Route Origin Authorization
$ rpki-client -vvf rpki.akrn.net/repo/AKRN/0/323430373a636463303a3a2f33322d3438203d3e203338313336.roa
File: 323430373a636463303a3a2f33322d3438203d3e203338313336.roa (raw, json)
Hash identifier: 0/KlX6t9hwoIHUyKnJX/v0U9NMrynFZmZ1/n+MFour0=
Subject key identifier: B4:86:6E:20:74:EE:C6:56:32:0C:53:7E:D3:DE:22:7A:EF:03:6B:CC
Certificate issuer: /CN=A916C75D0000/serialNumber=90884A3F57AC46FA63A71BD993E4E8AD788187AF
Certificate serial: 1A2B503AC44A2CF5AC3044EB7753C67E20F38363
Authority key identifier: 90:88:4A:3F:57:AC:46:FA:63:A7:1B:D9:93:E4:E8:AD:78:81:87:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
Subject info access: rsync://rpki.akrn.net/repo/AKRN/0/323430373a636463303a3a2f33322d3438203d3e203338313336.roa
Signing time: Thu 20 Jul 2023 01:00:00 +0000
ROA not before: Thu 20 Jul 2023 00:55:00 +0000
ROA not after: Thu 18 Jul 2024 01:00:00 +0000
asID: 38136
IP address blocks: 2407:cdc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.crl
rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 May 2024 11:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:2b:50:3a:c4:4a:2c:f5:ac:30:44:eb:77:53:c6:7e:20:f3:83:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C75D0000/serialNumber=90884A3F57AC46FA63A71BD993E4E8AD788187AF
Validity
Not Before: Jul 20 00:55:00 2023 GMT
Not After : Jul 18 01:00:00 2024 GMT
Subject: CN=3082010A0282010100B32C87CF7508F08E120CD1D5490099B9CEE4ED20CFB6E3C5A74D08B290FA0684532E879D51740473872F9A451751CC123795D78F491A50FBEFC0E9EF80A600C5D0AF53EAD8A53D1B8F0E9B1450D6777ACAC0FCBD8DC71A9A399BE0E33B5360B82A23C6FBCFDC231B29C05600014F1897255A8DDAF95E5E54B4B3398AD89A8FFCD0530B50AEF3FCF7B8B10DF3D516D17D0038956283365FF5BD6F50A692066D5D0549079FEC8EF4F8C0663E3915804980ED331F3D26EA380408C95711766276D9A074E08C5E625C81C9530F875B536CAFEC10A9D67F1D7BFB490FD59B55C47AB466851DBE7FEA331100527257C655E8CF6643E108DF07DD87B70F20C1122578C10203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:87:cf:75:08:f0:8e:12:0c:d1:d5:49:00:
99:b9:ce:e4:ed:20:cf:b6:e3:c5:a7:4d:08:b2:90:
fa:06:84:53:2e:87:9d:51:74:04:73:87:2f:9a:45:
17:51:cc:12:37:95:d7:8f:49:1a:50:fb:ef:c0:e9:
ef:80:a6:00:c5:d0:af:53:ea:d8:a5:3d:1b:8f:0e:
9b:14:50:d6:77:7a:ca:c0:fc:bd:8d:c7:1a:9a:39:
9b:e0:e3:3b:53:60:b8:2a:23:c6:fb:cf:dc:23:1b:
29:c0:56:00:01:4f:18:97:25:5a:8d:da:f9:5e:5e:
54:b4:b3:39:8a:d8:9a:8f:fc:d0:53:0b:50:ae:f3:
fc:f7:b8:b1:0d:f3:d5:16:d1:7d:00:38:95:62:83:
36:5f:f5:bd:6f:50:a6:92:06:6d:5d:05:49:07:9f:
ec:8e:f4:f8:c0:66:3e:39:15:80:49:80:ed:33:1f:
3d:26:ea:38:04:08:c9:57:11:76:62:76:d9:a0:74:
e0:8c:5e:62:5c:81:c9:53:0f:87:5b:53:6c:af:ec:
10:a9:d6:7f:1d:7b:fb:49:0f:d5:9b:55:c4:7a:b4:
66:85:1d:be:7f:ea:33:11:00:52:72:57:c6:55:e8:
cf:66:43:e1:08:df:07:dd:87:b7:0f:20:c1:12:25:
78:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:86:6E:20:74:EE:C6:56:32:0C:53:7E:D3:DE:22:7A:EF:03:6B:CC
X509v3 Authority Key Identifier:
keyid:90:88:4A:3F:57:AC:46:FA:63:A7:1B:D9:93:E4:E8:AD:78:81:87:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.akrn.net/repo/AKRN/0/323430373a636463303a3a2f33322d3438203d3e203338313336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2407:cdc0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:a3:2e:c1:a4:16:89:fb:cf:8e:ca:fb:b5:a3:a9:76:5a:55:
0f:12:e5:68:1d:ba:22:08:0f:46:c3:4f:c5:40:91:8e:7b:2c:
4b:ca:53:20:53:75:50:6d:53:22:b8:1f:0d:66:6e:82:e1:95:
d4:ef:fd:67:b8:79:db:35:03:c1:c7:79:69:60:5c:5e:fa:13:
9a:a8:86:ef:de:1a:e0:d5:45:aa:01:70:91:d0:f4:3c:b8:dd:
e9:bc:55:ff:10:6b:84:11:81:f4:98:ca:d9:21:70:19:4a:c1:
7f:7a:5b:b1:de:72:66:2d:79:e7:27:c2:f1:1c:d7:ac:ac:3c:
7f:e4:97:57:20:9c:31:65:ed:67:fb:5f:43:62:a2:ca:76:af:
62:49:79:fe:b8:b8:5e:d5:b7:f7:4b:8d:ea:47:e8:8b:6d:28:
d7:48:f6:3b:8c:da:48:a2:7a:46:dc:16:d1:e4:cc:f1:ea:d3:
3e:40:47:88:14:85:b2:e2:63:71:95:0a:d5:18:51:d5:d8:d6:
0f:3b:72:b9:2a:9f:36:01:33:7c:59:b7:37:74:d0:6a:74:23:
35:24:9d:b1:4a:f0:9a:68:34:7f:b8:fc:16:97:71:76:af:e9:
e2:e0:6d:cc:b2:1e:ce:51:6c:e0:6a:5c:ce:ef:e6:23:50:2a:
e6:0f:f6:e0
-----BEGIN CERTIFICATE-----
MIIG8jCCBdqgAwIBAgIUGitQOsRKLPWsMETrd1PGfiDzg2MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNkM3NUQwMDAwMTEwLwYDVQQFEyg5MDg4NEEzRjU3
QUM0NkZBNjNBNzFCRDk5M0U0RThBRDc4ODE4N0FGMB4XDTIzMDcyMDAwNTUwMFoX
DTI0MDcxODAxMDAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCMzJDODdDRjc1MDhGMDhFMTIwQ0QxRDU0OTAwOTlCOUNFRTRFRDIwQ0ZC
NkUzQzVBNzREMDhCMjkwRkEwNjg0NTMyRTg3OUQ1MTc0MDQ3Mzg3MkY5QTQ1MTc1
MUNDMTIzNzk1RDc4RjQ5MUE1MEZCRUZDMEU5RUY4MEE2MDBDNUQwQUY1M0VBRDhB
NTNEMUI4RjBFOUIxNDUwRDY3NzdBQ0FDMEZDQkQ4REM3MUE5QTM5OUJFMEUzM0I1
MzYwQjgyQTIzQzZGQkNGREMyMzFCMjlDMDU2MDAwMTRGMTg5NzI1NUE4RERBRjk1
RTVFNTRCNEIzMzk4QUQ4OUE4RkZDRDA1MzBCNTBBRUYzRkNGN0I4QjEwREYzRDUx
NkQxN0QwMDM4OTU2MjgzMzY1RkY1QkQ2RjUwQTY5MjA2NkQ1RDA1NDkwNzlGRUM4
RUY0RjhDMDY2M0UzOTE1ODA0OTgwRUQzMzFGM0QyNkVBMzgwNDA4Qzk1NzExNzY2
Mjc2RDlBMDc0RTA4QzVFNjI1QzgxQzk1MzBGODc1QjUzNkNBRkVDMTBBOUQ2N0Yx
RDdCRkI0OTBGRDU5QjU1QzQ3QUI0NjY4NTFEQkU3RkVBMzMxMTAwNTI3MjU3QzY1
NUU4Q0Y2NjQzRTEwOERGMDdERDg3QjcwRjIwQzExMjI1NzhDMTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzLIfPdQjwjhIM0dVJAJm5
zuTtIM+248WnTQiykPoGhFMuh51RdARzhy+aRRdRzBI3ldePSRpQ++/A6e+ApgDF
0K9T6tilPRuPDpsUUNZ3esrA/L2NxxqaOZvg4ztTYLgqI8b7z9wjGynAVgABTxiX
JVqN2vleXlS0szmK2JqP/NBTC1Cu8/z3uLEN89UW0X0AOJVigzZf9b1vUKaSBm1d
BUkHn+yO9PjAZj45FYBJgO0zHz0m6jgECMlXEXZidtmgdOCMXmJcgclTD4dbU2yv
7BCp1n8de/tJD9WbVcR6tGaFHb5/6jMRAFJyV8ZV6M9mQ+EI3wfdh7cPIMESJXjB
AgMBAAGjggHpMIIB5TAdBgNVHQ4EFgQUtIZuIHTuxlYyDFN+094ieu8Da8wwHwYD
VR0jBBgwFoAUkIhKP1esRvpjpxvZk+TorXiBh68wDgYDVR0PAQH/BAQDAgeAMF8G
A1UdHwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5ha3JuLm5ldC9yZXBvL0FLUk4v
MC85MDg4NEEzRjU3QUM0NkZBNjNBNzFCRDk5M0U0RThBRDc4ODE4N0FGLmNybDB+
BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5u
ZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9r
SWhLUDFlc1J2cGpweHZaay1Ub3JYaUJoNjguY2VyMHYGCCsGAQUFBwELBGowaDBm
BggrBgEFBQcwC4ZacnN5bmM6Ly9ycGtpLmFrcm4ubmV0L3JlcG8vQUtSTi8wLzMy
MzQzMDM3M2E2MzY0NjMzMDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDMzMzgzMTMz
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkB83AMA0GCSqGSIb3DQEBCwUAA4IBAQBOoy7BpBaJ+8+O
yvu1o6l2WlUPEuVoHboiCA9Gw0/FQJGOeyxLylMgU3VQbVMiuB8NZm6C4ZXU7/1n
uHnbNQPBx3lpYFxe+hOaqIbv3hrg1UWqAXCR0PQ8uN3pvFX/EGuEEYH0mMrZIXAZ
SsF/elux3nJmLXnnJ8LxHNesrDx/5JdXIJwxZe1n+19DYqLKdq9iSXn+uLhe1bf3
S43qR+iLbSjXSPY7jNpIonpG3BbR5Mzx6tM+QEeIFIWy4mNxlQrVGFHV2NYPO3K5
Kp82ATN8Wbc3dNBqdCM1JJ2xSvCaaDR/uPwWl3F2r+ni4G3Msh7OUWzgalzO7+Yj
UCrmD/bg
-----END CERTIFICATE-----
Generated at Sat May 11 12:05:49 2024 by rpki-client on console-ams.rpki-client.org