Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38362e302f32342d3234203d3e203432343237.roa
File: 3138352e35382e38362e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: 3ZAQR0aDnVN464TKwwfpN6LTQXfLEictWwMg0FYOe+0=
Subject key identifier: AD:CB:D9:54:2C:3E:87:86:16:26:28:71:0C:22:70:6B:F0:56:0D:F4
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 77186E622D343A7549DCAE9C1B6B8572365E0049
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38362e302f32342d3234203d3e203432343237.roa
Signing time: Fri 04 Jul 2025 12:05:11 +0000
ROA not before: Fri 04 Jul 2025 12:00:11 +0000
ROA not after: Fri 03 Jul 2026 12:05:11 +0000
asID: 42427
IP address blocks: 185.58.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:18:6e:62:2d:34:3a:75:49:dc:ae:9c:1b:6b:85:72:36:5e:00:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Jul 4 12:00:11 2025 GMT
Not After : Jul 3 12:05:11 2026 GMT
Subject: CN=ADCBD9542C3E8786162628710C22706BF0560DF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0f:27:a1:64:8a:cc:ed:2b:6b:43:99:b5:24:
36:1a:f9:e9:33:fb:f8:80:47:a7:ef:ef:d3:b6:dd:
a7:7c:05:30:ce:68:43:dd:95:7f:6b:29:73:cc:fb:
0a:dd:66:2c:c5:88:7a:6a:89:a4:09:f7:46:6d:33:
95:fc:d3:fd:4a:e3:fd:04:ed:89:be:a8:7d:10:b9:
f0:1c:58:17:c0:97:81:77:07:fa:35:d5:8f:4e:69:
ea:63:d8:47:15:4c:41:ec:7d:0d:a6:12:db:14:57:
b3:81:2c:c4:11:f3:8b:22:23:e0:44:c7:b2:c9:c9:
b2:40:1b:b3:71:de:1d:3c:92:77:bc:e5:4f:d4:58:
ef:84:d5:21:5c:1f:7d:8f:fb:bc:ca:ed:37:b5:6d:
9a:ef:fb:b4:20:29:77:44:f0:b7:2b:7a:a1:c3:24:
0f:8b:6f:4c:d4:4f:0d:28:c0:96:ef:58:b8:15:3a:
d3:b9:6e:99:89:84:ee:c5:51:fe:86:c1:33:1f:16:
0c:d9:95:3b:6f:e4:38:29:02:44:1c:21:31:56:27:
ee:76:42:11:fc:38:40:25:8c:87:7f:96:ee:ed:2d:
9e:6a:41:4d:c7:df:73:1b:2d:5b:51:83:60:d4:43:
36:49:d0:08:bb:f0:35:4d:87:1f:fa:6b:d1:0b:9e:
9e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:CB:D9:54:2C:3E:87:86:16:26:28:71:0C:22:70:6B:F0:56:0D:F4
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38362e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.86.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c7:9b:be:4d:85:77:e3:ab:93:71:95:2e:08:8b:dd:ad:11:
c9:38:ec:15:27:78:71:9f:9f:c7:21:db:df:07:7f:19:79:74:
a3:ae:02:93:62:30:31:11:79:08:54:a3:f4:43:2a:dd:4f:af:
03:3e:b1:56:a8:07:82:ca:c4:ec:73:b6:cc:63:4e:70:8c:0b:
dd:7c:48:e6:8a:c9:48:63:40:5c:61:f8:0e:53:24:ed:8e:6e:
cd:6c:27:2f:13:96:18:78:28:66:1b:3b:04:99:bb:11:08:f3:
46:8b:17:d1:e4:20:20:28:f7:0f:37:10:a1:56:2d:db:0b:23:
0a:00:f8:b6:55:67:6a:81:2d:26:5a:18:7f:8c:e5:ae:8e:d8:
26:bc:25:8f:84:d2:76:59:fc:47:b7:be:bf:10:67:5d:66:6c:
41:c7:a7:28:4c:3b:fe:f4:d0:73:04:9c:4d:f4:62:be:e1:62:
c2:6e:f9:6b:9a:94:19:93:1e:9e:bd:b6:a8:a5:ce:36:7a:a3:
da:90:d2:e0:90:72:ae:13:23:a0:fa:7b:af:34:57:a2:36:15:
b3:76:cf:44:3a:41:e2:50:40:2e:5a:77:44:dd:10:4f:d8:4d:
44:fd:72:ae:fd:7c:59:a5:e3:96:ef:98:9a:eb:bf:01:ae:a4:
a8:90:e6:15
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUdxhuYi00OnVJ3K6cG2uFcjZeAEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNTA3MDQxMjAwMTFaFw0yNjA3MDMxMjA1MTFaMDMxMTAvBgNV
BAMTKEFEQ0JEOTU0MkMzRTg3ODYxNjI2Mjg3MTBDMjI3MDZCRjA1NjBERjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFDyehZIrM7StrQ5m1JDYa+ekz
+/iAR6fv79O23ad8BTDOaEPdlX9rKXPM+wrdZizFiHpqiaQJ90ZtM5X80/1K4/0E
7Ym+qH0QufAcWBfAl4F3B/o11Y9Oaepj2EcVTEHsfQ2mEtsUV7OBLMQR84siI+BE
x7LJybJAG7Nx3h08kne85U/UWO+E1SFcH32P+7zK7Te1bZrv+7QgKXdE8LcreqHD
JA+Lb0zUTw0owJbvWLgVOtO5bpmJhO7FUf6GwTMfFgzZlTtv5DgpAkQcITFWJ+52
QhH8OEAljId/lu7tLZ5qQU3H33MbLVtRg2DUQzZJ0Ai78DVNhx/6a9ELnp6FAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUrcvZVCw+h4YWJihxDCJwa/BWDfQwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM4MzUyZTM1MzgyZTM4MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTpWMA0GCSqGSIb3DQEBCwUAA4IBAQAi
x5u+TYV346uTcZUuCIvdrRHJOOwVJ3hxn5/HIdvfB38ZeXSjrgKTYjAxEXkIVKP0
QyrdT68DPrFWqAeCysTsc7bMY05wjAvdfEjmislIY0BcYfgOUyTtjm7NbCcvE5YY
eChmGzsEmbsRCPNGixfR5CAgKPcPNxChVi3bCyMKAPi2VWdqgS0mWhh/jOWujtgm
vCWPhNJ2WfxHt76/EGddZmxBx6coTDv+9NBzBJxN9GK+4WLCbvlrmpQZkx6evbao
pc42eqPakNLgkHKuEyOg+nuvNFeiNhWzds9EOkHiUEAuWndE3RBP2E1E/XKu/XxZ
peOW75ia678BrqSokOYV
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:45:24 2025 by rpki-client