Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/551036FCF1CA11EFA1495230C4F9AE02.roa
File:                     551036FCF1CA11EFA1495230C4F9AE02.roa (raw, json)
Hash identifier:          g1HOTpLTf3sk5gSzo54dPs52/QkaTA4XgGi9Wow0trs=
Subject key identifier:   8A:24:A2:23:03:22:8E:7B:9F:46:5A:A6:99:8E:82:E7:C9:A9:4D:B8
Certificate issuer:       /CN=A911ED2C/serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12
Certificate serial:       0174
Authority key identifier: 9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/551036FCF1CA11EFA1495230C4F9AE02.roa
Signing time:             Fri 25 Jul 2025 00:22:00 +0000
ROA not before:           Fri 25 Jul 2025 00:22:00 +0000
ROA not after:            Tue 31 Mar 2026 00:00:00 +0000
asID:                     40676
IP address blocks:        103.79.76.0/22 maxlen: 22
                          103.79.76.0/24 maxlen: 24
                          103.79.77.0/24 maxlen: 24
                          103.79.78.0/24 maxlen: 24
                          103.79.79.0/24 maxlen: 24
                          103.79.118.0/24 maxlen: 24
                          103.91.144.0/24 maxlen: 24
                          103.91.145.0/24 maxlen: 24
                          103.216.162.0/23 maxlen: 23
                          202.91.32.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.crl
                          rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 12 Aug 2025 04:59:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 372 (0x174)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911ED2C, serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12
        Validity
            Not Before: Jul 25 00:22:00 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=6882ce28-c0b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e7:49:b6:76:da:4d:74:d6:d3:19:40:70:a7:
                    07:e6:46:d0:42:ce:f8:8a:be:21:21:3b:23:39:f2:
                    6e:23:79:2e:79:3c:28:58:a0:50:3d:2e:66:48:12:
                    6b:a2:f6:09:cc:65:00:5b:79:04:8c:30:1b:57:4c:
                    88:66:ca:ba:33:fc:31:fc:f6:4d:0a:21:55:36:96:
                    a0:23:63:18:dc:36:6a:11:39:2c:62:da:ea:98:a4:
                    c1:07:9c:64:52:65:e1:d0:a5:61:98:09:2d:3c:fa:
                    24:6e:1c:75:79:68:ff:d3:e3:cd:fb:2a:61:d3:fb:
                    14:ed:be:a4:f6:b4:6f:c6:09:3e:3a:95:7c:c5:14:
                    31:1e:a8:56:87:fc:3e:9b:44:f0:16:b0:b3:91:44:
                    5f:2c:0c:36:a4:bd:c3:bb:92:b4:44:d2:8f:af:85:
                    55:28:d9:39:24:30:e0:98:b9:cf:35:31:95:07:09:
                    8a:92:88:87:8f:58:7b:36:f5:69:7a:c7:be:70:dc:
                    25:3f:4c:8e:22:0b:2a:f3:2d:f8:a7:17:f9:2f:54:
                    5a:1a:37:c8:b0:a7:ab:76:40:34:17:48:cd:d9:9c:
                    4f:aa:20:02:93:70:a9:0a:e8:c9:49:3c:00:c1:be:
                    5f:05:6e:88:0a:62:da:72:be:58:b2:05:cc:49:19:
                    5a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:24:A2:23:03:22:8E:7B:9F:46:5A:A6:99:8E:82:E7:C9:A9:4D:B8
            X509v3 Authority Key Identifier:
                keyid:9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/551036FCF1CA11EFA1495230C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.79.76.0/22
                  103.79.118.0/24
                  103.91.144.0/23
                  103.216.162.0/23
                  202.91.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:c8:0a:d4:c7:c6:d2:af:1d:34:c8:3e:2b:d7:d0:7b:8b:cb:
         6f:6c:8d:41:f3:ca:a2:ae:15:18:50:d6:41:d5:69:d6:84:36:
         d9:0e:4e:f7:8a:16:70:9a:89:b0:ec:a3:64:66:05:b7:91:ed:
         cd:f9:09:5a:3b:38:4a:6a:d2:82:81:a6:cf:e7:82:56:ab:b5:
         67:7e:11:09:54:39:c2:62:28:16:03:f0:0a:b9:18:5b:ff:74:
         19:7d:93:61:e1:03:e2:da:a9:a3:28:ed:4c:0d:61:e1:ed:66:
         db:04:75:5b:b7:3a:31:37:57:36:e5:6c:25:a8:20:5e:d4:58:
         c4:da:da:c0:84:fb:36:70:ae:3c:f9:69:05:95:7e:ba:8e:8e:
         7f:7f:da:88:40:31:76:a2:af:6b:5c:db:da:9e:22:9d:8e:16:
         af:a6:e6:2b:b7:e6:dd:8c:d1:96:da:34:81:84:8f:48:28:69:
         e8:82:16:6d:e0:bf:f4:2d:00:81:d6:79:70:2a:81:13:5f:3c:
         78:e7:38:98:03:4b:51:cb:b1:91:24:00:04:04:d2:ec:7e:93:
         23:ce:fa:b9:e9:97:c1:3e:4b:01:4c:38:e9:ea:c6:1e:ef:dd:
         c1:1b:9c:7e:44:a3:9d:4a:34:d3:73:c3:4c:a7:e2:94:2f:05:
         6c:4b:c5:8d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUVEMkMxMTAvBgNVBAUTKDlEMzQxNDI4M0IyMjdCOEY1MTJGMzA1RjJBQ0RCNDND
REU5RTREMTIwHhcNMjUwNzI1MDAyMjAwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgyY2UyOC1jMGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo+dJtnbaTXTW0xlAcKcH5kbQQs74ir4hITsjOfJuI3kueTwoWKBQPS5mSBJr
ovYJzGUAW3kEjDAbV0yIZsq6M/wx/PZNCiFVNpagI2MY3DZqETksYtrqmKTBB5xk
UmXh0KVhmAktPPokbhx1eWj/0+PN+yph0/sU7b6k9rRvxgk+OpV8xRQxHqhWh/w+
m0TwFrCzkURfLAw2pL3Du5K0RNKPr4VVKNk5JDDgmLnPNTGVBwmKkoiHj1h7NvVp
ese+cNwlP0yOIgsq8y34pxf5L1RaGjfIsKerdkA0F0jN2ZxPqiACk3CpCujJSTwA
wb5fBW6ICmLacr5YsgXMSRlaRwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIokoiMD
Io57n0ZappmOgufJqU24MB8GA1UdIwQYMBaAFJ00FCg7InuPUS8wXyrNtDzenk0S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRUQyQy8wMDM3M0M2QzlC
QkMxMUVFODUxQURENTBDNEY5QUUwMi9uVFFVS0RzaWU0OVJMekJmS3MyMFBONmVU
UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25UUVVLRHNpZTQ5Ukx6QmZLczIwUE42ZVRSSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVEMkMvMDAzNzNDNkM5QkJDMTFFRTg1MUFERDUwQzRGOUFFMDIvNTUxMDM2RkNG
MUNBMTFFRkExNDk1MjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAJnT0wDBABnT3YDBAFnW5ADBAFn2KIDBADKWyAwDQYJKoZI
hvcNAQELBQADggEBAJTICtTHxtKvHTTIPivX0HuLy29sjUHzyqKuFRhQ1kHVadaE
NtkOTveKFnCaibDso2RmBbeR7c35CVo7OEpq0oKBps/nglartWd+EQlUOcJiKBYD
8Aq5GFv/dBl9k2HhA+LaqaMo7UwNYeHtZtsEdVu3OjE3VzblbCWoIF7UWMTa2sCE
+zZwrjz5aQWVfrqOjn9/2ohAMXair2tc29qeIp2OFq+m5iu35t2M0ZbaNIGEj0go
aeiCFm3gv/QtAIHWeXAqgRNfPHjnOJgDS1HLsZEkAAQE0ux+kyPO+rnpl8E+SwFM
OOnqxh7v3cEbnH5Eo51KNNNzw0yn4pQvBWxLxY0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:09:10 2025 by rpki-client