Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa
File: 8E652A7AC77611E68B1CDE6AC4F9AE02.roa (raw, json)
Hash identifier: nQvCGi6jeXRQddJ1rEuK0BsRcyU/PM81aNvBcFuVAoE=
Subject key identifier: 84:7E:1C:7F:78:91:F8:54:DD:BD:D6:65:E0:8B:35:95:B6:AB:88:31
Certificate issuer: /CN=A914A140/serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A
Certificate serial: 1C5F
Authority key identifier: 05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa
Signing time: Wed 18 Sep 2024 16:33:52 +0000
ROA not before: Wed 18 Sep 2024 16:33:52 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 63526
IP address blocks: 45.125.220.0/22 maxlen: 22
45.125.220.0/22 maxlen: 24
45.125.220.0/23 maxlen: 23
45.125.220.0/24 maxlen: 24
45.125.221.0/24 maxlen: 24
45.125.222.0/23 maxlen: 23
45.125.222.0/24 maxlen: 24
45.125.223.0/24 maxlen: 24
103.239.252.0/22 maxlen: 22
103.239.252.0/22 maxlen: 24
103.239.252.0/24 maxlen: 24
103.239.252.0/25 maxlen: 25
103.239.252.128/25 maxlen: 25
103.239.253.0/24 maxlen: 24
103.239.253.0/25 maxlen: 25
103.239.253.128/25 maxlen: 25
103.239.254.0/24 maxlen: 24
103.239.254.0/25 maxlen: 25
103.239.254.128/25 maxlen: 25
103.239.255.0/24 maxlen: 24
103.239.255.0/25 maxlen: 25
103.239.255.128/25 maxlen: 25
2404:4580::/32 maxlen: 32
2404:4580::/48 maxlen: 48
2404:4580:1::/48 maxlen: 48
2404:4580:2::/48 maxlen: 48
2404:4580:3::/48 maxlen: 48
2404:4580:4::/48 maxlen: 48
2404:4580:5::/48 maxlen: 48
2404:4580:6::/48 maxlen: 48
2404:4580:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.crl
rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7263 (0x1c5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A140/serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A
Validity
Not Before: Sep 18 16:33:52 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66eb00f0-0e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:31:85:a6:7d:2c:1a:76:23:d6:d2:2f:04:09:
82:86:a9:c6:aa:f2:1e:b0:f9:21:a9:2e:bb:14:d1:
12:c7:d3:af:4d:e7:ee:8e:7d:e1:5f:1b:3e:c8:1f:
6d:15:47:bb:f5:79:a2:37:a0:75:3c:42:a4:2b:46:
ad:f0:20:0e:05:72:fc:05:93:79:aa:aa:a7:bd:62:
30:87:27:d3:39:5c:8e:92:96:13:1d:1f:8f:25:cf:
fb:d3:e4:a5:c9:2e:92:00:16:33:12:42:db:d1:7d:
b6:09:a9:dc:96:aa:e7:1d:38:37:bf:93:ef:85:73:
dd:93:69:33:1e:d7:6a:f2:e1:cc:09:29:69:1b:99:
8b:ed:d2:02:54:8e:de:c7:a6:7e:ea:18:8a:83:aa:
0b:b9:71:03:0f:64:b6:58:0b:14:6a:7b:0d:01:61:
a6:d7:fb:b3:ad:58:f9:39:3e:f3:5d:06:9b:eb:1b:
83:ec:62:51:8d:e3:e9:b7:46:56:e8:80:0d:1f:3b:
33:f2:75:ff:ff:e7:8a:1a:ac:2f:64:52:26:01:33:
cc:24:08:37:c4:2a:23:c9:97:1c:7d:78:da:f0:d0:
3a:c2:d4:09:53:4d:d0:20:6a:81:fe:d5:44:83:63:
83:45:7d:10:48:15:a9:83:46:27:17:88:8d:62:59:
39:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7E:1C:7F:78:91:F8:54:DD:BD:D6:65:E0:8B:35:95:B6:AB:88:31
X509v3 Authority Key Identifier:
keyid:05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.220.0/22
103.239.252.0/22
IPv6:
2404:4580::/32
Signature Algorithm: sha256WithRSAEncryption
dd:60:fc:f6:9e:47:aa:2d:1c:15:f3:cc:dc:fb:5b:c1:f8:39:
cf:88:51:c6:54:0d:f9:24:66:a2:a4:dd:3a:58:6c:7d:e2:02:
df:9a:a7:59:6a:5a:bc:8b:f5:2f:ce:6e:c8:71:6e:54:ca:05:
c2:bc:90:ba:69:93:8e:f4:4e:dd:89:0b:5d:70:da:28:6b:e4:
ae:f9:0b:2d:9c:d8:b4:ac:14:73:12:f5:17:7a:e6:35:f3:4f:
91:37:68:65:f3:86:11:a6:b5:9c:64:14:81:41:24:72:d8:b5:
9f:dd:90:93:65:ce:9e:1e:d8:80:3e:2d:24:93:66:1b:26:c4:
4c:32:ac:59:5c:84:df:5b:e4:4c:b2:d5:c5:44:86:21:da:d1:
69:24:1c:3a:be:dc:4d:2d:38:f0:da:d0:5a:91:4e:dc:43:4f:
70:96:7a:5c:c0:3c:8d:c3:e0:4d:54:26:c4:b2:aa:d9:95:a1:
7a:47:b9:a8:c7:f4:26:66:1b:b2:40:b1:86:f6:17:97:c4:34:
39:c1:6a:b8:9a:42:31:a6:a3:01:2a:d4:89:99:43:ef:63:b5:
10:78:46:4f:ed:07:0d:a4:6a:0e:e0:dc:ca:d7:94:6d:06:ab:
91:fa:a2:17:8a:31:31:53:49:04:85:9b:75:9c:ee:c4:54:7f:
ad:cc:1c:b3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICHF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEExNDAxMTAvBgNVBAUTKDA1MDIwRkJGMTAyMEZENjNCRTU3REExQjk3MDRCMEFB
ODEwMzQ0NEEwHhcNMjQwOTE4MTYzMzUyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmViMDBmMC0wZTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzGFpn0sGnYj1tIvBAmChqnGqvIesPkhqS67FNESx9OvTefujn3hXxs+yB9t
FUe79XmiN6B1PEKkK0at8CAOBXL8BZN5qqqnvWIwhyfTOVyOkpYTHR+PJc/70+Sl
yS6SABYzEkLb0X22CanclqrnHTg3v5PvhXPdk2kzHtdq8uHMCSlpG5mL7dICVI7e
x6Z+6hiKg6oLuXEDD2S2WAsUansNAWGm1/uzrVj5OT7zXQab6xuD7GJRjePpt0ZW
6IANHzsz8nX//+eKGqwvZFImATPMJAg3xCojyZccfXja8NA6wtQJU03QIGqB/tVE
g2ODRX0QSBWpg0YnF4iNYlk57wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIR+HH94
kfhU3b3WZeCLNZW2q4gxMB8GA1UdIwQYMBaAFAUCD78QIP1jvlfaG5cEsKqBA0RK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTE0MC9DQzFEQ0NFOEM3
NzQxMUU2OTgxNkIwNjhDNEY5QUUwMi9CUUlQdnhBZ19XTy1WOW9ibHdTd3FvRURS
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JRSVB2eEFnX1dPLVY5b2Jsd1N3cW9FRFJFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEExNDAvQ0MxRENDRThDNzc0MTFFNjk4MTZCMDY4QzRGOUFFMDIvOEU2NTJBN0FD
Nzc2MTFFNjhCMUNERTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItfdwDBAJn7/wwDQQCAAIwBwMFACQERYAwDQYJKoZIhvcN
AQELBQADggEBAN1g/PaeR6otHBXzzNz7W8H4Oc+IUcZUDfkkZqKk3TpYbH3iAt+a
p1lqWryL9S/ObshxblTKBcK8kLppk470Tt2JC11w2ihr5K75Cy2c2LSsFHMS9Rd6
5jXzT5E3aGXzhhGmtZxkFIFBJHLYtZ/dkJNlzp4e2IA+LSSTZhsmxEwyrFlchN9b
5Eyy1cVEhiHa0WkkHDq+3E0tOPDa0FqRTtxDT3CWelzAPI3D4E1UJsSyqtmVoXpH
uajH9CZmG7JAsYb2F5fENDnBariaQjGmowEq1ImZQ+9jtRB4Rk/tBw2kag7g3MrX
lG0Gq5H6oheKMTFTSQSFm3Wc7sRUf63MHLM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:44 2024 by rpki-client on console-fra.rpki-client.org