIQtJ183AFq50zmjK7PiHYbbr12NS+Zmz1ck2iSx
CLrFM2VSHJVcIRYSRBTXkkI5M/n4cyfc6p4rbQgy6BFqjFaTiLXHi7SD5r9vzhYd
mL6LdAh8KoUeiDFk8BqYLJ/I85t611ssvTbRvvnuy+zi7+oN4pim8oUvh4ufFFK3
zCMdgsqC/a6CqCLP0ngbZtKrlO7Uu3JP/Y7+QuRo6oTYhUfZLCIhBBcfC+2/ETDa
3NhaSRP9
-----END CERTIFICATE-----
Generated at Sat Jul 18 11:18:21 2026 by rpki-client