Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/A90FD33E0B8911EFB4D34833C4F9AE02.roa
File: A90FD33E0B8911EFB4D34833C4F9AE02.roa (raw, json)
Hash identifier: 98Kg+dEllcjRE/KToy+u63qDxdc0bBuyC2hKw+f9Tp0=
Subject key identifier: 09:2D:61:69:3C:75:29:38:83:E3:3C:37:28:2F:FC:73:24:F3:18:E5
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 09F4
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/A90FD33E0B8911EFB4D34833C4F9AE02.roa
Signing time: Mon 06 May 2024 09:18:55 +0000
ROA not before: Mon 06 May 2024 09:18:55 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 23607
IP address blocks: 103.17.200.0/24 maxlen: 24
103.17.201.0/24 maxlen: 24
103.17.202.0/24 maxlen: 24
103.17.203.0/24 maxlen: 24
110.34.32.0/24 maxlen: 24
110.34.33.0/24 maxlen: 24
110.34.34.0/24 maxlen: 24
110.34.35.0/24 maxlen: 24
110.34.36.0/24 maxlen: 24
110.34.37.0/24 maxlen: 24
110.34.38.0/24 maxlen: 24
110.34.39.0/24 maxlen: 24
180.92.128.0/24 maxlen: 24
180.92.129.0/24 maxlen: 24
180.92.130.0/24 maxlen: 24
180.92.131.0/24 maxlen: 24
180.92.132.0/24 maxlen: 24
180.92.133.0/24 maxlen: 24
180.92.134.0/24 maxlen: 24
180.92.135.0/24 maxlen: 24
180.92.136.0/24 maxlen: 24
180.92.137.0/24 maxlen: 24
180.92.138.0/24 maxlen: 24
180.92.139.0/24 maxlen: 24
180.92.140.0/24 maxlen: 24
180.92.141.0/24 maxlen: 24
180.92.142.0/24 maxlen: 24
180.92.143.0/24 maxlen: 24
180.92.144.0/24 maxlen: 24
180.92.145.0/24 maxlen: 24
180.92.146.0/24 maxlen: 24
180.92.147.0/24 maxlen: 24
180.92.148.0/24 maxlen: 24
180.92.149.0/24 maxlen: 24
180.92.150.0/24 maxlen: 24
180.92.151.0/24 maxlen: 24
180.92.152.0/24 maxlen: 24
180.92.153.0/24 maxlen: 24
180.92.154.0/24 maxlen: 24
180.92.155.0/24 maxlen: 24
180.92.156.0/24 maxlen: 24
180.92.157.0/24 maxlen: 24
180.92.158.0/24 maxlen: 24
180.92.159.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
192.144.78.0/24 maxlen: 24
192.144.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2548 (0x9f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: May 6 09:18:55 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6638a07e-250d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b5:ad:a7:04:ba:85:9b:dc:49:9e:ab:e9:7e:
01:54:69:b4:f8:7d:83:dc:ee:bc:68:a3:16:b6:b2:
dd:95:af:e2:b1:7d:f9:99:fc:e1:0d:e6:99:09:0f:
aa:10:2d:14:28:05:b1:de:6b:f5:f5:14:e8:13:47:
af:c5:df:ad:1d:fe:4f:a4:df:96:3b:ed:8f:74:77:
37:0f:f2:f5:21:28:24:f7:fb:59:6b:d0:39:6d:09:
4d:18:0e:49:41:a0:b1:56:e5:d9:be:90:7a:2a:53:
f8:c7:86:d6:89:cb:d6:3d:86:be:70:d1:d4:73:7f:
6a:ee:bf:35:3c:3f:53:6d:23:a2:d2:5b:c9:e4:e2:
b7:e3:08:c1:d5:27:df:5e:95:a2:bb:ff:58:93:2d:
96:d5:2c:32:d0:94:20:76:a5:99:67:eb:10:ee:8b:
7f:dc:27:85:79:91:6c:fb:24:2e:49:5e:60:25:f8:
c7:32:5d:21:ee:6a:81:78:89:0f:34:e0:46:f6:96:
00:b4:a2:0f:56:4d:fd:3f:75:54:47:87:ca:aa:5f:
70:49:b6:bd:9a:87:3b:5a:54:40:1c:53:4a:08:22:
8f:f7:16:dc:1e:41:62:54:8a:be:cf:f8:9a:74:bc:
69:97:6c:80:a3:e5:c0:e5:20:0e:a4:f2:1a:28:be:
9a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2D:61:69:3C:75:29:38:83:E3:3C:37:28:2F:FC:73:24:F3:18:E5
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/A90FD33E0B8911EFB4D34833C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.200.0/22
110.34.32.0/21
180.92.128.0/19
192.135.90.0/23
192.144.78.0/23
Signature Algorithm: sha256WithRSAEncryption
77:e3:c7:ee:a0:55:ea:6a:e4:0e:6b:20:13:6b:40:50:09:b4:
1d:55:ca:c6:e1:48:56:6a:af:6c:01:74:82:27:88:b8:81:46:
1c:1f:9a:1b:cb:0f:d5:f9:ae:5f:23:37:00:c2:ae:4b:f7:a6:
41:1b:e9:c6:5b:fc:9c:af:75:28:1e:c6:b6:46:e6:e8:2e:9e:
22:de:46:2b:9b:1b:2b:69:db:ec:89:41:e2:f3:cd:fb:3f:e8:
f2:7f:5d:06:a2:a0:d4:fc:29:29:de:cf:d3:56:1c:ce:b5:61:
f0:b4:4e:8b:aa:57:d2:df:22:d5:9e:80:35:5d:6a:89:20:3e:
41:ff:8a:4e:21:9d:a9:a5:b3:06:d4:2d:26:c3:c2:60:65:09:
74:9e:de:da:47:81:8a:33:a1:0a:65:d2:4a:0a:c7:fe:43:5f:
72:e2:9b:ac:16:9e:68:a1:13:a5:ee:ae:ea:07:c4:27:45:c8:
65:c7:9d:40:0c:aa:85:bb:57:ea:cb:70:89:9e:94:97:98:df:
bc:58:8f:57:2c:cb:1e:60:81:f4:20:f9:7e:e0:50:25:74:77:
43:cf:ee:01:04:fc:f7:d0:b6:41:95:70:97:68:d6:dd:4f:19:
a9:83:24:e0:f4:8e:32:49:89:6c:76:ea:f8:95:9f:06:03:5c:
00:ca:63:79
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCfQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjQwNTA2MDkxODU1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4YTA3ZS0yNTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzrWtpwS6hZvcSZ6r6X4BVGm0+H2D3O68aKMWtrLdla/isX35mfzhDeaZCQ+q
EC0UKAWx3mv19RToE0evxd+tHf5PpN+WO+2PdHc3D/L1ISgk9/tZa9A5bQlNGA5J
QaCxVuXZvpB6KlP4x4bWicvWPYa+cNHUc39q7r81PD9TbSOi0lvJ5OK34wjB1Sff
XpWiu/9Yky2W1Swy0JQgdqWZZ+sQ7ot/3CeFeZFs+yQuSV5gJfjHMl0h7mqBeIkP
NOBG9pYAtKIPVk39P3VUR4fKql9wSba9moc7WlRAHFNKCCKP9xbcHkFiVIq+z/ia
dLxpl2yAo+XA5SAOpPIaKL6agQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAktYWk8
dSk4g+M8Nygv/HMk8xjlMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvQTkwRkQzM0Uw
Qjg5MTFFRkI0RDM0ODMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAJnEcgDBANuIiADBAW0XIADBAHAh1oDBAHAkE4wDQYJKoZI
hvcNAQELBQADggEBAHfjx+6gVepq5A5rIBNrQFAJtB1VysbhSFZqr2wBdIIniLiB
RhwfmhvLD9X5rl8jNwDCrkv3pkEb6cZb/JyvdSgexrZG5uguniLeRiubGytp2+yJ
QeLzzfs/6PJ/XQaioNT8KSnez9NWHM61YfC0TouqV9LfItWegDVdaokgPkH/ik4h
namlswbULSbDwmBlCXSe3tpHgYozoQpl0koKx/5DX3Lim6wWnmihE6XuruoHxCdF
yGXHnUAMqoW7V+rLcImelJeY37xYj1csyx5ggfQg+X7gUCV0d0PP7gEE/PfQtkGV
cJdo1t1PGamDJOD0jjJJiWx26viVnwYDXADKY3k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:05:32 2024 by rpki-client on console-fra.rpki-client.org