Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/AB156A360B8911EFB4D34833C4F9AE02.roa
File: AB156A360B8911EFB4D34833C4F9AE02.roa (raw, json)
Hash identifier: 33HawBvXGOI/bMTEAOvhDBAtnCTDMwBXwSfCa+1TG5s=
Subject key identifier: 96:F4:02:06:87:76:46:03:35:B4:A3:26:D8:10:7E:DC:22:52:8D:50
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 09F6
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/AB156A360B8911EFB4D34833C4F9AE02.roa
Signing time: Mon 06 May 2024 09:18:58 +0000
ROA not before: Mon 06 May 2024 09:18:58 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 55714
IP address blocks: 103.17.200.0/22 maxlen: 22
103.17.200.0/24 maxlen: 24
103.17.201.0/24 maxlen: 24
103.17.202.0/24 maxlen: 24
103.17.203.0/24 maxlen: 24
110.34.32.0/24 maxlen: 24
110.34.33.0/24 maxlen: 24
110.34.34.0/24 maxlen: 24
110.34.35.0/24 maxlen: 24
110.34.36.0/24 maxlen: 24
110.34.37.0/24 maxlen: 24
110.34.38.0/24 maxlen: 24
110.34.39.0/24 maxlen: 24
180.92.128.0/24 maxlen: 24
180.92.129.0/24 maxlen: 24
180.92.130.0/24 maxlen: 24
180.92.131.0/24 maxlen: 24
180.92.132.0/24 maxlen: 24
180.92.133.0/24 maxlen: 24
180.92.134.0/24 maxlen: 24
180.92.135.0/24 maxlen: 24
180.92.136.0/24 maxlen: 24
180.92.137.0/24 maxlen: 24
180.92.138.0/24 maxlen: 24
180.92.139.0/24 maxlen: 24
180.92.140.0/24 maxlen: 24
180.92.141.0/24 maxlen: 24
180.92.142.0/24 maxlen: 24
180.92.143.0/24 maxlen: 24
180.92.144.0/24 maxlen: 24
180.92.145.0/24 maxlen: 24
180.92.146.0/24 maxlen: 24
180.92.147.0/24 maxlen: 24
180.92.148.0/24 maxlen: 24
180.92.149.0/24 maxlen: 24
180.92.150.0/24 maxlen: 24
180.92.151.0/24 maxlen: 24
180.92.152.0/24 maxlen: 24
180.92.153.0/24 maxlen: 24
180.92.154.0/24 maxlen: 24
180.92.155.0/24 maxlen: 24
180.92.156.0/24 maxlen: 24
180.92.157.0/24 maxlen: 24
180.92.158.0/24 maxlen: 24
180.92.159.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
192.144.78.0/24 maxlen: 24
192.144.79.0/24 maxlen: 24
2406:f500::/32 maxlen: 32
2406:f500::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2550 (0x9f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: May 6 09:18:58 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6638a082-ff55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:21:f7:87:14:de:73:d6:5c:d5:3c:8a:ba:
19:6a:8f:17:c8:2c:80:d0:84:fc:b9:45:08:c7:a7:
80:24:2a:75:0f:90:b3:b5:cc:19:e9:ee:0e:20:5e:
7a:63:69:90:30:64:9b:d0:24:5a:78:9a:30:4a:51:
09:18:27:ba:f9:15:81:ba:4d:72:1b:37:d4:ad:65:
35:11:d7:a4:45:42:7a:53:86:3f:97:86:80:92:98:
34:03:88:72:94:05:7c:5e:bb:e8:aa:48:86:b0:c8:
1d:23:e6:f1:39:ef:3e:6a:c5:3d:2d:d3:56:6b:a2:
dc:72:97:f9:c7:24:5b:b9:af:c9:38:0d:22:a3:51:
85:6a:70:c8:d9:17:c7:6a:77:97:18:8c:a7:1a:5d:
6c:99:1b:da:8c:59:cb:50:75:99:99:c7:d8:ef:ac:
d5:a7:9e:c6:90:6f:a1:86:f5:c7:07:d1:d7:37:96:
0e:dc:a8:77:59:4a:cd:4a:60:65:cd:8b:c7:ce:6d:
52:c4:42:2e:55:14:f7:cc:ce:b5:31:8c:04:b9:39:
d6:e9:68:c3:26:55:c4:0b:71:28:67:62:a3:4b:f4:
f8:0f:c6:e2:e2:89:8c:98:9b:f6:6a:a8:1a:f8:e2:
5c:86:25:28:eb:26:73:c1:a9:75:b8:1d:99:b9:9e:
2e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F4:02:06:87:76:46:03:35:B4:A3:26:D8:10:7E:DC:22:52:8D:50
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/AB156A360B8911EFB4D34833C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.200.0/22
110.34.32.0/21
180.92.128.0/19
192.135.90.0/23
192.144.78.0/23
IPv6:
2406:f500::/32
Signature Algorithm: sha256WithRSAEncryption
9a:80:34:9a:2d:1c:78:23:fc:dc:d9:3b:f9:ca:98:c9:58:63:
f4:b2:5f:c7:a2:89:f5:2e:9d:da:e2:bb:b4:10:3a:88:a2:a6:
b4:96:cf:eb:fb:a5:c6:9c:28:00:87:c7:d4:9a:cb:aa:ce:77:
bb:01:32:62:9d:bf:9a:38:bf:0d:73:8b:d5:53:6d:c6:eb:5f:
7d:88:93:36:25:39:85:88:eb:9c:dc:1a:29:db:0b:6c:88:78:
79:29:6f:b8:ee:57:1d:7c:bc:cc:5d:5c:ac:22:b1:8d:0b:43:
d3:1e:1e:3f:5a:37:93:98:32:3b:89:b8:a6:97:b1:dc:52:7c:
c5:25:69:63:69:81:9a:be:6e:bb:5f:83:7b:19:3c:c0:1b:4b:
f0:26:80:fb:37:e7:bb:9c:74:c8:69:ef:93:23:91:1a:ec:28:
d3:b6:77:22:fe:68:7b:08:d5:16:12:d9:3e:0e:09:dd:cd:d0:
ba:c6:16:44:3f:9e:89:08:9e:1a:b5:b8:60:07:39:c5:c5:23:
04:83:ee:07:59:23:d1:e6:2f:f0:e5:92:49:ce:0c:01:25:a5:
fc:b2:68:8d:11:14:9b:c3:77:d9:2b:03:71:b6:32:02:3d:bc:
86:c2:44:55:69:1b:eb:2f:65:1b:0a:4b:1e:50:6f:fd:7c:74:
db:e0:d4:1b
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICCfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjQwNTA2MDkxODU4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4YTA4Mi1mZjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKYh94cU3nPWXNU8iroZao8XyCyA0IT8uUUIx6eAJCp1D5CztcwZ6e4OIF56
Y2mQMGSb0CRaeJowSlEJGCe6+RWBuk1yGzfUrWU1EdekRUJ6U4Y/l4aAkpg0A4hy
lAV8XrvoqkiGsMgdI+bxOe8+asU9LdNWa6Lccpf5xyRbua/JOA0io1GFanDI2RfH
aneXGIynGl1smRvajFnLUHWZmcfY76zVp57GkG+hhvXHB9HXN5YO3Kh3WUrNSmBl
zYvHzm1SxEIuVRT3zM61MYwEuTnW6WjDJlXEC3EoZ2KjS/T4D8bi4omMmJv2aqga
+OJchiUo6yZzwal1uB2ZuZ4ukQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFJb0AgaH
dkYDNbSjJtgQftwiUo1QMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvQUIxNTZBMzYw
Qjg5MTFFRkI0RDM0ODMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnEcgDBANuIiADBAW0XIADBAHAh1oDBAHAkE4wDQQCAAIw
BwMFACQG9QAwDQYJKoZIhvcNAQELBQADggEBAJqANJotHHgj/NzZO/nKmMlYY/Sy
X8eiifUundriu7QQOoiiprSWz+v7pcacKACHx9Say6rOd7sBMmKdv5o4vw1zi9VT
bcbrX32IkzYlOYWI65zcGinbC2yIeHkpb7juVx18vMxdXKwisY0LQ9MeHj9aN5OY
MjuJuKaXsdxSfMUlaWNpgZq+brtfg3sZPMAbS/AmgPs357ucdMhp75MjkRrsKNO2
dyL+aHsI1RYS2T4OCd3N0LrGFkQ/nokInhq1uGAHOcXFIwSD7gdZI9HmL/DlkknO
DAElpfyyaI0RFJvDd9krA3G2MgI9vIbCRFVpG+svZRsKSx5Qb/18dNvg1Bs=
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:52:44 2024 by rpki-client on console-fra.rpki-client.org