Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9143078/DA29B4AEAD1111EC989E3A0DC4F9AE02/1332B7BCEC7211EFBA9EF77FC4F9AE02.roa
File:                     1332B7BCEC7211EFBA9EF77FC4F9AE02.roa (raw, json)
Hash identifier:          WROW/VdP1mBKJjQ+eLfmeQ41g++kwZjXVc97jOJDrMc=
Subject key identifier:   22:8D:B2:B6:06:7C:3C:3D:D0:A1:A5:68:47:EC:91:97:6A:4B:E8:33
Certificate issuer:       /CN=A9143078/serialNumber=0C2042E5FC3361FF7356936D097E1244AFC626CE
Certificate serial:       041C
Authority key identifier: 0C:20:42:E5:FC:33:61:FF:73:56:93:6D:09:7E:12:44:AF:C6:26:CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DCBC5fwzYf9zVpNtCX4SRK_GJs4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9143078/DA29B4AEAD1111EC989E3A0DC4F9AE02/1332B7BCEC7211EFBA9EF77FC4F9AE02.roa
Signing time:             Sun 01 Mar 2026 16:50:54 +0000
ROA not before:           Wed 25 Feb 2026 04:17:18 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     10111
IP address blocks:        103.183.218.0/24 maxlen: 24
                          103.183.219.0/24 maxlen: 24
                          2400:6460::/40 maxlen: 40
                          2400:6460:10::/44 maxlen: 48
                          2400:6460:f0::/48 maxlen: 48
                          2400:6460:f1::/48 maxlen: 48
                          2400:6460:f2::/48 maxlen: 48
                          2400:6460:f3::/48 maxlen: 48
                          2400:6460:ff::/48 maxlen: 48
                          2400:6460:100::/40 maxlen: 48
                          2400:6460:300::/40 maxlen: 48
                          2400:6460:500::/40 maxlen: 48
                          2400:6460:600::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9143078/DA29B4AEAD1111EC989E3A0DC4F9AE02/DCBC5fwzYf9zVpNtCX4SRK_GJs4.crl
                          rsync://rpki.apnic.net/member_repository/A9143078/DA29B4AEAD1111EC989E3A0DC4F9AE02/DCBC5fwzYf9zVpNtCX4SRK_GJs4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DCBC5fwzYf9zVpNtCX4SRK_GJs4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 09 Mar 2026 00:49:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1052 (0x41c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143078, serialNumber=0C2042E5FC3361FF7356936D097E1244AFC626CE
        Validity
            Not Before: Feb 25 04:17:18 2026 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=69a46e6d-c324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:b2:79:c0:ad:ed:62:09:4c:a8:73:7c:e9:28:
                    4e:8a:48:84:b6:f3:cb:8f:98:88:b7:e7:10:60:bb:
                    09:96:ed:6b:e7:0c:1e:2e:87:36:0a:d6:c5:01:86:
                    c6:4b:12:d5:e2:11:01:7c:12:51:39:14:13:99:3a:
                    4e:b9:3c:d6:ae:f2:a3:b0:a1:00:64:8c:fa:f3:6e:
                    b4:1a:ed:32:04:c9:16:ad:c5:c2:b2:fd:45:fa:b2:
                    fb:fc:12:50:4f:33:ad:99:59:ed:9f:d3:d1:8d:49:
                    e8:47:1b:d3:a7:db:71:fe:69:45:bf:08:81:03:48:
                    40:be:81:bb:1a:99:f5:ee:9e:a2:60:3d:27:6d:77:
                    46:6d:b3:ed:22:8e:a8:65:32:6d:cc:f2:e2:51:53:
                    d7:23:1a:9d:72:36:8b:16:e0:6a:fe:5a:0f:dc:cb:
                    c6:f2:bf:1a:64:a5:49:71:d9:96:01:ad:32:5e:5b:
                    c1:46:d3:4e:6f:4f:17:01:a4:b1:4f:48:64:f5:d4:
                    86:91:a4:0c:24:6b:49:7c:30:5d:ab:13:db:72:e7:
                    f6:ac:de:01:dc:2b:6b:03:44:16:78:d8:72:71:47:
                    98:37:ad:6b:a7:dc:69:1e:fd:f5:81:ee:d2:db:72:
                    9a:51:61:9a:f5:41:c2:a4:fe:35:57:4a:72:da:3b:
                    0f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:8D:B2:B6:06:7C:3C:3D:D0:A1:A5:68:47:EC:91:97:6A:4B:E8:33
            X509v3 Authority Key Identifier:
                keyid:0C:20:42:E5:FC:33:61:FF:73:56:93:6D:09:7E:12:44:AF:C6:26:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9143078/DA29B4AEAD1111EC989E3A0DC4F9AE02/DCBC5fwzYf9zVpNtCX4SRK_GJs4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DCBC5fwzYf9zVpNtCX4SRK_GJs4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143078/DA29B4AEAD1111EC989E3A0DC4F9AE02/1332B7BCEC7211EFBA9EF77FC4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.183.218.0/23
                IPv6:
                  2400:6460::/39
                  2400:6460:300::/40
                  2400:6460:500::-2400:6460:6ff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         31:93:93:1e:56:cb:1b:a7:c6:e7:2f:3d:79:e9:df:46:3a:dc:
         df:1a:64:18:d7:97:3c:bf:c0:1e:01:cd:1e:1d:35:bc:ff:84:
         5b:24:2d:98:3d:c9:c8:9b:44:c7:70:e7:a1:ed:8a:f8:b4:8c:
         f8:99:0d:c2:5c:34:02:5a:78:31:cf:34:22:44:0b:28:1d:1b:
         18:fd:6d:a0:ee:f3:c8:d8:5a:14:8a:2c:8f:99:f3:cd:05:b5:
         ba:6a:1b:b3:2b:ce:d7:0a:83:77:87:40:43:03:c6:75:84:29:
         16:b3:ac:b4:39:53:38:36:50:9c:84:73:4f:c7:5e:80:76:45:
         73:d2:b1:36:b0:7b:36:f2:26:bc:e0:fc:43:39:ce:53:45:6c:
         c3:8b:54:dd:1c:0e:d5:4c:05:b0:28:b3:7e:30:88:ca:97:3f:
         a7:c0:da:1e:06:fa:86:21:b8:a9:4c:3b:c3:63:45:4a:e5:a3:
         e3:37:41:54:3e:20:54:d5:92:dc:a8:d9:42:f8:9c:3a:20:f2:
         bf:53:4f:7b:48:69:3f:65:1b:85:f0:0e:6f:80:bf:02:ee:d9:
         af:28:cd:11:8f:14:f0:7d:d8:70:30:50:aa:a5:8d:34:ff:e5:
         a8:c2:e4:fe:3c:b1:db:26:48:1e:22:55:1f:f1:71:56:d3:2d:
         04:26:02:83
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgICBBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDMwNzgxMTAvBgNVBAUTKDBDMjA0MkU1RkMzMzYxRkY3MzU2OTM2RDA5N0UxMjQ0
QUZDNjI2Q0UwHhcNMjYwMjI1MDQxNzE4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NmU2ZC1jMzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4LJ5wK3tYglMqHN86ShOikiEtvPLj5iIt+cQYLsJlu1r5wweLoc2CtbFAYbG
SxLV4hEBfBJRORQTmTpOuTzWrvKjsKEAZIz68260Gu0yBMkWrcXCsv1F+rL7/BJQ
TzOtmVntn9PRjUnoRxvTp9tx/mlFvwiBA0hAvoG7Gpn17p6iYD0nbXdGbbPtIo6o
ZTJtzPLiUVPXIxqdcjaLFuBq/loP3MvG8r8aZKVJcdmWAa0yXlvBRtNOb08XAaSx
T0hk9dSGkaQMJGtJfDBdqxPbcuf2rN4B3CtrA0QWeNhycUeYN61rp9xpHv31ge7S
23KaUWGa9UHCpP41V0py2jsPnwIDAQABo4ICijCCAoYwHQYDVR0OBBYEFCKNsrYG
fDw90KGlaEfskZdqS+gzMB8GA1UdIwQYMBaAFAwgQuX8M2H/c1aTbQl+EkSvxibO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MzA3OC9EQTI5QjRBRUFE
MTExMUVDOTg5RTNBMERDNEY5QUUwMi9EQ0JDNWZ3ellmOXpWcE50Q1g0U1JLX0dK
czQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RDQkM1Znd6WWY5elZwTnRDWDRTUktfR0pzNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDMwNzgvREEyOUI0QUVBRDExMTFFQzk4OUUzQTBEQzRGOUFFMDIvMTMzMkI3QkNF
QzcyMTFFRkJBOUVGNzdGQzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODAM
BAIAATAGAwQBZ7faMCgEAgACMCIDBgEkAGRgAAMGACQAZGADMBADBgAkAGRgBQMG
ACQAZGAGMA0GCSqGSIb3DQEBCwUAA4IBAQAxk5MeVssbp8bnLz156d9GOtzfGmQY
15c8v8AeAc0eHTW8/4RbJC2YPcnIm0THcOeh7Yr4tIz4mQ3CXDQCWngxzzQiRAso
HRsY/W2g7vPI2FoUiiyPmfPNBbW6ahuzK87XCoN3h0BDA8Z1hCkWs6y0OVM4NlCc
hHNPx16AdkVz0rE2sHs28ia84PxDOc5TRWzDi1TdHA7VTAWwKLN+MIjKlz+nwNoe
BvqGIbipTDvDY0VK5aPjN0FUPiBU1ZLcqNlC+Jw6IPK/U097SGk/ZRuF8A5vgL8C
7tmvKM0RjxTwfdhwMFCqpY00/+WowuT+PLHbJkgeIlUf8XFW0y0EJgKD
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:00:28 2026 by rpki-client