Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/A3583B2616B711ECBD752D47C4F9AE02.roa
File:                     A3583B2616B711ECBD752D47C4F9AE02.roa (raw, json)
Hash identifier:          OzR5m76bC5p8Qn4iW9ZQqG9vOQByfBzOqdZe3AXXfw4=
Subject key identifier:   32:43:E6:2F:02:4A:A4:25:C3:D2:F5:C3:5D:40:89:EA:F9:2B:2D:54
Certificate issuer:       /CN=A91D891D/serialNumber=41D268C5113EF3ED7B173B780E017ED3FE8555F7
Certificate serial:       0526
Authority key identifier: 41:D2:68:C5:11:3E:F3:ED:7B:17:3B:78:0E:01:7E:D3:FE:85:55:F7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QdJoxRE-8-17Fzt4DgF-0_6FVfc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/A3583B2616B711ECBD752D47C4F9AE02.roa
Signing time:             Sat 26 Jul 2025 22:01:45 +0000
ROA not before:           Sat 26 Jul 2025 22:01:45 +0000
ROA not after:            Thu 30 Jul 2026 00:00:00 +0000
asID:                     55799
IP address blocks:        103.113.156.0/22 maxlen: 22
                          103.113.156.0/24 maxlen: 24
                          103.113.157.0/24 maxlen: 24
                          103.113.158.0/24 maxlen: 24
                          103.113.159.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/QdJoxRE-8-17Fzt4DgF-0_6FVfc.crl
                          rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/QdJoxRE-8-17Fzt4DgF-0_6FVfc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QdJoxRE-8-17Fzt4DgF-0_6FVfc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 21:48:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1318 (0x526)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D891D, serialNumber=41D268C5113EF3ED7B173B780E017ED3FE8555F7
        Validity
            Not Before: Jul 26 22:01:45 2025 GMT
            Not After : Jul 30 00:00:00 2026 GMT
        Subject: CN=68855049-d568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f7:22:e8:88:18:9c:49:7e:3f:c4:f9:88:b6:
                    ee:1b:48:34:66:5b:89:d9:0b:63:7b:b4:55:63:d1:
                    c8:d8:f5:b9:63:86:52:69:26:d1:37:ec:42:01:5d:
                    05:42:d6:22:1e:db:77:63:5c:98:48:ab:95:89:04:
                    69:c4:03:07:ab:4c:16:dd:0d:eb:cb:03:d5:19:90:
                    5c:b6:a2:89:df:1f:5d:45:fb:a3:71:42:d5:ad:bc:
                    5c:d1:16:d4:8b:23:8a:ea:2b:7c:e3:a7:95:14:94:
                    fa:dc:5e:31:ae:43:79:23:e5:70:5e:51:fc:ac:18:
                    0d:a3:5c:3f:c9:ce:b5:f4:e2:d2:58:4d:a4:f4:62:
                    f6:0c:e1:cd:f1:c9:6f:f3:82:4d:28:d2:48:da:74:
                    f3:e8:0f:6f:99:9d:02:8a:65:cf:a6:3a:dc:59:ab:
                    b0:a0:75:7e:af:fc:4a:45:45:49:e6:dd:45:3f:ec:
                    a1:6c:65:4f:c5:fc:62:2a:0d:16:59:3e:9f:57:5c:
                    a3:59:ce:14:55:76:21:a7:5b:df:35:81:bb:01:1f:
                    90:5d:d4:5e:7b:55:1a:59:01:88:8b:70:70:7c:25:
                    18:6a:66:9c:58:70:e0:8b:63:94:51:d3:ff:27:a4:
                    47:c0:2c:4c:46:98:14:c0:bd:50:ec:11:3d:52:f6:
                    af:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:43:E6:2F:02:4A:A4:25:C3:D2:F5:C3:5D:40:89:EA:F9:2B:2D:54
            X509v3 Authority Key Identifier:
                keyid:41:D2:68:C5:11:3E:F3:ED:7B:17:3B:78:0E:01:7E:D3:FE:85:55:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/QdJoxRE-8-17Fzt4DgF-0_6FVfc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QdJoxRE-8-17Fzt4DgF-0_6FVfc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/A3583B2616B711ECBD752D47C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.113.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:53:98:87:fd:58:2f:f8:7b:64:49:c0:d3:b5:5a:3f:85:77:
         8e:3c:54:77:77:21:d7:f5:ae:16:b7:fe:d3:2b:d9:78:ad:bd:
         10:e9:85:d2:9d:66:d2:29:b9:e3:19:ee:68:e2:b3:10:e8:f7:
         b2:7c:0d:c9:13:5a:e3:a4:c6:0a:97:e1:a6:30:03:c9:f3:22:
         ca:80:93:ec:63:79:63:40:fd:2f:f7:eb:e9:2a:d5:3c:a8:d7:
         e8:d5:d0:31:3e:e6:3e:20:2d:af:b4:47:e7:8f:b6:01:30:92:
         15:62:20:bc:c6:28:cc:2a:64:6e:d1:fb:b1:aa:07:d7:48:04:
         61:3a:02:e0:15:33:ce:7f:7d:f0:2b:ae:2c:49:d3:e4:64:de:
         25:27:10:81:07:9c:68:f6:a7:9f:7b:c2:c5:4f:bc:2f:f2:bc:
         00:32:a3:67:89:8d:11:e5:42:84:8e:03:fe:7d:3c:25:d6:e1:
         bd:3b:58:7a:04:b9:9e:69:d6:57:2b:c2:19:0f:09:dc:20:5b:
         75:9a:06:b6:71:bb:88:ef:58:47:74:20:bb:73:ff:bc:5c:f8:
         e2:c9:ea:15:3c:84:cf:cd:ba:e3:89:af:c8:70:1f:60:00:38:
         85:db:49:4e:f2:e0:56:7a:42:fa:26:5a:3f:20:15:23:21:31:
         b0:a0:95:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBSYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDg5MUQxMTAvBgNVBAUTKDQxRDI2OEM1MTEzRUYzRUQ3QjE3M0I3ODBFMDE3RUQz
RkU4NTU1RjcwHhcNMjUwNzI2MjIwMTQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODg1NTA0OS1kNTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqPci6IgYnEl+P8T5iLbuG0g0ZluJ2Qtje7RVY9HI2PW5Y4ZSaSbRN+xCAV0F
QtYiHtt3Y1yYSKuViQRpxAMHq0wW3Q3rywPVGZBctqKJ3x9dRfujcULVrbxc0RbU
iyOK6it846eVFJT63F4xrkN5I+VwXlH8rBgNo1w/yc619OLSWE2k9GL2DOHN8clv
84JNKNJI2nTz6A9vmZ0CimXPpjrcWauwoHV+r/xKRUVJ5t1FP+yhbGVPxfxiKg0W
WT6fV1yjWc4UVXYhp1vfNYG7AR+QXdRee1UaWQGIi3BwfCUYamacWHDgi2OUUdP/
J6RHwCxMRpgUwL1Q7BE9UvavPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDJD5i8C
SqQlw9L1w11Aier5Ky1UMB8GA1UdIwQYMBaAFEHSaMURPvPtexc7eA4BftP+hVX3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODkxRC8zODFBOEYyQTFD
QzIxMUVCODJCNTcxNzhDNEY5QUUwMi9RZEpveFJFLTgtMTdGenQ0RGdGLTBfNkZW
ZmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FkSm94UkUtOC0xN0Z6dDREZ0YtMF82RlZmYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDg5MUQvMzgxQThGMkExQ0MyMTFFQjgyQjU3MTc4QzRGOUFFMDIvQTM1ODNCMjYx
NkI3MTFFQ0JENzUyRDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncZwwDQYJKoZIhvcNAQELBQADggEBAHBTmIf9WC/4e2RJ
wNO1Wj+Fd448VHd3Idf1rha3/tMr2XitvRDphdKdZtIpueMZ7mjisxDo97J8DckT
WuOkxgqX4aYwA8nzIsqAk+xjeWNA/S/36+kq1Tyo1+jV0DE+5j4gLa+0R+ePtgEw
khViILzGKMwqZG7R+7GqB9dIBGE6AuAVM85/ffArrixJ0+Rk3iUnEIEHnGj2p597
wsVPvC/yvAAyo2eJjRHlQoSOA/59PCXW4b07WHoEuZ5p1lcrwhkPCdwgW3WaBrZx
u4jvWEd0ILtz/7xc+OLJ6hU8hM/NuuOJr8hwH2AAOIXbSU7y4FZ6QvomWj8gFSMh
MbCglVs=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:23:47 2025 by rpki-client