Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/755E6B82D21C11EEA166891AC4F9AE02.roa
File: 755E6B82D21C11EEA166891AC4F9AE02.roa (raw, json)
Hash identifier: IjfhL1iMdoF6vbj8qmgjKEyAn1TdguzASGP9+nLwaQc=
Subject key identifier: EF:77:2B:84:AC:4D:CF:64:CA:BB:6A:36:F8:00:70:C8:B7:24:09:D6
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 023C
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/755E6B82D21C11EEA166891AC4F9AE02.roa
Signing time: Thu 05 Sep 2024 04:18:18 +0000
ROA not before: Thu 05 Sep 2024 04:18:18 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 136787
IP address blocks: 43.225.80.0/24 maxlen: 24
43.225.81.0/24 maxlen: 24
43.225.82.0/24 maxlen: 24
43.225.83.0/24 maxlen: 24
45.113.96.0/24 maxlen: 24
45.113.97.0/24 maxlen: 24
45.113.98.0/24 maxlen: 24
45.113.99.0/24 maxlen: 24
45.120.48.0/24 maxlen: 24
45.120.49.0/24 maxlen: 24
45.120.50.0/24 maxlen: 24
45.120.51.0/24 maxlen: 24
103.44.212.0/24 maxlen: 24
103.44.213.0/24 maxlen: 24
103.44.214.0/24 maxlen: 24
103.44.215.0/24 maxlen: 24
103.50.28.0/24 maxlen: 24
103.50.29.0/24 maxlen: 24
103.50.30.0/24 maxlen: 24
103.50.31.0/24 maxlen: 24
103.52.248.0/24 maxlen: 24
103.52.249.0/24 maxlen: 24
103.52.250.0/24 maxlen: 24
103.52.251.0/24 maxlen: 24
103.108.0.0/24 maxlen: 24
103.108.1.0/24 maxlen: 24
103.109.74.0/24 maxlen: 24
103.109.75.0/24 maxlen: 24
103.110.144.0/24 maxlen: 24
103.110.145.0/24 maxlen: 24
103.110.146.0/24 maxlen: 24
103.110.147.0/24 maxlen: 24
103.114.56.0/24 maxlen: 24
103.114.57.0/24 maxlen: 24
103.119.244.0/24 maxlen: 24
103.119.247.0/24 maxlen: 24
103.221.233.0/24 maxlen: 24
139.5.88.0/24 maxlen: 24
139.5.89.0/24 maxlen: 24
139.5.90.0/24 maxlen: 24
139.5.91.0/24 maxlen: 24
160.20.8.0/24 maxlen: 24
160.20.9.0/24 maxlen: 24
160.20.10.0/24 maxlen: 24
160.20.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 572 (0x23c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Sep 5 04:18:18 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9310a-7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cd:21:f5:5b:59:a8:13:fe:9c:56:45:c4:54:
71:3b:fe:86:09:8a:5f:46:f1:20:0d:4a:2a:27:4b:
90:ae:8b:27:6a:3f:32:c8:dc:73:62:23:88:d1:31:
58:0f:ee:d0:6d:d6:0e:12:90:42:02:73:da:c3:08:
29:85:ae:10:aa:28:cb:72:1b:1e:a3:0f:0b:1e:da:
7a:33:42:54:97:f7:57:cd:95:b5:f5:b4:3b:d7:0c:
81:68:f7:0b:d1:4d:88:8c:7f:44:4e:ec:e3:36:1e:
ff:bc:40:6e:e5:4c:08:f1:00:6a:14:3c:ee:01:87:
92:b2:2c:33:ab:48:6d:54:f0:fd:d2:ea:0d:4b:c8:
33:5b:cd:4c:4f:d5:d6:68:0a:ce:0c:27:b9:f3:7c:
e4:82:8e:ce:06:5d:bd:72:2b:eb:3f:2e:ce:9c:ca:
91:56:0e:79:1d:cf:ba:22:79:9b:1a:e6:13:8c:6a:
d0:67:d9:f7:af:36:33:32:2b:7d:ae:57:e6:ea:99:
4f:c2:01:f7:02:f0:34:79:1d:47:16:a3:d4:6f:0e:
a1:a6:2a:a4:1d:bf:3b:20:b6:f3:9f:92:7d:5a:d4:
d2:9d:dc:04:b5:61:ab:ba:7a:29:4a:ac:2d:f1:c6:
f9:a1:c3:59:8a:79:b7:a8:ec:43:d1:36:45:0d:31:
61:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:77:2B:84:AC:4D:CF:64:CA:BB:6A:36:F8:00:70:C8:B7:24:09:D6
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/755E6B82D21C11EEA166891AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.80.0/22
45.113.96.0/22
45.120.48.0/22
103.44.212.0/22
103.50.28.0/22
103.52.248.0/22
103.108.0.0/23
103.109.74.0/23
103.110.144.0/22
103.114.56.0/23
103.119.244.0/24
103.119.247.0/24
103.221.233.0/24
139.5.88.0/22
160.20.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:46:dd:c7:d0:1f:b1:af:fe:bd:23:ed:7c:ea:82:5c:7d:f0:
f4:5c:76:9b:9c:dc:27:ab:ad:d5:7f:f8:c3:55:41:06:59:86:
47:8e:93:c5:c5:a6:3c:43:88:1c:31:9f:28:f1:b5:3a:c6:5e:
a7:8f:2f:32:cb:98:6b:dd:4c:1b:d4:dc:62:60:c9:67:36:f9:
c1:6f:e2:71:43:bb:f3:2d:a6:e3:42:5f:0b:0a:0f:bd:63:93:
df:0f:05:34:6b:66:f2:02:63:14:86:7a:74:bc:7b:44:88:53:
f4:d4:32:5b:64:bd:9b:1d:0b:c2:ee:b7:c6:c2:81:2b:f4:4f:
a1:01:e5:43:6d:68:f9:45:67:c3:88:71:55:2d:80:12:5b:8f:
30:7a:0f:18:ac:55:ea:8e:56:06:6b:49:d2:14:c7:34:0f:76:
d8:1f:ea:6f:51:91:6f:7e:18:1d:4b:d9:ba:99:2e:b9:45:41:
d1:62:4a:ea:24:f5:06:bc:23:a8:b4:65:05:36:ef:38:85:cb:
d0:c2:b4:cb:c1:44:6d:fa:28:c7:b0:ae:01:a4:25:4d:b3:69:
d4:8f:5b:9f:49:31:c1:4d:60:8c:db:cf:ec:c0:14:90:4d:ad:
5d:e1:d5:0b:36:0a:74:fa:89:4c:92:bb:f3:d5:dd:7f:fa:f0:
da:48:65:a8
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjQwOTA1MDQxODE4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MzEwYS03ZTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA180h9VtZqBP+nFZFxFRxO/6GCYpfRvEgDUoqJ0uQrosnaj8yyNxzYiOI0TFY
D+7QbdYOEpBCAnPawwgpha4QqijLchseow8LHtp6M0JUl/dXzZW19bQ71wyBaPcL
0U2IjH9ETuzjNh7/vEBu5UwI8QBqFDzuAYeSsiwzq0htVPD90uoNS8gzW81MT9XW
aArODCe583zkgo7OBl29civrPy7OnMqRVg55Hc+6InmbGuYTjGrQZ9n3rzYzMit9
rlfm6plPwgH3AvA0eR1HFqPUbw6hpiqkHb87ILbzn5J9WtTSndwEtWGrunopSqwt
8cb5ocNZinm3qOxD0TZFDTFhdwIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFO93K4Ss
Tc9kyrtqNvgAcMi3JAnWMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvNzU1RTZCODJE
MjFDMTFFRUExNjY4OTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgABMFoDBAIr4VADBAItcWADBAIteDADBAJnLNQDBAJnMhwDBAJnNPgD
BAFnbAADBAFnbUoDBAJnbpADBAFncjgDBABnd/QDBABnd/cDBABn3ekDBAKLBVgD
BAKgFAgwDQYJKoZIhvcNAQELBQADggEBAE1G3cfQH7Gv/r0j7Xzqglx98PRcdpuc
3CerrdV/+MNVQQZZhkeOk8XFpjxDiBwxnyjxtTrGXqePLzLLmGvdTBvU3GJgyWc2
+cFv4nFDu/MtpuNCXwsKD71jk98PBTRrZvICYxSGenS8e0SIU/TUMltkvZsdC8Lu
t8bCgSv0T6EB5UNtaPlFZ8OIcVUtgBJbjzB6DxisVeqOVgZrSdIUxzQPdtgf6m9R
kW9+GB1L2bqZLrlFQdFiSuok9Qa8I6i0ZQU27ziFy9DCtMvBRG36KMewrgGkJU2z
adSPW59JMcFNYIzbz+zAFJBNrV3h1Qs2CnT6iUySu/PV3X/68NpIZag=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:12:03 2024 by rpki-client on console-fra.rpki-client.org