Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE9DC/6EEC1F5CEFFD11EE90288A72C4F9AE02/1132F3026BD811EF90DBC631C4F9AE02.roa
File:                     1132F3026BD811EF90DBC631C4F9AE02.roa (raw, json)
Hash identifier:          tjSNlsLVDVemDbg8MkCxHj6lieTSIIDFdS4u4JZvSN0=
Subject key identifier:   DF:E5:A9:5C:73:AD:36:2F:89:9C:54:A1:F4:F7:A4:2F:CA:78:60:21
Certificate issuer:       /CN=A91FE9DC/serialNumber=0F9F7158DBDFFA2A57AE02487C98206B78380496
Certificate serial:       01CE
Authority key identifier: 0F:9F:71:58:DB:DF:FA:2A:57:AE:02:48:7C:98:20:6B:78:38:04:96
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D59xWNvf-ipXrgJIfJgga3g4BJY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FE9DC/6EEC1F5CEFFD11EE90288A72C4F9AE02/1132F3026BD811EF90DBC631C4F9AE02.roa
Signing time:             Tue 07 Jul 2026 05:31:19 +0000
ROA not before:           Tue 07 Jul 2026 05:31:19 +0000
ROA not after:            Thu 30 Sep 2027 00:00:00 +0000
asID:                     17547
IP address blocks:        103.230.92.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FE9DC/6EEC1F5CEFFD11EE90288A72C4F9AE02/D59xWNvf-ipXrgJIfJgga3g4BJY.crl
                          rsync://rpki.apnic.net/member_repository/A91FE9DC/6EEC1F5CEFFD11EE90288A72C4F9AE02/D59xWNvf-ipXrgJIfJgga3g4BJY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D59xWNvf-ipXrgJIfJgga3g4BJY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Jul 2026 05:04:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 462 (0x1ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FE9DC, serialNumber=0F9F7158DBDFFA2A57AE02487C98206B78380496
        Validity
            Not Before: Jul  7 05:31:19 2026 GMT
            Not After : Sep 30 00:00:00 2027 GMT
        Subject: CN=6a4c8f27-6f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a9:b7:05:0f:1b:3c:e5:96:1b:d5:83:01:6e:
                    c1:5f:c1:22:68:a0:c0:68:da:ec:ff:f8:06:6c:8b:
                    ba:10:b8:a6:b3:5d:30:37:6c:96:e7:3f:c6:b2:24:
                    ec:9b:b5:1f:27:9e:84:ca:6f:c4:95:97:36:dc:c8:
                    ac:cc:e1:dd:be:3c:79:0c:dc:b2:17:f8:cd:ae:20:
                    6b:ff:82:ed:9e:dc:44:d3:15:d9:3c:23:ba:b4:21:
                    94:c7:26:c8:40:3f:fd:73:c0:8f:b9:48:d7:4d:ec:
                    3a:a4:2a:fe:ef:2d:bf:be:83:e2:e6:35:96:38:69:
                    cd:37:41:3c:dd:02:80:b6:15:d9:8a:2c:e4:8c:a2:
                    72:d8:51:38:ba:9b:9f:10:98:65:a4:70:5e:10:3f:
                    62:8c:68:bc:43:7a:d1:a8:08:d7:3e:42:4c:fa:3a:
                    ba:65:96:45:fc:fd:a3:07:2c:51:9e:b7:38:a5:c4:
                    d6:aa:19:92:35:89:8c:42:57:09:47:ff:6f:09:5b:
                    49:be:60:35:fe:fe:35:c0:a9:60:b7:ad:c3:45:dc:
                    3a:48:b2:cb:e8:40:b8:ba:bb:0b:51:e1:36:a0:d1:
                    6e:ce:c9:ee:3d:a0:d0:c3:7a:98:6f:88:df:1b:bb:
                    25:84:95:a5:50:33:d9:09:03:56:26:f8:e4:8b:eb:
                    3f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E5:A9:5C:73:AD:36:2F:89:9C:54:A1:F4:F7:A4:2F:CA:78:60:21
            X509v3 Authority Key Identifier:
                keyid:0F:9F:71:58:DB:DF:FA:2A:57:AE:02:48:7C:98:20:6B:78:38:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FE9DC/6EEC1F5CEFFD11EE90288A72C4F9AE02/D59xWNvf-ipXrgJIfJgga3g4BJY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D59xWNvf-ipXrgJIfJgga3g4BJY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE9DC/6EEC1F5CEFFD11EE90288A72C4F9AE02/1132F3026BD811EF90DBC631C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.230.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:80:59:9d:01:1f:4f:d6:22:85:ec:57:6b:12:89:b5:06:89:
         32:8c:cf:5b:3d:08:46:28:78:80:bc:02:59:af:d2:d9:e1:2f:
         8d:c8:cd:83:b4:69:6b:b2:45:33:13:f5:0b:c8:35:d9:65:4b:
         9b:f4:ed:01:5a:be:10:d9:26:cd:3c:4d:76:d4:8b:70:63:67:
         51:82:0b:31:c5:96:7e:0d:8c:b6:60:1d:c9:e1:12:69:c3:3f:
         49:46:f7:5c:13:11:83:93:f5:71:b2:bf:29:01:23:62:f5:ed:
         03:74:79:fd:6a:2a:04:65:6c:a7:f1:60:dc:01:45:76:a4:aa:
         e3:af:f6:51:0f:61:26:ab:6c:57:87:a5:9e:37:a9:12:c0:ef:
         1a:f6:3c:3c:93:e8:2d:55:ad:13:c6:7a:28:cf:a9:1e:2a:6d:
         81:11:f4:e2:1c:0b:10:87:b6:90:5e:82:a1:80:8a:81:15:24:
         68:02:30:6e:0d:66:60:7d:01:6c:66:a4:3a:2d:13:af:db:ed:
         39:09:f6:a5:e3:d5:9a:cf:e9:fc:04:89:19:69:de:97:7b:e0:
         5c:27:82:00:b5:be:fc:8d:86:b8:d1:05:ce:fa:a1:0e:c2:f8:
         dc:54:c3:4c:3e:5e:2d:e8:19:ad:f8:ad:94:2c:b2:57:09:b3:
         bd:b8:4c:3b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkU5REMxMTAvBgNVBAUTKDBGOUY3MTU4REJERkZBMkE1N0FFMDI0ODdDOTgyMDZC
NzgzODA0OTYwHhcNMjYwNzA3MDUzMTE5WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRjOGYyNy02ZjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA36m3BQ8bPOWWG9WDAW7BX8EiaKDAaNrs//gGbIu6ELims10wN2yW5z/GsiTs
m7UfJ56Eym/ElZc23MiszOHdvjx5DNyyF/jNriBr/4LtntxE0xXZPCO6tCGUxybI
QD/9c8CPuUjXTew6pCr+7y2/voPi5jWWOGnNN0E83QKAthXZiizkjKJy2FE4upuf
EJhlpHBeED9ijGi8Q3rRqAjXPkJM+jq6ZZZF/P2jByxRnrc4pcTWqhmSNYmMQlcJ
R/9vCVtJvmA1/v41wKlgt63DRdw6SLLL6EC4ursLUeE2oNFuzsnuPaDQw3qYb4jf
G7slhJWlUDPZCQNWJvjki+s/JwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFN/lqVxz
rTYviZxUofT3pC/KeGAhMB8GA1UdIwQYMBaAFA+fcVjb3/oqV64CSHyYIGt4OASW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTlEQy82RUVDMUY1Q0VG
RkQxMUVFOTAyODhBNzJDNEY5QUUwMi9ENTl4V052Zi1pcFhyZ0pJZkpnZ2EzZzRC
SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Q1OXhXTnZmLWlwWHJnSklmSmdnYTNnNEJKWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkU5REMvNkVFQzFGNUNFRkZEMTFFRTkwMjg4QTcyQzRGOUFFMDIvMTEzMkYzMDI2
QkQ4MTFFRjkwREJDNjMxQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ+ZcMA0GCSqGSIb3DQEBCwUAA4IBAQBYgFmdAR9P1iKF7FdrEom1
BokyjM9bPQhGKHiAvAJZr9LZ4S+NyM2DtGlrskUzE/ULyDXZZUub9O0BWr4Q2SbN
PE121ItwY2dRggsxxZZ+DYy2YB3J4RJpwz9JRvdcExGDk/Vxsr8pASNi9e0DdHn9
aioEZWyn8WDcAUV2pKrjr/ZRD2Emq2xXh6WeN6kSwO8a9jw8k+gtVa0Txnooz6ke
Km2BEfTiHAsQh7aQXoKhgIqBFSRoAjBuDWZgfQFsZqQ6LROv2+05Cfal49Waz+n8
BIkZad6Xe+BcJ4IAtb78jYa40QXO+qEOwvjcVMNMPl4t6Bmt+K2ULLJXCbO9uEw7
-----END CERTIFICATE-----
Generated at Sat Jul 18 08:17:21 2026 by rpki-client