Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/326130323a356265303a3a2f34382d3438203d3e203432343237.roa
File: 326130323a356265303a3a2f34382d3438203d3e203432343237.roa (raw, json)
Hash identifier: d828k2ZAdZJtsXz9VFcmUcFl+og/xq1FoYCf+oDzYiE=
Subject key identifier: 35:87:AA:CB:33:97:89:AD:DA:C7:9F:B7:61:F4:ED:18:10:0E:F8:B8
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 3F8399942DA0DC55DC6EDF6B05420308E3CDCFEA
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/326130323a356265303a3a2f34382d3438203d3e203432343237.roa
Signing time: Fri 04 Jul 2025 12:05:12 +0000
ROA not before: Fri 04 Jul 2025 12:00:12 +0000
ROA not after: Fri 03 Jul 2026 12:05:12 +0000
asID: 42427
IP address blocks: 2a02:5be0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:83:99:94:2d:a0:dc:55:dc:6e:df:6b:05:42:03:08:e3:cd:cf:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Jul 4 12:00:12 2025 GMT
Not After : Jul 3 12:05:12 2026 GMT
Subject: CN=3587AACB339789ADDAC79FB761F4ED18100EF8B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:12:b0:20:98:04:14:0a:a4:76:68:3d:36:19:
2f:1f:62:7f:c2:08:1e:6f:4d:6c:0c:cc:78:cd:70:
67:e5:3f:c9:0c:e4:ff:d5:dc:07:dd:7f:74:b0:22:
58:98:8a:64:a3:a9:94:28:5c:55:f2:96:8f:96:c5:
b6:6e:ed:67:86:89:e5:3d:af:5b:4f:13:6e:57:3e:
b0:ca:f2:cb:f1:26:8c:0a:78:1a:89:9d:b3:fa:ee:
0b:41:38:01:e4:ba:34:a3:d3:1a:aa:7b:62:ed:fa:
c0:e4:fd:e9:47:9f:16:34:e8:9d:7a:36:90:1e:5c:
7e:ef:a3:36:da:ec:19:d9:5e:4f:95:5c:3e:4d:6a:
aa:c7:f4:86:4f:84:4e:99:42:32:42:12:8f:fa:90:
64:8f:04:58:33:0e:72:af:07:e3:b7:9f:2a:5b:3c:
be:82:07:3a:9e:30:0c:3b:14:10:23:c4:90:2d:a6:
37:bc:3a:89:5e:90:f8:d3:ef:6c:95:91:9a:ee:44:
df:58:2c:07:f6:e6:66:cc:83:cc:f0:69:b0:47:73:
84:a4:47:3c:4c:59:1c:d3:d7:b6:02:95:4b:c7:2a:
3c:74:ca:3c:44:a1:22:ef:f3:6b:12:98:20:af:32:
fd:74:92:46:6a:89:01:cd:9f:35:09:2c:8a:cc:f7:
02:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:87:AA:CB:33:97:89:AD:DA:C7:9F:B7:61:F4:ED:18:10:0E:F8:B8
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/326130323a356265303a3a2f34382d3438203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:5be0::/48
Signature Algorithm: sha256WithRSAEncryption
8f:db:f4:44:d6:5f:e9:4c:d9:a8:05:52:da:72:0b:27:95:00:
37:55:16:04:3f:7b:bc:ea:ff:1d:b0:b5:0d:62:da:11:4b:5f:
6a:3d:50:98:71:21:41:6a:e4:aa:89:cc:0e:aa:74:d3:ad:a8:
70:cf:88:d1:f4:b3:d0:a7:3a:15:c1:8a:42:17:07:c1:e3:01:
da:ee:da:dd:b8:6e:2b:bf:76:d0:bb:fc:76:ec:6e:60:fa:4c:
d6:66:68:b7:5c:d0:35:df:a5:f0:78:1e:e0:69:c6:8f:28:d5:
58:04:a6:dc:91:f4:84:36:36:b1:2a:72:8d:f6:f8:ec:bd:02:
f9:83:62:d8:6d:15:e1:a2:47:e8:71:1e:d2:7b:37:aa:cd:8e:
05:2a:12:19:35:87:35:8a:3d:4f:e9:29:1d:44:19:11:45:57:
77:91:36:f7:15:72:02:67:e2:0b:d8:93:38:42:35:47:0a:4b:
73:e0:8f:d4:c2:06:79:62:ce:ef:9e:ea:a7:b7:34:03:eb:b5:
23:71:ef:4b:79:8e:7d:ba:3e:b9:d0:36:8f:ee:ea:5a:a8:60:
c5:b1:7a:ee:5a:11:cd:5c:50:40:42:55:a3:0c:c2:ed:ac:ca:
e5:b9:6f:b9:72:4e:4e:67:c7:78:7e:45:ce:1c:d7:b8:07:b0:
40:48:4c:45
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIUP4OZlC2g3FXcbt9rBUIDCOPNz+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNTA3MDQxMjAwMTJaFw0yNjA3MDMxMjA1MTJaMDMxMTAvBgNV
BAMTKDM1ODdBQUNCMzM5Nzg5QUREQUM3OUZCNzYxRjRFRDE4MTAwRUY4QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsErAgmAQUCqR2aD02GS8fYn/C
CB5vTWwMzHjNcGflP8kM5P/V3Afdf3SwIliYimSjqZQoXFXylo+WxbZu7WeGieU9
r1tPE25XPrDK8svxJowKeBqJnbP67gtBOAHkujSj0xqqe2Lt+sDk/elHnxY06J16
NpAeXH7vozba7BnZXk+VXD5NaqrH9IZPhE6ZQjJCEo/6kGSPBFgzDnKvB+O3nypb
PL6CBzqeMAw7FBAjxJAtpje8OolekPjT72yVkZruRN9YLAf25mbMg8zwabBHc4Sk
RzxMWRzT17YClUvHKjx0yjxEoSLv82sSmCCvMv10kkZqiQHNnzUJLIrM9wKBAgMB
AAGjggH4MIIB9DAdBgNVHQ4EFgQUNYeqyzOXia3ax5+3YfTtGBAO+LgwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMjYxMzAzMjNhMzU2MjY1MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsG
AQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgJb4AAAMA0GCSqGSIb3DQEBCwUAA4IB
AQCP2/RE1l/pTNmoBVLacgsnlQA3VRYEP3u86v8dsLUNYtoRS19qPVCYcSFBauSq
icwOqnTTrahwz4jR9LPQpzoVwYpCFwfB4wHa7trduG4rv3bQu/x27G5g+kzWZmi3
XNA136XweB7gacaPKNVYBKbckfSENjaxKnKN9vjsvQL5g2LYbRXhokfocR7Sezeq
zY4FKhIZNYc1ij1P6SkdRBkRRVd3kTb3FXICZ+IL2JM4QjVHCktz4I/UwgZ5Ys7v
nuqntzQD67Ujce9LeY59uj650DaP7upaqGDFsXruWhHNXFBAQlWjDMLtrMrluW+5
ck5OZ8d4fkXOHNe4B7BASExF
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:44:03 2025 by rpki-client