Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa
File: 8E652A7AC77611E68B1CDE6AC4F9AE02.roa (raw, json)
Hash identifier: Wf9gDz4SgwHMXZaATbqe72tgbhQrS+r0U7gGh2yqylk=
Subject key identifier: 44:CA:EF:DF:AB:6C:A2:68:2A:4A:12:56:DA:47:5F:02:89:C6:0C:6C
Certificate issuer: /CN=A914A140/serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A
Certificate serial: 1B9E
Authority key identifier: 05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa
Signing time: Tue 12 Sep 2023 16:33:30 +0000
ROA not before: Tue 12 Sep 2023 16:33:30 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 63526
IP address blocks: 45.125.220.0/22 maxlen: 22
45.125.220.0/22 maxlen: 24
45.125.220.0/23 maxlen: 23
45.125.220.0/24 maxlen: 24
45.125.221.0/24 maxlen: 24
45.125.222.0/23 maxlen: 23
45.125.222.0/24 maxlen: 24
45.125.223.0/24 maxlen: 24
103.239.252.0/22 maxlen: 22
103.239.252.0/22 maxlen: 24
103.239.252.0/24 maxlen: 24
103.239.252.0/25 maxlen: 25
103.239.252.128/25 maxlen: 25
103.239.253.0/24 maxlen: 24
103.239.253.0/25 maxlen: 25
103.239.253.128/25 maxlen: 25
103.239.254.0/24 maxlen: 24
103.239.254.0/25 maxlen: 25
103.239.254.128/25 maxlen: 25
103.239.255.0/24 maxlen: 24
103.239.255.0/25 maxlen: 25
103.239.255.128/25 maxlen: 25
2404:4580::/32 maxlen: 32
2404:4580::/48 maxlen: 48
2404:4580:1::/48 maxlen: 48
2404:4580:2::/48 maxlen: 48
2404:4580:3::/48 maxlen: 48
2404:4580:4::/48 maxlen: 48
2404:4580:5::/48 maxlen: 48
2404:4580:6::/48 maxlen: 48
2404:4580:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.crl
rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 16:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7070 (0x1b9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A140/serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A
Validity
Not Before: Sep 12 16:33:30 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=650092da-7808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9f:eb:90:f7:8a:87:b3:8e:64:ad:e2:85:40:
df:50:28:f6:db:4d:14:c8:a3:38:4d:0a:e5:75:45:
10:4d:cf:d8:20:f1:cf:45:60:cb:9c:4b:2e:a5:50:
0c:13:e0:3c:02:2d:1b:81:c8:90:77:eb:d1:b4:c3:
9f:14:06:22:e4:fd:70:0f:84:43:7e:dc:63:2c:a6:
ae:0e:ca:4c:1f:82:23:ae:73:7b:23:03:21:11:a2:
5b:1f:8e:a4:42:19:28:2d:91:e5:18:ac:17:0a:9d:
b7:f5:71:88:04:47:66:4e:1f:af:af:02:3f:04:61:
ac:5d:60:df:0e:22:bd:3f:b6:82:8a:cf:ff:93:63:
d7:20:45:0f:16:ce:2f:70:e0:4c:c1:0c:ba:9c:5b:
6f:c6:44:9f:d4:1a:77:1d:c1:6f:51:d2:f1:72:ab:
b6:70:12:ac:51:41:2e:bc:82:e4:5f:f1:d1:4d:e1:
df:11:66:b7:cc:6b:64:87:59:95:e9:2b:65:4a:64:
80:71:77:95:40:50:73:c5:4e:56:4f:a6:ba:e0:f0:
a6:e3:a3:cd:bd:fb:97:ec:18:09:52:2a:46:b6:ba:
cf:71:f0:fe:86:68:2a:7a:e5:ff:b6:cc:c5:f7:e5:
06:62:4b:29:c3:bf:e5:20:1a:22:a3:b7:b9:95:62:
94:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CA:EF:DF:AB:6C:A2:68:2A:4A:12:56:DA:47:5F:02:89:C6:0C:6C
X509v3 Authority Key Identifier:
keyid:05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.220.0/22
103.239.252.0/22
IPv6:
2404:4580::/32
Signature Algorithm: sha256WithRSAEncryption
b3:67:20:c6:e9:07:b5:be:3f:0f:2f:c9:6e:3b:f0:20:d6:42:
1d:3d:a2:3a:3a:b1:7f:75:fd:f2:5b:9f:3d:20:6e:e6:48:c9:
41:1b:36:22:43:98:02:87:bb:ce:92:67:b5:0d:7a:b2:93:05:
43:e8:ad:87:f7:87:9d:8d:b9:36:34:32:c5:93:9c:c6:88:7b:
cc:64:00:6e:0a:60:31:2f:72:8b:df:2b:bc:4b:ec:e6:f7:fe:
55:af:ac:4e:54:c2:0c:50:a8:0d:64:a2:c8:51:82:56:dd:20:
d8:f9:c9:44:c5:36:b7:35:91:8d:e6:14:15:6e:96:31:f3:e5:
8c:00:b4:a3:8b:39:88:85:04:24:0b:f9:8e:58:b9:7b:54:fb:
e1:73:cf:23:37:8d:e3:77:7c:2e:47:45:5c:56:3b:27:30:5b:
96:85:2b:0b:d9:97:b4:1b:b4:b0:65:0b:dd:ff:75:d7:14:92:
ea:33:d5:f6:1b:e9:17:51:0e:8c:2e:9f:d0:40:64:bc:8e:5b:
03:02:10:87:50:de:18:7e:30:ad:c1:a1:e8:b9:89:a8:cb:15:
27:0d:de:8a:82:1a:35:49:50:37:5d:d0:d5:8c:ee:96:a0:36:
73:a9:c5:a1:29:9b:54:90:66:77:8d:ef:c6:53:07:9f:79:34:
ad:fe:46:ea
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICG54wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEExNDAxMTAvBgNVBAUTKDA1MDIwRkJGMTAyMEZENjNCRTU3REExQjk3MDRCMEFB
ODEwMzQ0NEEwHhcNMjMwOTEyMTYzMzMwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAwOTJkYS03ODA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnJ/rkPeKh7OOZK3ihUDfUCj2200UyKM4TQrldUUQTc/YIPHPRWDLnEsupVAM
E+A8Ai0bgciQd+vRtMOfFAYi5P1wD4RDftxjLKauDspMH4IjrnN7IwMhEaJbH46k
QhkoLZHlGKwXCp239XGIBEdmTh+vrwI/BGGsXWDfDiK9P7aCis//k2PXIEUPFs4v
cOBMwQy6nFtvxkSf1Bp3HcFvUdLxcqu2cBKsUUEuvILkX/HRTeHfEWa3zGtkh1mV
6StlSmSAcXeVQFBzxU5WT6a64PCm46PNvfuX7BgJUipGtrrPcfD+hmgqeuX/tszF
9+UGYkspw7/lIBoio7e5lWKUewIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFETK79+r
bKJoKkoSVtpHXwKJxgxsMB8GA1UdIwQYMBaAFAUCD78QIP1jvlfaG5cEsKqBA0RK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTE0MC9DQzFEQ0NFOEM3
NzQxMUU2OTgxNkIwNjhDNEY5QUUwMi9CUUlQdnhBZ19XTy1WOW9ibHdTd3FvRURS
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JRSVB2eEFnX1dPLVY5b2Jsd1N3cW9FRFJFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEExNDAvQ0MxRENDRThDNzc0MTFFNjk4MTZCMDY4QzRGOUFFMDIvOEU2NTJBN0FD
Nzc2MTFFNjhCMUNERTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItfdwDBAJn7/wwDQQCAAIwBwMFACQERYAwDQYJKoZIhvcN
AQELBQADggEBALNnIMbpB7W+Pw8vyW478CDWQh09ojo6sX91/fJbnz0gbuZIyUEb
NiJDmAKHu86SZ7UNerKTBUPorYf3h52NuTY0MsWTnMaIe8xkAG4KYDEvcovfK7xL
7Ob3/lWvrE5UwgxQqA1koshRglbdINj5yUTFNrc1kY3mFBVuljHz5YwAtKOLOYiF
BCQL+Y5YuXtU++FzzyM3jeN3fC5HRVxWOycwW5aFKwvZl7QbtLBlC93/ddcUkuoz
1fYb6RdRDowun9BAZLyOWwMCEIdQ3hh+MK3Boei5iajLFScN3oqCGjVJUDdd0NWM
7pagNnOpxaEpm1SQZneN78ZTB595NK3+Ruo=
-----END CERTIFICATE-----
Generated at Fri May 24 18:22:54 2024 by rpki-client on console-ams.rpki-client.org