Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
File: 39312e3232302e34322e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: G7OD8O0f2CTZzcSM1NC9tNbiD5rr/NSwXXsUB8QMLJQ=
Subject key identifier: 9D:D2:4C:7F:DB:1C:02:53:AE:89:FC:B1:9B:D1:30:45:F0:61:2C:3D
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 115A1CE877D658BB847460EC97520AC63E7ABD42
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
Signing time: Fri 04 Jul 2025 12:05:11 +0000
ROA not before: Fri 04 Jul 2025 12:00:11 +0000
ROA not after: Fri 03 Jul 2026 12:05:11 +0000
asID: 42427
IP address blocks: 91.220.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:5a:1c:e8:77:d6:58:bb:84:74:60:ec:97:52:0a:c6:3e:7a:bd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Jul 4 12:00:11 2025 GMT
Not After : Jul 3 12:05:11 2026 GMT
Subject: CN=9DD24C7FDB1C0253AE89FCB19BD13045F0612C3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6d:92:39:e6:cd:3b:9d:bc:93:24:dc:91:17:
43:5a:c5:eb:bd:f3:18:5b:75:c7:ec:1d:a0:36:5f:
c1:e3:fe:c9:29:ff:3f:72:6d:32:05:8d:67:d3:fa:
57:a8:42:b4:7b:a7:ad:f9:ae:9a:4b:ab:a9:6e:7e:
d9:ec:d2:92:39:52:85:8f:ab:3c:89:5f:8b:63:04:
ed:12:02:ca:b4:92:20:0e:42:a2:13:65:95:3c:55:
d1:1d:ee:13:16:36:03:82:34:e0:35:22:78:c0:42:
26:63:3e:c7:6a:7c:f7:17:96:a6:7d:44:bf:7a:3f:
f9:cf:99:a8:88:d7:c5:51:16:47:00:4f:45:a3:8e:
01:80:05:23:77:fb:92:ed:5c:67:b2:f8:2f:27:53:
46:7f:32:8b:f1:80:96:08:b2:c8:44:33:c2:ce:2e:
c7:a2:49:df:09:3a:5f:bd:a6:ae:95:f9:c2:f6:47:
fe:86:6d:1b:38:d5:34:38:97:a7:84:0b:ce:a4:b1:
af:4c:ad:1f:88:63:f3:9a:ad:9d:16:63:b8:17:06:
bb:34:c6:c3:62:be:70:9d:55:a0:f8:cf:8a:8d:55:
58:e8:ec:80:9d:83:b9:e1:9e:bb:df:36:81:51:9e:
f9:ea:58:e1:1a:4f:0e:be:a2:6f:d6:53:b0:81:09:
3e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D2:4C:7F:DB:1C:02:53:AE:89:FC:B1:9B:D1:30:45:F0:61:2C:3D
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.42.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ce:64:8f:95:b5:1a:1a:f0:c2:87:f7:2d:b1:2b:82:ac:ee:
ab:f4:65:b5:ad:6c:07:e4:d2:b0:c3:6b:dd:6b:20:65:be:64:
cc:60:04:29:79:1a:d0:d9:7d:2a:04:e5:69:ee:2f:29:4f:08:
fa:3f:2a:c5:7f:4b:cb:1f:cd:4b:29:80:14:fe:e7:86:86:5c:
c5:dc:13:0a:6c:7f:aa:fe:2c:74:4c:0f:66:32:4f:ec:26:2a:
8f:28:08:90:1c:7d:75:2c:d9:bf:81:4e:5f:c7:89:13:e6:14:
48:4a:25:48:33:65:71:15:05:2e:c7:9c:e5:61:b7:60:98:ca:
c4:62:f2:92:87:d6:f8:1e:de:23:d2:a1:cc:17:55:10:f4:30:
b4:6c:98:1d:66:24:9f:e2:2a:cd:8e:b9:08:a5:ed:3c:6a:b8:
93:4c:4c:9d:70:9e:61:7a:87:1d:56:39:30:a9:af:c8:e9:88:
4d:c0:d2:48:0b:4b:52:a1:2a:9d:28:0e:1c:22:7e:9b:4c:c5:
4d:19:77:10:ef:17:f1:ab:cb:98:87:60:47:c4:a9:f7:a3:37:
2c:09:31:23:c3:91:df:a2:d8:0e:2b:c5:16:b0:17:ff:bf:ae:
b5:b5:40:18:4d:8e:4b:ca:8a:83:ba:b3:dd:7c:a3:6d:f6:8a:
8f:71:7f:b8
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUEVoc6HfWWLuEdGDsl1IKxj56vUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNTA3MDQxMjAwMTFaFw0yNjA3MDMxMjA1MTFaMDMxMTAvBgNV
BAMTKDlERDI0QzdGREIxQzAyNTNBRTg5RkNCMTlCRDEzMDQ1RjA2MTJDM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTbZI55s07nbyTJNyRF0Naxeu9
8xhbdcfsHaA2X8Hj/skp/z9ybTIFjWfT+leoQrR7p635rppLq6luftns0pI5UoWP
qzyJX4tjBO0SAsq0kiAOQqITZZU8VdEd7hMWNgOCNOA1InjAQiZjPsdqfPcXlqZ9
RL96P/nPmaiI18VRFkcAT0WjjgGABSN3+5LtXGey+C8nU0Z/MovxgJYIsshEM8LO
LseiSd8JOl+9pq6V+cL2R/6GbRs41TQ4l6eEC86ksa9MrR+IY/OarZ0WY7gXBrs0
xsNivnCdVaD4z4qNVVjo7ICdg7nhnrvfNoFRnvnqWOEaTw6+om/WU7CBCT65AgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUndJMf9scAlOuifyxm9EwRfBhLD0wHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zOTMxMmUzMjMyMzAyZTM0MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wqMA0GCSqGSIb3DQEBCwUAA4IBAQAh
zmSPlbUaGvDCh/ctsSuCrO6r9GW1rWwH5NKww2vdayBlvmTMYAQpeRrQ2X0qBOVp
7i8pTwj6PyrFf0vLH81LKYAU/ueGhlzF3BMKbH+q/ix0TA9mMk/sJiqPKAiQHH11
LNm/gU5fx4kT5hRISiVIM2VxFQUux5zlYbdgmMrEYvKSh9b4Ht4j0qHMF1UQ9DC0
bJgdZiSf4irNjrkIpe08ariTTEydcJ5heocdVjkwqa/I6YhNwNJIC0tSoSqdKA4c
In6bTMVNGXcQ7xfxq8uYh2BHxKn3ozcsCTEjw5HfotgOK8UWsBf/v661tUAYTY5L
yoqDurPdfKNt9oqPcX+4
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:44:10 2025 by rpki-client