Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/F87AC94C35BB11EDB0314E29C4F9AE02.roa
File:                     F87AC94C35BB11EDB0314E29C4F9AE02.roa (raw, json)
Hash identifier:          onIQBBgaYqQQQF/MByH2Uc0IXjytJM2CNUv7KzbvAOE=
Subject key identifier:   CB:0B:4E:80:83:CF:0F:3F:BB:3B:6D:68:1C:C4:DB:55:2E:88:11:DB
Certificate issuer:       /CN=A91F71E8/serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB
Certificate serial:       091D
Authority key identifier: B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/F87AC94C35BB11EDB0314E29C4F9AE02.roa
Signing time:             Tue 16 Jun 2026 17:20:03 +0000
ROA not before:           Tue 16 Jun 2026 17:20:02 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     137498
IP address blocks:        103.110.216.0/22 maxlen: 22
                          103.110.216.0/24 maxlen: 24
                          103.110.217.0/24 maxlen: 24
                          103.110.218.0/24 maxlen: 24
                          103.110.219.0/24 maxlen: 24
                          2402:9040::/32 maxlen: 32
                          2402:9040::/36 maxlen: 36
                          2402:9040:1000::/36 maxlen: 36
                          2402:9040:2000::/36 maxlen: 36
                          2402:9040:3000::/36 maxlen: 36
                          2402:9040:4000::/36 maxlen: 36
                          2402:9040:5000::/36 maxlen: 36
                          2402:9040:6000::/36 maxlen: 36
                          2402:9040:7000::/36 maxlen: 36
                          2402:9040:8000::/36 maxlen: 36
                          2402:9040:9000::/36 maxlen: 36
                          2402:9040:a000::/36 maxlen: 36
                          2402:9040:b000::/36 maxlen: 36
                          2402:9040:c000::/36 maxlen: 36
                          2402:9040:d000::/36 maxlen: 36
                          2402:9040:e000::/36 maxlen: 36
                          2402:9040:f000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.crl
                          rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 17:06:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2333 (0x91d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F71E8, serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB
        Validity
            Not Before: Jun 16 17:20:02 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6a3185c2-94af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c7:f1:1a:10:f2:4c:fb:bd:b7:74:47:32:a5:
                    83:d0:f9:4e:70:18:08:af:56:ba:1f:fb:6f:d7:20:
                    66:62:23:26:b4:f7:67:ce:71:74:8b:b1:26:33:85:
                    5c:d0:5d:03:1d:1c:bd:1c:54:ed:f2:16:28:69:24:
                    30:24:d5:df:c2:e9:12:c2:50:48:65:7e:2c:ba:09:
                    1d:b8:58:d4:28:bf:7e:e2:7a:25:b8:31:59:f6:62:
                    0d:e5:32:e5:d1:f2:7f:e5:b9:e0:a2:0e:b6:b2:d6:
                    b7:6a:d0:1f:9e:25:97:1d:37:e1:4f:d0:a6:81:6e:
                    39:9f:5d:f7:de:a4:e5:69:04:d2:25:e5:dc:94:67:
                    fb:73:a8:63:16:ac:f5:83:4d:e1:6d:36:f9:ea:9e:
                    e5:0b:c9:53:89:e2:73:d0:3a:2d:0e:8b:f6:99:27:
                    be:4c:09:df:0c:be:41:42:ff:f1:94:9b:5a:41:d1:
                    ab:d8:6e:76:30:24:d8:0c:0b:8c:a0:b9:a7:a0:2f:
                    9a:f1:2b:2f:1e:56:3d:16:65:79:ef:85:96:a6:00:
                    84:95:9d:b6:a2:5d:54:7b:7e:3d:6c:1c:4d:1e:cb:
                    d2:57:4b:6b:d5:34:25:cc:bd:fc:1a:e9:ad:c1:15:
                    8b:2b:ef:9e:57:89:22:b9:03:7d:ff:f2:b5:93:19:
                    48:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:0B:4E:80:83:CF:0F:3F:BB:3B:6D:68:1C:C4:DB:55:2E:88:11:DB
            X509v3 Authority Key Identifier:
                keyid:B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/F87AC94C35BB11EDB0314E29C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.216.0/22
                IPv6:
                  2402:9040::/32

    Signature Algorithm: sha256WithRSAEncryption
         8a:c1:71:e4:79:c1:10:c2:16:9e:d4:20:30:bb:e7:87:fc:c2:
         7d:4c:b4:64:29:69:fa:60:dd:60:49:79:22:32:38:80:37:b3:
         3e:ed:11:eb:fb:28:de:19:d9:46:6c:7c:b4:e5:03:de:ce:62:
         36:32:1c:f0:97:ce:03:2e:60:06:b3:d9:a5:78:d8:20:3a:96:
         80:f0:1d:a3:10:eb:60:0b:ef:31:d3:f1:04:d0:0f:c2:9a:ae:
         8e:f7:d1:5d:8e:01:48:9b:37:eb:f0:d1:a8:e6:33:a4:05:bf:
         af:a5:56:7a:9e:c1:80:b7:95:be:c5:f7:35:89:6f:ee:9f:8d:
         18:08:61:32:48:a5:91:c3:75:b1:41:23:23:82:62:cf:78:6b:
         43:93:80:d9:c1:57:dc:26:9a:94:46:08:4e:a5:e3:a3:dd:56:
         0d:c6:6c:2d:19:78:e8:ce:c7:8a:b2:7e:78:6c:3a:87:b2:13:
         af:86:2f:ea:72:41:e4:3a:9b:b4:a5:bd:aa:a0:ae:fd:d0:ee:
         2b:6b:15:78:3c:7f:cc:1e:3e:be:dc:75:41:f4:54:5d:4d:2b:
         60:9e:41:53:ba:3e:6b:f1:33:06:0c:07:5c:90:1e:ea:c0:37:
         39:a0:46:fe:cf:75:e2:5d:43:1c:c9:30:c2:dd:21:b1:2b:94:
         5c:50:e9:8f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICCR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjcxRTgxMTAvBgNVBAUTKEIzRDc5Mzc5MEUxMTRBQzhGOERDODJCQUUzM0MxRDky
QkRCREI1RUIwHhcNMjYwNjE2MTcyMDAyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTMxODVjMi05NGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq8fxGhDyTPu9t3RHMqWD0PlOcBgIr1a6H/tv1yBmYiMmtPdnznF0i7EmM4Vc
0F0DHRy9HFTt8hYoaSQwJNXfwukSwlBIZX4sugkduFjUKL9+4noluDFZ9mIN5TLl
0fJ/5bngog62sta3atAfniWXHTfhT9CmgW45n1333qTlaQTSJeXclGf7c6hjFqz1
g03hbTb56p7lC8lTieJz0DotDov2mSe+TAnfDL5BQv/xlJtaQdGr2G52MCTYDAuM
oLmnoC+a8SsvHlY9FmV574WWpgCElZ22ol1Ue349bBxNHsvSV0tr1TQlzL38Gumt
wRWLK++eV4kiuQN9//K1kxlIywIDAQABo4ICbzCCAmswHQYDVR0OBBYEFMsLToCD
zw8/uzttaBzE21UuiBHbMB8GA1UdIwQYMBaAFLPXk3kOEUrI+NyCuuM8HZK9vbXr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzFFOC82MkI3ODdBMEVF
RTQxMUU4OUU2NjVENERDNEY5QUUwMi9zOWVUZVE0UlNzajQzSUs2NHp3ZGtyMjl0
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3M5ZVRlUTRSU3NqNDNJSzY0endka3IyOXRlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjcxRTgvNjJCNzg3QTBFRUU0MTFFODlFNjY1RDREQzRGOUFFMDIvRjg3QUM5NEMz
NUJCMTFFREIwMzE0RTI5QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCZ27YMA0EAgACMAcDBQAkApBAMA0GCSqGSIb3DQEBCwUAA4IBAQCK
wXHkecEQwhae1CAwu+eH/MJ9TLRkKWn6YN1gSXkiMjiAN7M+7RHr+yjeGdlGbHy0
5QPezmI2Mhzwl84DLmAGs9mleNggOpaA8B2jEOtgC+8x0/EE0A/Cmq6O99FdjgFI
mzfr8NGo5jOkBb+vpVZ6nsGAt5W+xfc1iW/un40YCGEySKWRw3WxQSMjgmLPeGtD
k4DZwVfcJpqURghOpeOj3VYNxmwtGXjozseKsn54bDqHshOvhi/qckHkOpu0pb2q
oK790O4raxV4PH/MHj6+3HVB9FRdTStgnkFTuj5r8TMGDAdckB7qwDc5oEb+z3Xi
XUMcyTDC3SGxK5RcUOmP
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:24:23 2026 by rpki-client