Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA52B/28CBFB145C3211E9AB624580C4F9AE02/ECB38BAA5C3211E9816E7981C4F9AE02.roa
File:                     ECB38BAA5C3211E9816E7981C4F9AE02.roa (raw, json)
Hash identifier:          UOMZTdKovpm9c8JSIK0SgFgNdoQS4pqBXIujEqiTgtk=
Subject key identifier:   82:F5:6C:CD:A4:EE:FB:DA:C4:D9:9E:01:EF:3A:25:7F:80:57:F7:79
Certificate issuer:       /CN=A91FA52B/serialNumber=61BEA6AA338066C90EB5CB32400C6AE7605C88A4
Certificate serial:       1056
Authority key identifier: 61:BE:A6:AA:33:80:66:C9:0E:B5:CB:32:40:0C:6A:E7:60:5C:88:A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb6mqjOAZskOtcsyQAxq52BciKQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FA52B/28CBFB145C3211E9AB624580C4F9AE02/ECB38BAA5C3211E9816E7981C4F9AE02.roa
Signing time:             Fri 08 May 2026 18:21:35 +0000
ROA not before:           Fri 08 May 2026 18:21:35 +0000
ROA not after:            Fri 30 Jul 2027 00:00:00 +0000
asID:                     138972
IP address blocks:        103.137.244.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FA52B/28CBFB145C3211E9AB624580C4F9AE02/Yb6mqjOAZskOtcsyQAxq52BciKQ.crl
                          rsync://rpki.apnic.net/member_repository/A91FA52B/28CBFB145C3211E9AB624580C4F9AE02/Yb6mqjOAZskOtcsyQAxq52BciKQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb6mqjOAZskOtcsyQAxq52BciKQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jul 2026 17:26:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4182 (0x1056)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FA52B, serialNumber=61BEA6AA338066C90EB5CB32400C6AE7605C88A4
        Validity
            Not Before: May  8 18:21:35 2026 GMT
            Not After : Jul 30 00:00:00 2027 GMT
        Subject: CN=69fe29af-f190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ad:5b:7f:e5:23:89:20:05:b8:6e:61:f4:4f:
                    b8:48:d0:f3:30:58:22:1d:17:ec:e5:d7:07:92:b9:
                    c6:f0:5e:e3:0e:7f:69:3b:51:84:71:ad:de:97:76:
                    1c:cb:a9:64:1d:45:ad:72:80:32:70:de:48:dd:1c:
                    92:cb:38:bb:8a:f3:d4:ac:e2:6a:2b:0f:14:2a:ea:
                    4b:1a:ec:7e:7a:14:1c:5a:38:56:94:dc:b2:10:2d:
                    46:81:dc:6a:04:71:2a:36:8a:84:8d:05:9b:fb:44:
                    cd:e5:0c:2a:fc:09:42:a8:b9:9f:62:87:42:09:0f:
                    97:b4:11:de:b8:a5:4d:96:29:69:d0:d0:13:fe:16:
                    28:10:1c:a1:c1:d2:75:f8:c5:e5:86:7d:41:4c:7f:
                    21:76:e2:34:3e:01:bd:65:5b:56:b6:18:b2:b8:0c:
                    06:74:64:26:d9:62:c9:a2:6c:d9:79:4e:ad:d1:ac:
                    9b:d7:26:44:02:0e:73:68:8b:8f:2e:28:1d:b4:b1:
                    ff:99:cc:b3:51:77:9e:14:2c:35:83:44:9a:7f:9e:
                    7d:a8:91:f5:fa:07:f8:91:c1:41:75:c0:7a:96:c2:
                    a1:f1:80:03:ac:98:11:cc:2a:0b:75:2e:20:bb:f8:
                    e6:ef:03:af:3a:a4:44:c2:77:90:90:2a:84:f0:2d:
                    d9:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F5:6C:CD:A4:EE:FB:DA:C4:D9:9E:01:EF:3A:25:7F:80:57:F7:79
            X509v3 Authority Key Identifier:
                keyid:61:BE:A6:AA:33:80:66:C9:0E:B5:CB:32:40:0C:6A:E7:60:5C:88:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FA52B/28CBFB145C3211E9AB624580C4F9AE02/Yb6mqjOAZskOtcsyQAxq52BciKQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb6mqjOAZskOtcsyQAxq52BciKQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA52B/28CBFB145C3211E9AB624580C4F9AE02/ECB38BAA5C3211E9816E7981C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.137.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:24:b9:dc:7f:ec:b8:79:aa:10:39:a0:e7:97:a7:cd:12:c6:
         2e:b9:22:97:a6:78:20:3f:9d:89:e0:59:26:66:95:d8:9f:10:
         00:54:44:26:cc:10:50:95:2b:04:51:14:3d:cf:f8:26:a2:9d:
         0f:21:c7:ab:49:6d:d9:00:e8:99:89:0b:a2:9c:8e:29:61:b7:
         ce:41:d9:84:39:4d:46:5b:43:11:c1:eb:0c:8e:73:50:4c:1d:
         f4:5d:56:1f:74:68:32:bd:01:07:97:9e:c2:c9:e8:42:76:18:
         7a:2d:42:63:54:a1:55:a1:81:9f:fd:47:11:09:4f:4c:58:8b:
         5b:eb:a3:a7:4b:c3:2e:13:4f:82:79:63:63:a4:18:82:66:27:
         6b:a4:d1:65:a0:c9:88:bb:ef:66:37:a6:b2:bc:da:86:e7:4f:
         40:f3:37:b9:9d:af:89:d1:ab:21:84:e4:d1:6f:e5:6a:99:29:
         69:29:ee:7f:43:63:67:b8:2a:30:48:9e:0c:fa:5d:fb:29:fa:
         ac:70:32:eb:d1:8b:ee:b6:cb:90:47:9c:d4:ec:f0:7d:55:12:
         af:a6:b0:1b:7b:5e:4e:eb:c1:39:a2:9e:87:b0:80:19:ea:d0:
         7f:2b:e5:61:ca:0b:bf:ce:5c:0b:92:e8:91:84:73:d1:1f:69:
         a3:60:a4:67
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICEFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkE1MkIxMTAvBgNVBAUTKDYxQkVBNkFBMzM4MDY2QzkwRUI1Q0IzMjQwMEM2QUU3
NjA1Qzg4QTQwHhcNMjYwNTA4MTgyMTM1WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWZlMjlhZi1mMTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA161bf+UjiSAFuG5h9E+4SNDzMFgiHRfs5dcHkrnG8F7jDn9pO1GEca3el3Yc
y6lkHUWtcoAycN5I3RySyzi7ivPUrOJqKw8UKupLGux+ehQcWjhWlNyyEC1Ggdxq
BHEqNoqEjQWb+0TN5Qwq/AlCqLmfYodCCQ+XtBHeuKVNlilp0NAT/hYoEByhwdJ1
+MXlhn1BTH8hduI0PgG9ZVtWthiyuAwGdGQm2WLJomzZeU6t0ayb1yZEAg5zaIuP
LigdtLH/mcyzUXeeFCw1g0Saf559qJH1+gf4kcFBdcB6lsKh8YADrJgRzCoLdS4g
u/jm7wOvOqREwneQkCqE8C3ZSwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFIL1bM2k
7vvaxNmeAe86JX+AV/d5MB8GA1UdIwQYMBaAFGG+pqozgGbJDrXLMkAMaudgXIik
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTUyQi8yOENCRkIxNDVD
MzIxMUU5QUI2MjQ1ODBDNEY5QUUwMi9ZYjZtcWpPQVpza090Y3N5UUF4cTUyQmNp
S1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liNm1xak9BWnNrT3Rjc3lRQXhxNTJCY2lLUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkE1MkIvMjhDQkZCMTQ1QzMyMTFFOUFCNjI0NTgwQzRGOUFFMDIvRUNCMzhCQUE1
QzMyMTFFOTgxNkU3OTgxQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ4n0MA0GCSqGSIb3DQEBCwUAA4IBAQA/JLncf+y4eaoQOaDnl6fN
EsYuuSKXpnggP52J4FkmZpXYnxAAVEQmzBBQlSsEURQ9z/gmop0PIcerSW3ZAOiZ
iQuinI4pYbfOQdmEOU1GW0MRwesMjnNQTB30XVYfdGgyvQEHl57CyehCdhh6LUJj
VKFVoYGf/UcRCU9MWItb66OnS8MuE0+CeWNjpBiCZidrpNFloMmIu+9mN6ayvNqG
509A8ze5na+J0ashhOTRb+VqmSlpKe5/Q2NnuCowSJ4M+l37KfqscDLr0YvutsuQ
R5zU7PB9VRKvprAbe15O68E5op6HsIAZ6tB/K+Vhygu/zlwLkuiRhHPRH2mjYKRn
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:24:22 2026 by rpki-client