![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
File: 39312e3232302e34322e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: yroMtflQ9AO1G/JG/Sh8ZL1UcpymuSCmRSHbPQVOIZw=
Subject key identifier: 98:AB:0E:12:37:91:92:53:2E:9B:3E:47:9D:81:33:9B:79:33:44:0C
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 7002A8BE5AFDA53EE5BCC54752A803D16E59251E
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
Signing time: Fri 01 Sep 2023 11:14:34 +0000
ROA not before: Fri 01 Sep 2023 11:09:34 +0000
ROA not after: Fri 30 Aug 2024 11:14:34 +0000
asID: 42427
IP address blocks: 91.220.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:02:a8:be:5a:fd:a5:3e:e5:bc:c5:47:52:a8:03:d1:6e:59:25:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Sep 1 11:09:34 2023 GMT
Not After : Aug 30 11:14:34 2024 GMT
Subject: CN=98AB0E12379192532E9B3E479D81339B7933440C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0a:f1:fb:ca:65:51:44:b4:4e:4b:fa:09:89:
d8:0a:aa:4e:b4:f0:75:b8:0e:e4:18:46:ce:b6:09:
79:c1:59:64:87:15:54:d1:5f:f0:12:05:51:98:92:
ca:28:36:ba:75:d7:37:e9:a1:08:45:36:e5:98:66:
64:52:1d:e5:8b:e9:46:23:fe:16:06:46:e9:fe:9c:
ec:57:0a:a2:47:2e:ec:04:f0:b4:37:ee:48:63:20:
00:d9:8a:b6:fa:a4:a4:bf:48:8f:43:d9:e8:70:68:
77:19:44:8b:f4:ba:c6:e7:2b:f3:e3:27:f3:e3:1f:
36:15:71:7e:30:81:94:de:fd:8a:cb:c6:6e:ce:ae:
27:49:3a:8f:07:73:bd:01:47:09:ee:98:3c:aa:00:
d4:e6:ab:35:b4:da:f2:95:75:98:ff:32:05:06:b1:
18:75:ca:22:40:c9:6f:a6:e4:b5:7b:36:b4:a2:9f:
29:2a:61:06:c8:7e:bd:eb:fa:19:9b:78:d0:27:bb:
46:c4:1c:7e:13:7a:ba:37:c8:3a:df:5c:37:e1:5f:
46:e6:15:15:30:7b:f5:60:41:f5:ce:1c:49:37:d6:
94:a6:06:ae:b8:6c:08:29:7d:60:b7:ed:1b:51:ed:
28:44:bc:a9:b0:f8:5c:a0:72:61:05:85:91:e8:36:
26:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AB:0E:12:37:91:92:53:2E:9B:3E:47:9D:81:33:9B:79:33:44:0C
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.42.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:63:88:e7:66:13:9f:0c:a0:a6:bf:0c:3d:7c:f2:8c:2a:33:
05:84:30:0f:3d:c4:81:65:85:ba:2c:17:a7:7c:e0:ab:d1:4c:
1f:32:52:17:cb:b4:f3:52:df:83:c3:01:6d:d7:f7:b0:45:da:
b0:52:6e:26:ef:ed:d0:a3:7e:b7:1e:11:f5:6e:84:3f:49:ec:
b5:46:1a:e1:43:3d:34:85:60:36:e0:50:35:3d:57:51:ae:ef:
04:cb:c6:de:99:86:c8:fc:12:a9:d9:8e:81:76:1a:a8:bb:95:
98:c1:4d:8b:ac:78:d2:1d:7e:83:25:d5:bb:19:5d:f0:e6:93:
dd:4d:ee:99:d3:23:8e:52:6f:20:d5:87:3a:50:90:64:1f:9a:
03:10:99:b4:54:d1:8b:c9:92:8e:56:f9:7e:39:8f:07:17:05:
bb:93:ce:b2:1c:56:26:c6:8b:3e:f0:01:fc:a8:09:2d:31:5c:
53:b0:f6:43:49:9a:73:14:df:bc:b4:ec:f7:f1:d9:90:3b:a7:
50:4d:73:46:65:9c:98:17:08:f0:88:a4:cf:2a:e9:7b:7e:5b:
09:c1:07:35:31:e9:28:41:f9:e8:9f:b9:2f:40:0b:f7:cb:66:
5f:ab:c9:98:2f:bb:3e:82:d0:50:17:04:55:88:10:17:d2:96:
03:c0:f8:8b
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUcAKovlr9pT7lvMVHUqgD0W5ZJR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yMzA5MDExMTA5MzRaFw0yNDA4MzAxMTE0MzRaMDMxMTAvBgNV
BAMTKDk4QUIwRTEyMzc5MTkyNTMyRTlCM0U0NzlEODEzMzlCNzkzMzQ0MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQCvH7ymVRRLROS/oJidgKqk60
8HW4DuQYRs62CXnBWWSHFVTRX/ASBVGYksooNrp11zfpoQhFNuWYZmRSHeWL6UYj
/hYGRun+nOxXCqJHLuwE8LQ37khjIADZirb6pKS/SI9D2ehwaHcZRIv0usbnK/Pj
J/PjHzYVcX4wgZTe/YrLxm7OridJOo8Hc70BRwnumDyqANTmqzW02vKVdZj/MgUG
sRh1yiJAyW+m5LV7NrSinykqYQbIfr3r+hmbeNAnu0bEHH4Tero3yDrfXDfhX0bm
FRUwe/VgQfXOHEk31pSmBq64bAgpfWC37RtR7ShEvKmw+FygcmEFhZHoNiYjAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUmKsOEjeRklMumz5HnYEzm3kzRAwwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zOTMxMmUzMjMyMzAyZTM0MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wqMA0GCSqGSIb3DQEBCwUAA4IBAQCb
Y4jnZhOfDKCmvww9fPKMKjMFhDAPPcSBZYW6LBenfOCr0UwfMlIXy7TzUt+DwwFt
1/ewRdqwUm4m7+3Qo363HhH1boQ/Sey1RhrhQz00hWA24FA1PVdRru8Ey8bemYbI
/BKp2Y6Bdhqou5WYwU2LrHjSHX6DJdW7GV3w5pPdTe6Z0yOOUm8g1Yc6UJBkH5oD
EJm0VNGLyZKOVvl+OY8HFwW7k86yHFYmxos+8AH8qAktMVxTsPZDSZpzFN+8tOz3
8dmQO6dQTXNGZZyYFwjwiKTPKul7flsJwQc1MekoQfnon7kvQAv3y2Zfq8mYL7s+
gtBQFwRViBAX0pYDwPiL
-----END CERTIFICATE-----
Generated at Wed Jun 26 03:14:30 2024 by rpki-client on console-ams.rpki-client.org