Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/755E6B82D21C11EEA166891AC4F9AE02.roa
File: 755E6B82D21C11EEA166891AC4F9AE02.roa (raw, json)
Hash identifier: /u/t4eMfEaElWsqaVz2umVC/tBI8ufpCu4qgqFzHplc=
Subject key identifier: 8B:5E:71:5B:E7:40:79:49:60:6B:8E:DA:74:88:26:7C:7D:22:2C:E8
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 01CB
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/755E6B82D21C11EEA166891AC4F9AE02.roa
Signing time: Mon 06 May 2024 09:19:35 +0000
ROA not before: Mon 06 May 2024 09:19:35 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 136787
IP address blocks: 45.113.96.0/24 maxlen: 24
45.113.97.0/24 maxlen: 24
45.113.98.0/24 maxlen: 24
45.113.99.0/24 maxlen: 24
45.120.48.0/24 maxlen: 24
45.120.49.0/24 maxlen: 24
45.120.50.0/24 maxlen: 24
45.120.51.0/24 maxlen: 24
103.44.212.0/24 maxlen: 24
103.44.213.0/24 maxlen: 24
103.44.214.0/24 maxlen: 24
103.44.215.0/24 maxlen: 24
103.52.248.0/24 maxlen: 24
103.52.249.0/24 maxlen: 24
103.52.250.0/24 maxlen: 24
103.52.251.0/24 maxlen: 24
103.109.74.0/24 maxlen: 24
103.109.75.0/24 maxlen: 24
103.110.144.0/24 maxlen: 24
103.110.145.0/24 maxlen: 24
103.110.146.0/24 maxlen: 24
103.110.147.0/24 maxlen: 24
103.114.56.0/24 maxlen: 24
103.114.57.0/24 maxlen: 24
103.119.244.0/24 maxlen: 24
103.119.247.0/24 maxlen: 24
139.5.88.0/24 maxlen: 24
139.5.89.0/24 maxlen: 24
139.5.90.0/24 maxlen: 24
139.5.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 14 May 2024 05:40:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459 (0x1cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: May 6 09:19:35 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6638a0a7-5108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:75:fe:41:38:ff:61:58:06:69:99:40:09:24:
c1:b6:ee:79:87:eb:bb:d4:13:5b:73:8a:51:44:db:
ea:03:e9:a4:c1:30:f9:9c:37:73:9b:6a:aa:a2:2b:
d1:aa:2f:e2:22:5f:34:8f:5a:ab:68:8e:f5:11:da:
5b:9a:25:30:e0:73:8d:6f:50:cb:f0:3e:fd:bc:4e:
43:15:a9:6f:84:5c:91:c6:e4:b7:9f:82:91:97:33:
bc:a1:c0:5b:9b:3a:38:59:6d:20:b1:25:e7:7d:65:
f1:d1:a2:b9:ea:67:d9:d0:a6:54:e9:5d:fa:bf:f2:
55:4f:16:5b:eb:e5:6e:1d:0f:59:c1:bc:59:e6:a1:
cb:c7:d6:65:2a:7b:13:cf:61:2f:f8:c0:f8:39:5f:
27:e4:90:d9:86:3f:43:df:cb:31:c5:e3:94:9a:0d:
ce:93:d8:59:5f:b9:bd:d7:36:9e:b5:e6:9e:bd:d9:
ff:99:38:d5:0d:39:14:f2:65:38:e1:76:41:e9:32:
c2:a0:32:b8:49:93:51:fb:80:a2:83:d2:35:f6:21:
2d:05:1b:1d:99:08:56:64:dd:a9:84:f1:47:0b:9e:
b5:a9:f3:dc:d7:68:dd:3b:c0:45:47:56:ea:06:94:
11:8e:85:82:89:19:3f:55:1a:ef:77:a7:21:60:b0:
ee:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5E:71:5B:E7:40:79:49:60:6B:8E:DA:74:88:26:7C:7D:22:2C:E8
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/755E6B82D21C11EEA166891AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.113.96.0/22
45.120.48.0/22
103.44.212.0/22
103.52.248.0/22
103.109.74.0/23
103.110.144.0/22
103.114.56.0/23
103.119.244.0/24
103.119.247.0/24
139.5.88.0/22
Signature Algorithm: sha256WithRSAEncryption
36:dc:72:f0:2b:f9:f9:0f:18:f9:08:52:1e:48:4f:81:5b:1a:
49:b1:b2:33:96:b0:16:55:b3:98:92:dc:fd:2a:b9:63:66:39:
9d:92:52:19:57:42:8c:fe:62:f1:cc:d7:6b:a1:76:ca:9a:68:
6e:54:f9:7b:8c:23:0f:34:f3:ea:30:49:61:8d:78:ee:81:ce:
60:31:94:dc:bf:ae:ae:3f:b9:5c:1a:71:c3:38:fc:f2:4b:7b:
e5:c4:95:10:4e:49:42:d3:71:e1:ad:a9:34:e9:8e:3b:8f:57:
a6:39:7b:ac:7c:05:d0:9c:16:79:eb:09:74:9b:59:ce:05:f3:
c8:17:b3:88:1a:55:ee:5e:24:54:5f:7c:0e:4b:bc:c3:16:ae:
4b:76:d4:62:5b:c4:bf:5a:64:4d:3c:0f:c2:82:9c:1e:e5:5d:
d9:e6:c2:3b:d5:7b:b6:22:1e:ca:27:17:37:9c:ef:d7:c2:bc:
73:6f:77:39:34:93:e9:a3:0b:2a:bf:fe:b9:5c:10:a6:0a:bd:
35:80:90:4b:44:55:d8:14:27:54:25:d2:3a:b8:d6:8c:76:38:
59:07:e3:fd:c6:09:2d:04:b6:a2:e5:35:e4:43:01:a1:fa:58:
4d:9f:2f:78:de:fc:26:ff:fa:52:2c:98:43:a9:37:bf:38:73:
98:a2:b4:c9
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICAcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjQwNTA2MDkxOTM1WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4YTBhNy01MTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7HX+QTj/YVgGaZlACSTBtu55h+u71BNbc4pRRNvqA+mkwTD5nDdzm2qqoivR
qi/iIl80j1qraI71EdpbmiUw4HONb1DL8D79vE5DFalvhFyRxuS3n4KRlzO8ocBb
mzo4WW0gsSXnfWXx0aK56mfZ0KZU6V36v/JVTxZb6+VuHQ9ZwbxZ5qHLx9ZlKnsT
z2Ev+MD4OV8n5JDZhj9D38sxxeOUmg3Ok9hZX7m91zaeteaevdn/mTjVDTkU8mU4
4XZB6TLCoDK4SZNR+4Cig9I19iEtBRsdmQhWZN2phPFHC561qfPc12jdO8BFR1bq
BpQRjoWCiRk/VRrvd6chYLDuXQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFItecVvn
QHlJYGuO2nSIJnx9IizoMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvNzU1RTZCODJE
MjFDMTFFRUExNjY4OTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAItcWADBAIteDADBAJnLNQDBAJnNPgDBAFnbUoDBAJnbpAD
BAFncjgDBABnd/QDBABnd/cDBAKLBVgwDQYJKoZIhvcNAQELBQADggEBADbccvAr
+fkPGPkIUh5IT4FbGkmxsjOWsBZVs5iS3P0quWNmOZ2SUhlXQoz+YvHM12uhdsqa
aG5U+XuMIw808+owSWGNeO6BzmAxlNy/rq4/uVwaccM4/PJLe+XElRBOSULTceGt
qTTpjjuPV6Y5e6x8BdCcFnnrCXSbWc4F88gXs4gaVe5eJFRffA5LvMMWrkt21GJb
xL9aZE08D8KCnB7lXdnmwjvVe7YiHsonFzec79fCvHNvdzk0k+mjCyq//rlcEKYK
vTWAkEtEVdgUJ1Ql0jq41ox2OFkH4/3GCS0EtqLlNeRDAaH6WE2fL3je/Cb/+lIs
mEOpN784c5iitMk=
-----END CERTIFICATE-----
Generated at Tue May 7 06:30:14 2024 by rpki-client on console-ams.rpki-client.org