Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4DFBA2EA066011EEA5F59657C4F9AE02.roa
File: 4DFBA2EA066011EEA5F59657C4F9AE02.roa (raw, json)
Hash identifier: oCS0QFpM9WGeDXVhJLQGO+CnXgJIvqSKqwsoVw4j+c4=
Subject key identifier: B2:E4:77:D7:FC:00:52:A7:B0:0F:16:F8:EE:78:20:3B:B5:3C:31:B8
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1E24
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4DFBA2EA066011EEA5F59657C4F9AE02.roa
Signing time: Fri 20 Sep 2024 16:34:53 +0000
ROA not before: Fri 20 Sep 2024 16:34:53 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 38283
IP address blocks: 125.64.0.0/24 maxlen: 24
125.64.1.0/24 maxlen: 24
125.64.2.0/24 maxlen: 24
125.64.3.0/24 maxlen: 24
125.64.4.0/24 maxlen: 24
125.64.5.0/24 maxlen: 24
125.64.6.0/24 maxlen: 24
125.64.8.0/24 maxlen: 24
125.64.9.0/24 maxlen: 24
125.64.10.0/24 maxlen: 24
125.64.11.0/24 maxlen: 24
125.64.12.0/24 maxlen: 24
125.64.13.0/24 maxlen: 24
125.64.14.0/24 maxlen: 24
125.64.15.0/24 maxlen: 24
125.64.16.0/24 maxlen: 24
125.64.17.0/24 maxlen: 24
125.64.18.0/24 maxlen: 24
125.64.19.0/24 maxlen: 24
125.64.20.0/24 maxlen: 24
125.64.21.0/24 maxlen: 24
125.64.23.0/24 maxlen: 24
125.64.24.0/24 maxlen: 24
125.64.25.0/24 maxlen: 24
125.64.26.0/24 maxlen: 24
125.64.27.0/24 maxlen: 24
125.64.28.0/24 maxlen: 24
125.64.29.0/24 maxlen: 24
125.64.30.0/23 maxlen: 23
125.64.40.0/24 maxlen: 24
125.64.41.0/24 maxlen: 24
125.64.43.0/24 maxlen: 24
125.64.92.0/24 maxlen: 24
125.64.93.0/24 maxlen: 24
125.64.94.0/24 maxlen: 24
125.64.95.0/24 maxlen: 24
125.64.96.0/24 maxlen: 24
125.64.97.0/24 maxlen: 24
125.64.98.0/24 maxlen: 24
125.64.99.0/24 maxlen: 24
125.64.100.0/24 maxlen: 24
125.64.101.0/24 maxlen: 24
125.64.102.0/24 maxlen: 24
125.64.103.0/24 maxlen: 24
125.64.128.0/20 maxlen: 20
125.64.144.0/22 maxlen: 22
125.65.46.0/24 maxlen: 24
125.65.114.0/24 maxlen: 24
125.65.134.0/24 maxlen: 24
125.65.135.0/24 maxlen: 24
125.65.153.0/24 maxlen: 24
125.65.154.0/24 maxlen: 24
125.65.216.0/22 maxlen: 22
125.65.245.0/24 maxlen: 24
125.65.247.0/24 maxlen: 24
125.67.234.0/24 maxlen: 24
125.67.235.0/24 maxlen: 24
202.98.123.0/24 maxlen: 24
218.6.168.0/24 maxlen: 24
218.6.169.0/24 maxlen: 24
218.6.170.0/24 maxlen: 24
218.6.171.0/24 maxlen: 24
218.6.172.0/24 maxlen: 24
218.6.173.0/24 maxlen: 24
218.6.174.0/24 maxlen: 24
218.6.175.0/24 maxlen: 24
218.6.196.0/24 maxlen: 24
218.6.197.0/24 maxlen: 24
218.6.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7716 (0x1e24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Sep 20 16:34:53 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66eda42d-ed46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:62:ce:cb:eb:a3:cb:56:cb:f2:18:f7:5b:3d:
86:fb:83:4f:c2:5e:89:9b:df:78:06:d2:86:6a:f3:
89:00:40:6e:a7:07:99:58:96:a7:88:20:67:77:31:
39:f8:ef:f9:76:b2:88:25:e4:03:30:6f:20:ff:a6:
09:d8:51:07:c3:ab:ef:96:2b:8e:1b:a1:aa:2c:5d:
c7:1d:32:dc:6f:ed:95:ca:86:af:ec:3e:bd:d4:fc:
ed:4d:b1:33:e9:73:36:1b:ad:d9:b3:ae:27:ad:22:
35:2d:d9:67:70:1b:ee:a4:f6:0d:41:68:10:b1:f0:
23:47:7e:6c:a6:41:9c:34:7d:ae:74:17:f2:d5:19:
bd:03:60:cb:da:05:40:d9:98:10:ec:33:ce:31:d7:
60:01:f0:52:f8:e9:05:d8:b2:1c:63:df:3c:56:d1:
ff:74:1e:3b:72:64:36:ca:9b:8b:e5:d9:0c:d6:ed:
8e:8c:a6:a4:12:40:99:4d:7a:92:da:51:da:35:30:
9e:75:5a:fe:8b:d8:74:1b:c8:63:a9:0d:ef:18:e4:
b2:ba:04:a5:cb:5d:06:86:ec:f4:10:88:dd:ad:64:
dc:45:df:4a:ee:9c:f5:1c:3b:03:f5:1b:05:70:0e:
4d:b8:9d:3e:5c:20:41:41:5d:32:fa:74:13:3f:b0:
99:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E4:77:D7:FC:00:52:A7:B0:0F:16:F8:EE:78:20:3B:B5:3C:31:B8
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4DFBA2EA066011EEA5F59657C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.64.0.0-125.64.6.255
125.64.8.0-125.64.21.255
125.64.23.0-125.64.31.255
125.64.40.0/23
125.64.43.0/24
125.64.92.0-125.64.103.255
125.64.128.0-125.64.147.255
125.65.46.0/24
125.65.114.0/24
125.65.134.0/23
125.65.153.0-125.65.154.255
125.65.216.0/22
125.65.245.0/24
125.65.247.0/24
125.67.234.0/23
202.98.123.0/24
218.6.168.0/21
218.6.196.0-218.6.198.255
Signature Algorithm: sha256WithRSAEncryption
6c:5d:e8:b2:6d:75:33:46:db:7a:a4:92:46:44:bc:c5:96:79:
90:de:66:69:b3:67:50:3f:4c:05:66:68:3d:a0:6a:63:7b:a4:
e8:8f:12:f4:72:cf:f0:64:3f:76:fa:89:c0:99:7b:2f:56:ef:
1c:e5:31:6a:e6:5d:89:c8:ee:0b:6e:0c:23:6a:52:9b:20:f8:
12:65:b8:56:8f:ca:f3:cb:17:64:11:42:65:d6:46:08:1e:65:
7a:e7:9c:bf:fe:4a:d0:18:1e:86:00:a9:90:d7:32:40:2c:ae:
00:47:44:ca:ee:98:52:1b:1f:f0:c1:be:db:d7:5f:06:b5:a7:
39:33:e9:bb:66:6c:55:cb:94:5d:0f:30:0a:b7:5d:01:d8:3d:
ad:39:ed:e8:88:98:30:bb:d6:c8:a2:ce:c3:95:4c:45:cc:80:
a1:49:81:c5:d7:21:4a:76:2a:d4:fa:b4:47:5b:3d:93:57:c7:
fe:93:c4:05:a0:d1:15:61:ad:ae:ad:75:23:7c:ab:95:21:76:
12:c6:70:46:64:26:0f:62:80:1c:42:01:88:d2:f9:93:e9:7e:
46:82:af:3e:02:0f:d8:43:e3:89:f9:c5:26:e2:86:02:38:63:
97:78:19:b3:47:ea:92:81:29:7a:41:ea:fa:c2:b5:f7:58:03:
01:1a:37:ab
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgICHiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwOTIwMTYzNDUzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVkYTQyZC1lZDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs2LOy+ujy1bL8hj3Wz2G+4NPwl6Jm994BtKGavOJAEBupweZWJaniCBndzE5
+O/5drKIJeQDMG8g/6YJ2FEHw6vvliuOG6GqLF3HHTLcb+2Vyoav7D691PztTbEz
6XM2G63Zs64nrSI1LdlncBvupPYNQWgQsfAjR35spkGcNH2udBfy1Rm9A2DL2gVA
2ZgQ7DPOMddgAfBS+OkF2LIcY988VtH/dB47cmQ2ypuL5dkM1u2OjKakEkCZTXqS
2lHaNTCedVr+i9h0G8hjqQ3vGOSyugSly10Ghuz0EIjdrWTcRd9K7pz1HDsD9RsF
cA5NuJ0+XCBBQV0y+nQTP7CZ2QIDAQABo4IDNzCCAzMwHQYDVR0OBBYEFLLkd9f8
AFKnsA8W+O54IDu1PDG4MB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNERGQkEyRUEw
NjYwMTFFRUE1RjU5NjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcAGCCsGAQUFBwEHAQH/
BIGwMIGtMIGqBAIAATCBozALAwMGfUADBAB9QAYwDAMEA31ACAMEAX1AFDAMAwQA
fUAXAwQFfUAAAwQBfUAoAwQAfUArMAwDBAJ9QFwDBAN9QGAwDAMEB31AgAMEAn1A
kAMEAH1BLgMEAH1BcgMEAX1BhjAMAwQAfUGZAwQAfUGaAwQCfUHYAwQAfUH1AwQA
fUH3AwQBfUPqAwQAymJ7AwQD2gaoMAwDBALaBsQDBADaBsYwDQYJKoZIhvcNAQEL
BQADggEBAGxd6LJtdTNG23qkkkZEvMWWeZDeZmmzZ1A/TAVmaD2gamN7pOiPEvRy
z/BkP3b6icCZey9W7xzlMWrmXYnI7gtuDCNqUpsg+BJluFaPyvPLF2QRQmXWRgge
ZXrnnL/+StAYHoYAqZDXMkAsrgBHRMrumFIbH/DBvtvXXwa1pzkz6btmbFXLlF0P
MAq3XQHYPa057eiImDC71siizsOVTEXMgKFJgcXXIUp2KtT6tEdbPZNXx/6TxAWg
0RVhra6tdSN8q5UhdhLGcEZkJg9igBxCAYjS+ZPpfkaCrz4CD9hD44n5xSbihgI4
Y5d4GbNH6pKBKXpB6vrCtfdYAwEaN6s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:31:42 2024 by rpki-client on console-fra.rpki-client.org