![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38342e302f32342d3234203d3e203432343237.roa
File: 3138352e35382e38342e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: svptK9h46Br5qxmgcYM21UpciU5rfu6H4Ow7Lkw1kZ8=
Subject key identifier: 3A:3B:71:85:46:AD:48:D3:C3:66:1B:99:32:CD:93:F5:A9:55:A2:3B
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 1DD40568F412C33B65643DB11ED58786D1971C21
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38342e302f32342d3234203d3e203432343237.roa
Signing time: Fri 01 Sep 2023 11:14:33 +0000
ROA not before: Fri 01 Sep 2023 11:09:33 +0000
ROA not after: Fri 30 Aug 2024 11:14:33 +0000
asID: 42427
IP address blocks: 185.58.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d4:05:68:f4:12:c3:3b:65:64:3d:b1:1e:d5:87:86:d1:97:1c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Sep 1 11:09:33 2023 GMT
Not After : Aug 30 11:14:33 2024 GMT
Subject: CN=3A3B718546AD48D3C3661B9932CD93F5A955A23B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2b:ce:f5:60:a5:f6:6a:6d:e7:5b:b3:b8:e4:
91:62:9b:de:47:47:c8:63:ce:0c:60:46:e6:92:ab:
2a:8f:ca:ab:d5:a1:b9:cd:dd:c3:42:4e:d6:bd:c1:
b5:04:f2:86:c8:ac:6b:fd:5c:cc:72:06:15:09:ac:
65:a3:98:b3:6e:b7:eb:1b:31:86:06:62:3b:7c:cb:
5a:92:7d:33:73:9e:a3:2e:d3:ff:0b:f9:c9:fc:ab:
30:5c:7f:42:0c:5a:d8:36:d8:bf:6f:e1:cd:e0:dd:
f2:36:b8:fc:1e:0f:dc:1f:50:ef:f3:f2:27:73:8a:
87:61:29:9e:7a:7d:76:0a:83:e6:5d:eb:c9:44:62:
da:24:2d:ab:47:36:73:95:a5:4a:1e:2d:56:89:1e:
87:98:f4:ec:f5:8e:52:96:ab:8e:1d:78:d7:9b:d4:
d7:af:cd:0f:dc:84:10:30:99:2d:16:94:06:43:10:
7a:a6:a1:0f:c4:9a:95:7d:4a:1a:68:ee:aa:0e:e8:
5d:a5:1a:b8:3f:af:ca:ea:1b:38:34:d7:26:0d:c3:
85:ab:91:07:1d:2b:7b:28:ec:95:a4:ce:4b:27:cd:
83:a5:07:83:94:17:c7:d5:9b:87:a2:8c:d2:4d:cc:
43:36:35:86:5a:4f:8e:80:41:d7:86:6e:3c:06:90:
31:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3B:71:85:46:AD:48:D3:C3:66:1B:99:32:CD:93:F5:A9:55:A2:3B
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38342e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.84.0/24
Signature Algorithm: sha256WithRSAEncryption
56:aa:06:cc:7c:5a:51:a3:39:b7:ef:b9:c2:bf:e0:f9:b9:53:
67:0a:a3:52:6b:4d:43:56:0b:14:49:0e:f2:1a:29:50:7c:de:
de:10:cf:0e:32:d5:77:5a:06:e9:5b:60:e3:98:7b:08:d4:24:
c0:88:1e:e0:ee:e0:91:36:ee:a1:7c:e9:67:f2:50:56:fc:75:
b1:81:cc:c6:5d:93:43:1d:d2:b6:90:9f:73:38:e3:0d:6b:1b:
47:f5:f6:93:ed:ac:6c:e1:f9:dc:b0:5e:43:50:61:0c:6a:e9:
9d:a9:5f:00:79:03:96:f2:6a:90:1a:da:36:19:40:7e:f1:ae:
02:b8:25:ed:6d:42:1d:d6:b3:2f:ca:da:59:8a:da:a5:5b:69:
66:e6:eb:f5:7b:6d:1e:99:12:93:79:bf:f3:a7:04:e7:ca:16:
5b:e5:3f:80:1c:a0:07:7b:c0:d8:6d:eb:65:1a:e9:c6:1e:4b:
fc:83:e9:48:1c:19:c7:e4:4a:0d:ec:6d:c5:87:d5:0c:2d:85:
86:4f:b2:b0:ea:81:d6:25:2f:f8:bf:08:ca:52:57:c0:a0:a2:
97:88:9f:83:4e:a5:1f:b9:65:3d:0f:a4:a4:40:49:cd:91:f5:
54:35:36:20:f6:0a:6d:7a:f0:d8:ce:ae:f1:5d:9a:a5:bf:c3:
2d:51:f2:31
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUHdQFaPQSwztlZD2xHtWHhtGXHCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yMzA5MDExMTA5MzNaFw0yNDA4MzAxMTE0MzNaMDMxMTAvBgNV
BAMTKDNBM0I3MTg1NDZBRDQ4RDNDMzY2MUI5OTMyQ0Q5M0Y1QTk1NUEyM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHK871YKX2am3nW7O45JFim95H
R8hjzgxgRuaSqyqPyqvVobnN3cNCTta9wbUE8obIrGv9XMxyBhUJrGWjmLNut+sb
MYYGYjt8y1qSfTNznqMu0/8L+cn8qzBcf0IMWtg22L9v4c3g3fI2uPweD9wfUO/z
8idziodhKZ56fXYKg+Zd68lEYtokLatHNnOVpUoeLVaJHoeY9Oz1jlKWq44deNeb
1NevzQ/chBAwmS0WlAZDEHqmoQ/EmpV9Shpo7qoO6F2lGrg/r8rqGzg01yYNw4Wr
kQcdK3so7JWkzksnzYOlB4OUF8fVm4eijNJNzEM2NYZaT46AQdeGbjwGkDG5AgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUOjtxhUatSNPDZhuZMs2T9alVojswHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM4MzUyZTM1MzgyZTM4MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTpUMA0GCSqGSIb3DQEBCwUAA4IBAQBW
qgbMfFpRozm377nCv+D5uVNnCqNSa01DVgsUSQ7yGilQfN7eEM8OMtV3WgbpW2Dj
mHsI1CTAiB7g7uCRNu6hfOln8lBW/HWxgczGXZNDHdK2kJ9zOOMNaxtH9faT7axs
4fncsF5DUGEMaumdqV8AeQOW8mqQGto2GUB+8a4CuCXtbUId1rMvytpZitqlW2lm
5uv1e20emRKTeb/zpwTnyhZb5T+AHKAHe8DYbetlGunGHkv8g+lIHBnH5EoN7G3F
h9UMLYWGT7Kw6oHWJS/4vwjKUlfAoKKXiJ+DTqUfuWU9D6SkQEnNkfVUNTYg9gpt
evDYzq7xXZqlv8MtUfIx
-----END CERTIFICATE-----
Generated at Wed Jun 26 05:17:16 2024 by rpki-client on console-fra.rpki-client.org