Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/E7DFF7B8CA1D11EE8037E217C4F9AE02.roa
File:                     E7DFF7B8CA1D11EE8037E217C4F9AE02.roa (raw, json)
Hash identifier:          IXDMktuW1eMer2Jfj/UCXO4EyeiZ3TkOZOE5RKCxpb0=
Subject key identifier:   74:EA:7C:24:9C:EE:15:ED:C1:54:9E:B9:CE:05:24:E4:63:A6:A1:1D
Certificate issuer:       /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1
Certificate serial:       0EF6
Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/E7DFF7B8CA1D11EE8037E217C4F9AE02.roa
Signing time:             Thu 16 Jul 2026 18:18:36 +0000
ROA not before:           Thu 16 Jul 2026 18:18:36 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     140629
IP address blocks:        103.117.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl
                          rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Jul 2026 18:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3830 (0xef6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA7B2, serialNumber=1156205EC7380A00F10F3410114D040357F00FF1
        Validity
            Not Before: Jul 16 18:18:36 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a59207c-f069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:52:d9:d5:34:52:99:29:0f:9d:c7:40:54:30:
                    f4:2f:56:de:33:25:36:7f:70:cf:03:e1:41:ee:3d:
                    09:c6:f1:15:98:6c:d0:bc:3e:34:9e:d0:78:98:79:
                    f6:1a:89:77:32:73:b4:62:69:0e:b2:90:84:06:d7:
                    36:45:e3:19:4b:0e:f6:49:03:bc:e7:cb:d8:6b:cc:
                    c1:1d:d2:f0:fb:8c:e6:ae:17:da:69:64:00:a6:93:
                    92:21:da:9e:0a:57:d5:7e:cd:ff:82:ee:e5:dd:9d:
                    cf:82:eb:83:e5:41:20:54:7a:c3:fa:e8:ee:08:bd:
                    9c:ec:52:59:d6:65:21:94:5b:bb:87:33:24:0a:59:
                    5c:46:ae:18:e1:05:35:08:0f:69:36:62:10:f9:f8:
                    f3:ba:dc:02:96:50:af:52:7d:7e:49:d6:1a:44:12:
                    dc:65:bb:2c:f6:e2:bc:1e:dd:f1:c2:63:62:68:9b:
                    f9:ce:9f:f0:b1:f8:5b:e5:3f:cc:08:31:3c:58:48:
                    05:81:bc:75:d1:e5:40:20:74:36:59:f4:05:c1:cd:
                    ca:ce:ec:9c:27:ea:0b:a2:28:f9:f7:c8:4a:72:5b:
                    3a:4e:cc:87:a2:fe:83:f6:a8:4f:f7:7f:0d:48:de:
                    b5:d7:9f:f1:24:06:ee:e4:88:ab:94:d9:13:1b:b1:
                    9a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:EA:7C:24:9C:EE:15:ED:C1:54:9E:B9:CE:05:24:E4:63:A6:A1:1D
            X509v3 Authority Key Identifier:
                keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/E7DFF7B8CA1D11EE8037E217C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:37:0d:98:8e:ee:bb:7f:38:2b:b1:34:32:8b:f6:1b:dd:20:
         8d:7e:ba:20:4a:f5:b0:7f:8e:0b:a9:54:cb:ee:11:4a:c0:39:
         a9:65:4d:c2:f5:85:da:58:4d:e5:eb:43:2d:84:31:78:63:bf:
         7c:d3:a0:14:fe:f1:41:4c:c8:0d:27:42:57:0d:14:ab:d8:ca:
         fe:01:74:2f:0f:ef:43:11:e1:b2:a2:64:e3:26:f7:8a:08:08:
         ed:64:f2:18:42:3c:f9:87:68:93:be:fe:ec:58:63:68:5e:8c:
         68:f2:45:df:7f:d7:c1:ad:27:9b:19:8c:1e:84:fd:4e:d5:be:
         6c:ad:9e:d5:cd:36:a2:81:ef:98:15:5a:71:d7:2a:34:7f:78:
         4e:65:56:d7:50:e7:50:97:f4:b6:a2:4a:90:09:9f:34:8d:09:
         42:a5:7d:9d:c7:6a:33:63:2a:30:f7:ef:ae:3b:fd:5c:50:2e:
         dc:3d:0d:09:0c:9e:fc:ec:ee:b6:18:83:1a:6e:61:4d:da:52:
         88:41:c5:80:87:98:a5:95:3a:af:36:b3:16:76:a7:94:06:dc:
         a8:83:17:3f:d3:e1:e7:fd:20:a7:46:49:89:58:bb:6b:40:cf:
         55:e3:6a:a7:df:63:4e:ce:c1:dd:74:36:14:5c:d7:eb:65:21:
         50:13:94:29
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICDvYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz
NTdGMDBGRjEwHhcNMjYwNzE2MTgxODM2WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU5MjA3Yy1mMDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0FLZ1TRSmSkPncdAVDD0L1beMyU2f3DPA+FB7j0JxvEVmGzQvD40ntB4mHn2
Gol3MnO0YmkOspCEBtc2ReMZSw72SQO858vYa8zBHdLw+4zmrhfaaWQAppOSIdqe
ClfVfs3/gu7l3Z3PguuD5UEgVHrD+ujuCL2c7FJZ1mUhlFu7hzMkCllcRq4Y4QU1
CA9pNmIQ+fjzutwCllCvUn1+SdYaRBLcZbss9uK8Ht3xwmNiaJv5zp/wsfhb5T/M
CDE8WEgFgbx10eVAIHQ2WfQFwc3KzuycJ+oLoij598hKcls6TsyHov6D9qhP938N
SN6115/xJAbu5IirlNkTG7GaRQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFHTqfCSc
7hXtwVSeuc4FJORjpqEdMB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF
OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE
X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvRTdERkY3QjhD
QTFEMTFFRTgwMzdFMjE3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ3WCMA0GCSqGSIb3DQEBCwUAA4IBAQBjNw2Yju67fzgrsTQyi/Yb
3SCNfrogSvWwf44LqVTL7hFKwDmpZU3C9YXaWE3l60MthDF4Y79806AU/vFBTMgN
J0JXDRSr2Mr+AXQvD+9DEeGyomTjJveKCAjtZPIYQjz5h2iTvv7sWGNoXoxo8kXf
f9fBrSebGYwehP1O1b5srZ7VzTaige+YFVpx1yo0f3hOZVbXUOdQl/S2okqQCZ80
jQlCpX2dx2ozYyow9++uO/1cUC7cPQ0JDJ787O62GIMabmFN2lKIQcWAh5illTqv
NrMWdqeUBtyogxc/0+Hn/SCnRkmJWLtrQM9V42qn32NOzsHddDYUXNfrZSFQE5Qp
-----END CERTIFICATE-----
Generated at Sat Jul 18 13:33:37 2026 by rpki-client