Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
File: 52E1349E04D211E9BA47303FC4F9AE02.roa (raw, json)
Hash identifier: NnOsyq28owI341lZeddDnsvtMPzHqAa6f3Vdu56T0OY=
Subject key identifier: B3:C2:61:59:2C:2E:2F:D2:ED:A7:74:A7:73:65:EE:CD:2B:27:37:74
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1D33
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
Signing time: Tue 02 Jan 2024 16:54:35 +0000
ROA not before: Tue 02 Jan 2024 16:54:35 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 4813
IP address blocks: 121.10.40.0/24 maxlen: 24
125.88.15.0/24 maxlen: 24
125.88.58.0/24 maxlen: 24
125.88.59.0/24 maxlen: 24
125.88.60.0/23 maxlen: 23
125.88.88.0/24 maxlen: 24
125.88.103.0/24 maxlen: 24
125.88.108.0/23 maxlen: 23
125.88.114.0/24 maxlen: 24
125.88.115.0/24 maxlen: 24
125.88.116.0/22 maxlen: 22
125.88.120.0/23 maxlen: 23
125.88.124.0/22 maxlen: 22
125.88.128.0/20 maxlen: 20
202.96.168.0/24 maxlen: 24
202.103.182.0/24 maxlen: 24
202.105.2.0/23 maxlen: 23
202.105.5.0/24 maxlen: 24
202.105.7.0/24 maxlen: 24
202.105.80.0/22 maxlen: 22
202.105.212.0/23 maxlen: 23
202.105.214.0/24 maxlen: 24
202.105.215.0/24 maxlen: 24
202.105.240.0/22 maxlen: 22
218.13.104.0/22 maxlen: 22
218.13.108.0/22 maxlen: 22
218.13.112.0/22 maxlen: 22
218.13.118.0/23 maxlen: 23
218.13.120.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7475 (0x1d33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jan 2 16:54:35 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65943fcb-c627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:4b:c1:fc:5a:69:b8:93:c0:2b:58:cb:2b:
89:0f:09:e9:d8:c4:46:b7:00:d9:15:a3:6c:46:0b:
f9:e4:10:b3:28:7b:b9:ba:2c:5e:7a:ee:c6:b2:8d:
55:ea:c6:83:3e:ca:0d:e0:15:23:76:29:be:a7:e3:
d7:3d:ba:47:d1:12:c3:67:77:cb:5c:6b:04:27:61:
1e:5d:67:93:cf:0d:4b:95:60:9b:cc:65:0f:de:34:
e1:d3:5f:6d:48:9f:b8:db:2c:41:3b:e7:82:ec:d4:
b6:d7:53:f8:89:66:5d:75:5f:c7:d3:64:5e:69:c2:
56:93:45:b3:3e:5d:81:56:2e:ba:d6:6f:60:fa:5b:
4d:b0:c5:47:7e:be:8b:88:e5:b6:18:82:dd:57:66:
47:08:db:68:b3:05:96:71:1c:a8:b0:cc:ad:42:b5:
7e:02:32:08:90:41:6f:a4:05:96:28:81:bc:25:c7:
91:e1:84:8b:60:b0:11:6b:38:f1:1c:b1:f9:53:94:
98:fa:b1:53:d3:a8:67:78:29:21:ca:f9:0f:5d:b9:
07:aa:1c:a7:84:86:4e:d5:02:88:b7:27:d5:a1:a9:
12:25:8a:f6:b8:fc:a2:d6:b8:14:49:a3:2a:c6:4e:
88:64:7a:08:1d:a1:ee:66:a8:bc:72:cf:2f:ff:ec:
5e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C2:61:59:2C:2E:2F:D2:ED:A7:74:A7:73:65:EE:CD:2B:27:37:74
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.10.40.0/24
125.88.15.0/24
125.88.58.0-125.88.61.255
125.88.88.0/24
125.88.103.0/24
125.88.108.0/23
125.88.114.0-125.88.121.255
125.88.124.0-125.88.143.255
202.96.168.0/24
202.103.182.0/24
202.105.2.0/23
202.105.5.0/24
202.105.7.0/24
202.105.80.0/22
202.105.212.0/22
202.105.240.0/22
218.13.104.0-218.13.115.255
218.13.118.0-218.13.127.255
Signature Algorithm: sha256WithRSAEncryption
1b:c2:c0:43:2f:01:21:a4:15:3b:10:bf:67:93:fe:41:56:47:
8b:da:5c:6f:64:67:8d:38:63:ee:4d:55:2b:61:4e:bd:29:5f:
ad:46:a6:82:18:1b:58:23:93:15:22:2b:14:f7:ce:58:79:37:
6e:dd:54:97:92:aa:38:d0:c3:da:61:43:94:65:2e:a1:3c:c7:
e0:fe:87:d5:72:83:0b:ce:4a:33:73:c2:e2:cc:13:1d:df:a7:
87:fd:c2:b5:db:da:0e:d8:b5:7e:da:4a:1b:ea:57:d2:5e:b2:
d7:8e:65:4f:42:d6:1e:ff:88:e4:d2:5a:71:0e:58:9e:e1:be:
52:6e:00:a1:10:9a:74:a7:74:ec:45:d6:fa:bc:57:f4:61:fa:
ac:07:e6:60:dd:38:30:2d:22:73:bf:34:33:f3:c8:78:5a:15:
c3:be:4f:ff:41:7d:42:fb:01:9b:ab:52:62:1e:d8:cf:a9:3c:
26:75:1e:a3:9a:cc:1e:91:23:46:4a:27:2b:8a:b0:2e:ba:3f:
3b:6c:e8:7d:9a:98:42:8c:7c:e2:fb:46:08:93:b3:62:70:d5:
78:b9:72:ee:39:11:34:ab:01:eb:4f:1b:d1:6a:cc:1e:07:b9:
13:0a:00:03:2f:45:75:4b:36:cc:41:01:a7:e2:8e:20:33:26:
6a:74:8b:d1
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICHTMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwMTAyMTY1NDM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk0M2ZjYi1jNjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuuVLwfxaabiTwCtYyyuJDwnp2MRGtwDZFaNsRgv55BCzKHu5uixeeu7Gso1V
6saDPsoN4BUjdim+p+PXPbpH0RLDZ3fLXGsEJ2EeXWeTzw1LlWCbzGUP3jTh019t
SJ+42yxBO+eC7NS211P4iWZddV/H02ReacJWk0WzPl2BVi661m9g+ltNsMVHfr6L
iOW2GILdV2ZHCNtoswWWcRyosMytQrV+AjIIkEFvpAWWKIG8JceR4YSLYLARazjx
HLH5U5SY+rFT06hneCkhyvkPXbkHqhynhIZO1QKItyfVoakSJYr2uPyi1rgUSaMq
xk6IZHoIHaHuZqi8cs8v/+xeWwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFLPCYVks
Li/S7ad0p3Nl7s0rJzd0MB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNTJFMTM0OUUw
NEQyMTFFOUJBNDczMDNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGbBAIAATCBlAMEAHkKKAMEAH1YDzAMAwQBfVg6AwQBfVg8AwQAfVhY
AwQAfVhnAwQBfVhsMAwDBAF9WHIDBAF9WHgwDAMEAn1YfAMEBH1YgAMEAMpgqAME
AMpntgMEAcppAgMEAMppBQMEAMppBwMEAsppUAMEAspp1AMEAspp8DAMAwQD2g1o
AwQC2g1wMAwDBAHaDXYDBAfaDQAwDQYJKoZIhvcNAQELBQADggEBABvCwEMvASGk
FTsQv2eT/kFWR4vaXG9kZ404Y+5NVSthTr0pX61GpoIYG1gjkxUiKxT3zlh5N27d
VJeSqjjQw9phQ5RlLqE8x+D+h9VygwvOSjNzwuLMEx3fp4f9wrXb2g7YtX7aShvq
V9JesteOZU9C1h7/iOTSWnEOWJ7hvlJuAKEQmnSndOxF1vq8V/Rh+qwH5mDdODAt
InO/NDPzyHhaFcO+T/9BfUL7AZurUmIe2M+pPCZ1HqOazB6RI0ZKJyuKsC66Pzts
6H2amEKMfOL7RgiTs2Jw1Xi5cu45ETSrAetPG9FqzB4HuRMKAAMvRXVLNsxBAafi
jiAzJmp0i9E=
-----END CERTIFICATE-----
Generated at Thu May 16 17:51:20 2024 by rpki-client on console-ams.rpki-client.org