Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
File: 52E1349E04D211E9BA47303FC4F9AE02.roa (raw, json)
Hash identifier: j5lDrxfBeX2si0djPSCGpgdQ4uiqw+hqr/e7niE8XVQ=
Subject key identifier: 1F:53:67:09:19:C5:9C:C6:16:37:A3:9A:3D:69:B4:9B:C8:3E:A4:71
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1E29
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
Signing time: Fri 20 Sep 2024 16:34:58 +0000
ROA not before: Fri 20 Sep 2024 16:34:58 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 4813
IP address blocks: 121.10.40.0/24 maxlen: 24
125.88.15.0/24 maxlen: 24
125.88.58.0/24 maxlen: 24
125.88.59.0/24 maxlen: 24
125.88.60.0/23 maxlen: 23
125.88.88.0/24 maxlen: 24
125.88.103.0/24 maxlen: 24
125.88.108.0/23 maxlen: 23
125.88.114.0/24 maxlen: 24
125.88.115.0/24 maxlen: 24
125.88.116.0/22 maxlen: 22
125.88.120.0/23 maxlen: 23
125.88.124.0/22 maxlen: 22
125.88.128.0/20 maxlen: 20
202.96.168.0/24 maxlen: 24
202.103.182.0/24 maxlen: 24
202.105.2.0/23 maxlen: 23
202.105.5.0/24 maxlen: 24
202.105.7.0/24 maxlen: 24
202.105.80.0/22 maxlen: 22
202.105.212.0/23 maxlen: 23
202.105.214.0/24 maxlen: 24
202.105.215.0/24 maxlen: 24
202.105.240.0/22 maxlen: 22
218.13.104.0/22 maxlen: 22
218.13.108.0/22 maxlen: 22
218.13.112.0/22 maxlen: 22
218.13.118.0/23 maxlen: 23
218.13.120.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7721 (0x1e29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4
Validity
Not Before: Sep 20 16:34:58 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66eda431-36bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:6a:48:52:ce:29:65:14:f2:ba:33:f9:d6:
44:57:84:20:f3:57:e0:a6:62:6d:90:51:04:cc:ee:
d6:a5:74:26:2e:bf:73:4b:83:16:01:b4:30:b3:bd:
a2:23:1b:7e:a7:dc:8c:a3:2a:72:67:18:ef:66:2d:
0b:d1:73:36:87:49:7d:0a:e1:e8:1c:16:2a:9e:c2:
5a:22:54:57:bf:01:cf:97:50:02:0c:80:ae:8d:49:
41:48:e5:ce:1c:7f:ef:dc:7b:9c:5a:e1:bc:e9:5c:
7a:bf:4c:62:31:71:59:91:88:e4:6f:e9:e1:a6:74:
68:29:0a:48:80:87:06:b6:9e:61:08:90:57:24:84:
2d:34:e0:8d:78:cd:fe:43:60:91:6f:3a:c7:f6:a3:
5e:64:7a:c1:ab:a1:14:43:7f:44:14:a5:a7:8f:d4:
9f:30:b6:d9:ba:7a:cc:3c:af:b0:88:ef:b5:52:41:
9a:21:31:c6:54:8f:6e:79:d0:23:c9:00:c3:5b:d8:
c2:a5:e6:31:a6:3f:05:11:25:e0:c3:ed:dd:8b:c9:
e3:10:42:d8:d8:0d:a3:dc:10:38:e7:3c:02:2c:32:
d1:20:72:3e:25:fa:db:e8:c2:8d:4f:53:67:40:f9:
f7:ef:93:35:01:64:22:d7:6c:95:40:59:a5:79:d0:
43:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:53:67:09:19:C5:9C:C6:16:37:A3:9A:3D:69:B4:9B:C8:3E:A4:71
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/52E1349E04D211E9BA47303FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.10.40.0/24
125.88.15.0/24
125.88.58.0-125.88.61.255
125.88.88.0/24
125.88.103.0/24
125.88.108.0/23
125.88.114.0-125.88.121.255
125.88.124.0-125.88.143.255
202.96.168.0/24
202.103.182.0/24
202.105.2.0/23
202.105.5.0/24
202.105.7.0/24
202.105.80.0/22
202.105.212.0/22
202.105.240.0/22
218.13.104.0-218.13.115.255
218.13.118.0-218.13.127.255
Signature Algorithm: sha256WithRSAEncryption
2a:7b:69:10:94:cd:61:7b:1a:26:16:23:cb:37:27:45:60:b6:
1a:65:55:51:4c:a1:b0:43:45:8a:98:b4:25:0a:94:43:4d:28:
94:20:da:05:b6:9a:87:1f:59:4c:c8:cb:20:84:7a:55:c7:e7:
a5:de:b4:bc:8c:3a:ae:4e:78:68:06:66:f5:e9:ac:24:a0:7d:
68:8e:56:55:3d:bd:89:cc:17:df:e4:5e:3b:79:0d:d3:9d:b1:
0f:db:b1:4e:0a:fc:3f:46:c8:32:2e:52:3b:24:ea:8a:1f:fc:
89:3d:79:b3:3f:66:ce:94:d9:c7:fa:af:10:da:17:a2:ee:32:
78:76:62:a2:64:a3:ad:6e:f1:13:5d:a5:45:cf:e2:91:0b:4d:
a1:f8:3f:bf:6d:4c:8b:8c:c5:95:0c:9f:01:bd:16:fd:14:8b:
b4:e9:d8:b1:0c:36:e9:82:dd:3a:26:f7:f7:91:3b:b8:bc:b6:
8b:2c:37:de:67:e4:f2:e3:39:19:84:64:fc:dd:6c:db:79:b7:
b8:0d:49:08:26:5d:55:66:6e:6c:44:00:9d:5e:a4:be:bb:70:
b3:44:ca:da:b1:24:84:40:77:11:2a:2d:ed:f0:e4:6c:32:2a:
57:14:d1:50:ef:5f:0d:81:a3:f7:e6:5d:33:bc:f7:d5:3b:aa:
60:dc:45:4d
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICHikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwOTIwMTYzNDU4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVkYTQzMS0zNmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyKBqSFLOKWUU8roz+dZEV4Qg81fgpmJtkFEEzO7WpXQmLr9zS4MWAbQws72i
Ixt+p9yMoypyZxjvZi0L0XM2h0l9CuHoHBYqnsJaIlRXvwHPl1ACDICujUlBSOXO
HH/v3HucWuG86Vx6v0xiMXFZkYjkb+nhpnRoKQpIgIcGtp5hCJBXJIQtNOCNeM3+
Q2CRbzrH9qNeZHrBq6EUQ39EFKWnj9SfMLbZunrMPK+wiO+1UkGaITHGVI9uedAj
yQDDW9jCpeYxpj8FESXgw+3di8njEELY2A2j3BA45zwCLDLRIHI+Jfrb6MKNT1Nn
QPn375M1AWQi12yVQFmledBDgwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFB9TZwkZ
xZzGFjejmj1ptJvIPqRxMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNTJFMTM0OUUw
NEQyMTFFOUJBNDczMDNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGbBAIAATCBlAMEAHkKKAMEAH1YDzAMAwQBfVg6AwQBfVg8AwQAfVhY
AwQAfVhnAwQBfVhsMAwDBAF9WHIDBAF9WHgwDAMEAn1YfAMEBH1YgAMEAMpgqAME
AMpntgMEAcppAgMEAMppBQMEAMppBwMEAsppUAMEAspp1AMEAspp8DAMAwQD2g1o
AwQC2g1wMAwDBAHaDXYDBAfaDQAwDQYJKoZIhvcNAQELBQADggEBACp7aRCUzWF7
GiYWI8s3J0VgthplVVFMobBDRYqYtCUKlENNKJQg2gW2mocfWUzIyyCEelXH56Xe
tLyMOq5OeGgGZvXprCSgfWiOVlU9vYnMF9/kXjt5DdOdsQ/bsU4K/D9GyDIuUjsk
6oof/Ik9ebM/Zs6U2cf6rxDaF6LuMnh2YqJko61u8RNdpUXP4pELTaH4P79tTIuM
xZUMnwG9Fv0Ui7Tp2LEMNumC3Tom9/eRO7i8tossN95n5PLjORmEZPzdbNt5t7gN
SQgmXVVmbmxEAJ1epL67cLNEytqxJIRAdxEqLe3w5GwyKlcU0VDvXw2Bo/fmXTO8
99U7qmDcRU0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:13 2025 by rpki-client