Route Origin Authorization
$ rpki-client -vvf rpki.akrn.net/repo/AKRN/0/323430373a636463303a633031303a3a2f34342d3438203d3e20313438393832.roa
File: 323430373a636463303a633031303a3a2f34342d3438203d3e20313438393832.roa (raw, json)
Hash identifier: MqebpH/qL4mH8tyyEEmBXD6OqEOYyGelu1HtSh13Ulw=
Subject key identifier: 31:79:F0:B3:4A:30:F0:B2:EB:55:B0:3B:B8:2B:0A:36:CF:4B:46:E5
Certificate issuer: /CN=A916C75D0000/serialNumber=90884A3F57AC46FA63A71BD993E4E8AD788187AF
Certificate serial: 42B00F11C2730D6DD877323F8D8F0D46492B82F1
Authority key identifier: 90:88:4A:3F:57:AC:46:FA:63:A7:1B:D9:93:E4:E8:AD:78:81:87:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
Subject info access: rsync://rpki.akrn.net/repo/AKRN/0/323430373a636463303a633031303a3a2f34342d3438203d3e20313438393832.roa
Signing time: Sat 21 Oct 2023 16:00:00 +0000
ROA not before: Sat 21 Oct 2023 15:55:00 +0000
ROA not after: Sat 19 Oct 2024 16:00:00 +0000
asID: 148982
IP address blocks: 2407:cdc0:c010::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.crl
rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 May 2024 03:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b0:0f:11:c2:73:0d:6d:d8:77:32:3f:8d:8f:0d:46:49:2b:82:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C75D0000/serialNumber=90884A3F57AC46FA63A71BD993E4E8AD788187AF
Validity
Not Before: Oct 21 15:55:00 2023 GMT
Not After : Oct 19 16:00:00 2024 GMT
Subject: CN=3082010A0282010100A4190ECCE77F20D0E9FFA735E7AC32A8EDC72F0F407BAAEAA06968E4D84EA71E724672329440DAD2B58B749B1D3AB5347901EF7DFA34EB5CDCFF4B62FFF6734D66202BEF1F64D22171E4A92B2017F6A8C290E9995AE940896B2E253F956EF0A3D80A97DA3B3C25243115106BA3C74A9FBDCCB3DFDE0F724FF02708229B760AEA6DB406D020EFD98D4D262C9B4E224A946D5AE0EE7BDB576FAB0BA54EA30FC438DCBAB5211F55ACEB3438ABE696D8821370960627C5FC45B96209AF3771D94613EFC98FBE5D391D868AE1F44D16CB4060F007BB9B804C28506D53232A17AE959E55FE8863B61486DA913C81178F00C4B3B4156961AF3D5C3AE02A04A8E94D38B30203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:0e:cc:e7:7f:20:d0:e9:ff:a7:35:e7:ac:
32:a8:ed:c7:2f:0f:40:7b:aa:ea:a0:69:68:e4:d8:
4e:a7:1e:72:46:72:32:94:40:da:d2:b5:8b:74:9b:
1d:3a:b5:34:79:01:ef:7d:fa:34:eb:5c:dc:ff:4b:
62:ff:f6:73:4d:66:20:2b:ef:1f:64:d2:21:71:e4:
a9:2b:20:17:f6:a8:c2:90:e9:99:5a:e9:40:89:6b:
2e:25:3f:95:6e:f0:a3:d8:0a:97:da:3b:3c:25:24:
31:15:10:6b:a3:c7:4a:9f:bd:cc:b3:df:de:0f:72:
4f:f0:27:08:22:9b:76:0a:ea:6d:b4:06:d0:20:ef:
d9:8d:4d:26:2c:9b:4e:22:4a:94:6d:5a:e0:ee:7b:
db:57:6f:ab:0b:a5:4e:a3:0f:c4:38:dc:ba:b5:21:
1f:55:ac:eb:34:38:ab:e6:96:d8:82:13:70:96:06:
27:c5:fc:45:b9:62:09:af:37:71:d9:46:13:ef:c9:
8f:be:5d:39:1d:86:8a:e1:f4:4d:16:cb:40:60:f0:
07:bb:9b:80:4c:28:50:6d:53:23:2a:17:ae:95:9e:
55:fe:88:63:b6:14:86:da:91:3c:81:17:8f:00:c4:
b3:b4:15:69:61:af:3d:5c:3a:e0:2a:04:a8:e9:4d:
38:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:79:F0:B3:4A:30:F0:B2:EB:55:B0:3B:B8:2B:0A:36:CF:4B:46:E5
X509v3 Authority Key Identifier:
keyid:90:88:4A:3F:57:AC:46:FA:63:A7:1B:D9:93:E4:E8:AD:78:81:87:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.akrn.net/repo/AKRN/0/90884A3F57AC46FA63A71BD993E4E8AD788187AF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIhKP1esRvpjpxvZk-TorXiBh68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.akrn.net/repo/AKRN/0/323430373a636463303a633031303a3a2f34342d3438203d3e20313438393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2407:cdc0:c010::/44
Signature Algorithm: sha256WithRSAEncryption
3a:24:72:d3:0f:1a:bc:ae:d3:38:e6:4d:ea:b8:7e:64:74:ee:
1d:a6:0f:6b:e7:a9:bc:73:e3:2b:81:e7:ed:e0:e1:b9:8f:0c:
b1:bf:ef:a1:2a:d3:f0:8f:e8:64:21:63:2b:6a:53:9d:3a:86:
0e:58:11:d7:df:cd:6e:45:1d:fa:dd:4c:43:bd:c3:f3:a6:55:
21:d8:ac:e3:5c:20:60:13:6b:6f:92:01:a6:15:70:cd:8e:31:
0b:cb:f4:03:6c:2a:20:60:47:d2:ea:9c:f2:f6:ca:bd:70:4a:
91:aa:1b:9f:49:b8:b3:5a:c2:89:be:54:4d:9f:af:9f:ff:ff:
4e:14:26:60:36:8b:4b:b4:89:0f:1c:da:b8:e8:85:e9:33:12:
20:9b:76:7c:b5:df:cc:98:36:6e:61:9b:d4:9a:eb:4f:eb:30:
f4:b4:63:28:cb:67:30:a6:ab:bb:da:27:07:0e:c6:80:45:88:
42:22:3e:40:23:6a:4f:99:f9:ed:03:7f:e8:3f:6e:f9:08:3b:
36:b5:e1:2d:7d:37:04:cc:b8:a7:cc:3c:f2:cf:17:c7:e5:75:
fe:bc:a0:60:9a:91:e3:9f:7e:e9:be:c7:81:81:80:f3:a2:e3:
b0:9d:98:d7:56:bc:f7:ea:bb:f3:67:c7:bc:66:8d:6f:67:eb:
87:d9:63:4d
-----BEGIN CERTIFICATE-----
MIIHATCCBemgAwIBAgIUQrAPEcJzDW3YdzI/jY8NRkkrgvEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNkM3NUQwMDAwMTEwLwYDVQQFEyg5MDg4NEEzRjU3
QUM0NkZBNjNBNzFCRDk5M0U0RThBRDc4ODE4N0FGMB4XDTIzMTAyMTE1NTUwMFoX
DTI0MTAxOTE2MDAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBNDE5MEVDQ0U3N0YyMEQwRTlGRkE3MzVFN0FDMzJBOEVEQzcyRjBGNDA3
QkFBRUFBMDY5NjhFNEQ4NEVBNzFFNzI0NjcyMzI5NDQwREFEMkI1OEI3NDlCMUQz
QUI1MzQ3OTAxRUY3REZBMzRFQjVDRENGRjRCNjJGRkY2NzM0RDY2MjAyQkVGMUY2
NEQyMjE3MUU0QTkyQjIwMTdGNkE4QzI5MEU5OTk1QUU5NDA4OTZCMkUyNTNGOTU2
RUYwQTNEODBBOTdEQTNCM0MyNTI0MzExNTEwNkJBM0M3NEE5RkJEQ0NCM0RGREUw
RjcyNEZGMDI3MDgyMjlCNzYwQUVBNkRCNDA2RDAyMEVGRDk4RDREMjYyQzlCNEUy
MjRBOTQ2RDVBRTBFRTdCREI1NzZGQUIwQkE1NEVBMzBGQzQzOERDQkFCNTIxMUY1
NUFDRUIzNDM4QUJFNjk2RDg4MjEzNzA5NjA2MjdDNUZDNDVCOTYyMDlBRjM3NzFE
OTQ2MTNFRkM5OEZCRTVEMzkxRDg2OEFFMUY0NEQxNkNCNDA2MEYwMDdCQjlCODA0
QzI4NTA2RDUzMjMyQTE3QUU5NTlFNTVGRTg4NjNCNjE0ODZEQTkxM0M4MTE3OEYw
MEM0QjNCNDE1Njk2MUFGM0Q1QzNBRTAyQTA0QThFOTREMzhCMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkGQ7M538g0On/pzXnrDKo
7ccvD0B7quqgaWjk2E6nHnJGcjKUQNrStYt0mx06tTR5Ae99+jTrXNz/S2L/9nNN
ZiAr7x9k0iFx5KkrIBf2qMKQ6Zla6UCJay4lP5Vu8KPYCpfaOzwlJDEVEGujx0qf
vcyz394Pck/wJwgim3YK6m20BtAg79mNTSYsm04iSpRtWuDue9tXb6sLpU6jD8Q4
3Lq1IR9VrOs0OKvmltiCE3CWBifF/EW5YgmvN3HZRhPvyY++XTkdhorh9E0Wy0Bg
8Ae7m4BMKFBtUyMqF66VnlX+iGO2FIbakTyBF48AxLO0FWlhrz1cOuAqBKjpTTiz
AgMBAAGjggH4MIIB9DAdBgNVHQ4EFgQUMXnws0ow8LLrVbA7uCsKNs9LRuUwHwYD
VR0jBBgwFoAUkIhKP1esRvpjpxvZk+TorXiBh68wDgYDVR0PAQH/BAQDAgeAMF8G
A1UdHwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5ha3JuLm5ldC9yZXBvL0FLUk4v
MC85MDg4NEEzRjU3QUM0NkZBNjNBNzFCRDk5M0U0RThBRDc4ODE4N0FGLmNybDB+
BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5u
ZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9r
SWhLUDFlc1J2cGpweHZaay1Ub3JYaUJoNjguY2VyMIGCBggrBgEFBQcBCwR2MHQw
cgYIKwYBBQUHMAuGZnJzeW5jOi8vcnBraS5ha3JuLm5ldC9yZXBvL0FLUk4vMC8z
MjM0MzAzNzNhNjM2NDYzMzAzYTYzMzAzMTMwM2EzYTJmMzQzNDJkMzQzODIwM2Qz
ZTIwMzEzNDM4MzkzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEJAfNwMAQMA0GCSqGSIb3DQEBCwUA
A4IBAQA6JHLTDxq8rtM45k3quH5kdO4dpg9r56m8c+Mrgeft4OG5jwyxv++hKtPw
j+hkIWMralOdOoYOWBHX381uRR363UxDvcPzplUh2KzjXCBgE2tvkgGmFXDNjjEL
y/QDbCogYEfS6pzy9sq9cEqRqhufSbizWsKJvlRNn6+f//9OFCZgNotLtIkPHNq4
6IXpMxIgm3Z8td/MmDZuYZvUmutP6zD0tGMoy2cwpqu72icHDsaARYhCIj5AI2pP
mfntA3/oP275CDs2teEtfTcEzLinzDzyzxfH5XX+vKBgmpHjn37pvseBgYDzouOw
nZjXVrz36rvzZ8e8Zo1vZ+uH2WNN
-----END CERTIFICATE-----
Generated at Sun May 12 03:29:16 2024 by rpki-client on console-ams.rpki-client.org