Route Origin Authorization
$ rpki-client -vvf rpki.akrn.net/repo/AKRN/2/323430313a323132303a3a2f33322d3438203d3e20393833.roa
File: 323430313a323132303a3a2f33322d3438203d3e20393833.roa (raw, json)
Hash identifier: saljqONhouyk52rtVPgL+LeYYNNzhc0cJxVrsHfJ5VE=
Subject key identifier: F4:A4:E3:1A:3E:24:09:16:75:2D:71:BF:FA:99:C7:D3:AB:A6:E3:79
Certificate issuer: /CN=A91130000000/serialNumber=B70B10266A28A9F2E9DF2F7EFD4399B69E488B34
Certificate serial: 08BB2811909A36B4EE4DB4AA94922A4DF02529F2
Authority key identifier: B7:0B:10:26:6A:28:A9:F2:E9:DF:2F:7E:FD:43:99:B6:9E:48:8B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/twsQJmooqfLp3y9-_UOZtp5IizQ.cer
Subject info access: rsync://rpki.akrn.net/repo/AKRN/2/323430313a323132303a3a2f33322d3438203d3e20393833.roa
Signing time: Mon 11 Mar 2024 10:18:28 +0000
ROA not before: Mon 11 Mar 2024 10:13:28 +0000
ROA not after: Mon 10 Mar 2025 10:18:28 +0000
asID: 983
IP address blocks: 2401:2120::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.akrn.net/repo/AKRN/2/B70B10266A28A9F2E9DF2F7EFD4399B69E488B34.crl
rsync://rpki.akrn.net/repo/AKRN/2/B70B10266A28A9F2E9DF2F7EFD4399B69E488B34.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/twsQJmooqfLp3y9-_UOZtp5IizQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 15 Jun 2024 18:20:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:bb:28:11:90:9a:36:b4:ee:4d:b4:aa:94:92:2a:4d:f0:25:29:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91130000000/serialNumber=B70B10266A28A9F2E9DF2F7EFD4399B69E488B34
Validity
Not Before: Mar 11 10:13:28 2024 GMT
Not After : Mar 10 10:18:28 2025 GMT
Subject: CN=3082010A0282010100A8D40C239EC28C04A717E01962328930753BC3B36478B62D42857B3E9CAC5B92E73AA9A4EFE5BFF0CC6C256122ACA9326BA69562FE3D0E1ACD844AA8CA1582706258D3AC3A2B5C1DB859E94B7E3EBF94CEBA05239A06BEB1FFAD94606BA4209B404EA9D026A8F1F7E8DFA1A23D38C7AC76EFAFE5AF6BA052284A9719F2674472C8ED85BB9AD9FA46A473F7C4A565970D77F56C79513A974C8C06760E6D7C239C09B351E6318311B796FB839B91B3939E5F355525D757C1A30BBFD2090BF2A301DBBA3BF1D04177E7E7D1E0EF6236B6349EC6CC4B4B56CE908B213870A2E1A4E45F53B9493EDC1C16547DE508B5F6739EEB45859D3CB358B29C622916299DFD570203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:0c:23:9e:c2:8c:04:a7:17:e0:19:62:32:
89:30:75:3b:c3:b3:64:78:b6:2d:42:85:7b:3e:9c:
ac:5b:92:e7:3a:a9:a4:ef:e5:bf:f0:cc:6c:25:61:
22:ac:a9:32:6b:a6:95:62:fe:3d:0e:1a:cd:84:4a:
a8:ca:15:82:70:62:58:d3:ac:3a:2b:5c:1d:b8:59:
e9:4b:7e:3e:bf:94:ce:ba:05:23:9a:06:be:b1:ff:
ad:94:60:6b:a4:20:9b:40:4e:a9:d0:26:a8:f1:f7:
e8:df:a1:a2:3d:38:c7:ac:76:ef:af:e5:af:6b:a0:
52:28:4a:97:19:f2:67:44:72:c8:ed:85:bb:9a:d9:
fa:46:a4:73:f7:c4:a5:65:97:0d:77:f5:6c:79:51:
3a:97:4c:8c:06:76:0e:6d:7c:23:9c:09:b3:51:e6:
31:83:11:b7:96:fb:83:9b:91:b3:93:9e:5f:35:55:
25:d7:57:c1:a3:0b:bf:d2:09:0b:f2:a3:01:db:ba:
3b:f1:d0:41:77:e7:e7:d1:e0:ef:62:36:b6:34:9e:
c6:cc:4b:4b:56:ce:90:8b:21:38:70:a2:e1:a4:e4:
5f:53:b9:49:3e:dc:1c:16:54:7d:e5:08:b5:f6:73:
9e:eb:45:85:9d:3c:b3:58:b2:9c:62:29:16:29:9d:
fd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A4:E3:1A:3E:24:09:16:75:2D:71:BF:FA:99:C7:D3:AB:A6:E3:79
X509v3 Authority Key Identifier:
keyid:B7:0B:10:26:6A:28:A9:F2:E9:DF:2F:7E:FD:43:99:B6:9E:48:8B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.akrn.net/repo/AKRN/2/B70B10266A28A9F2E9DF2F7EFD4399B69E488B34.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/twsQJmooqfLp3y9-_UOZtp5IizQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.akrn.net/repo/AKRN/2/323430313a323132303a3a2f33322d3438203d3e20393833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2401:2120::/32
Signature Algorithm: sha256WithRSAEncryption
51:b5:03:a2:68:0a:db:9a:de:5a:f9:79:8a:0e:b7:6d:10:cc:
89:6d:ca:dc:dd:5b:0d:f1:70:c4:b5:aa:b0:43:26:11:25:27:
14:0c:c0:cc:ac:80:98:d2:64:96:52:67:b1:89:23:7a:fe:02:
33:e4:54:21:83:a9:92:50:96:74:c0:b6:5f:63:f9:fd:0a:07:
ca:b6:45:38:36:fc:7e:6d:0e:ea:10:22:bb:eb:e9:cb:8c:8f:
4e:32:6e:ca:6e:cb:d6:da:92:c7:26:6a:c9:74:d5:33:37:27:
55:34:1a:b5:04:ce:45:60:6f:97:4b:08:f6:f7:1c:62:ea:99:
21:1b:fe:a7:6f:5e:53:39:b1:44:47:5e:86:4d:3d:91:08:a3:
89:ee:1f:51:2f:4a:e7:71:c0:22:b7:cc:48:7a:7a:3c:30:92:
e5:c3:33:c8:4d:a2:92:7f:cb:b8:58:d7:fe:ae:b2:09:73:38:
4a:e2:cf:c5:50:f9:dc:a2:f4:cb:0b:a5:84:83:71:3f:57:3e:
d7:c8:0f:95:b0:6e:e0:03:30:b7:67:8a:1b:46:c7:86:58:19:
af:2c:b3:4a:e9:85:f6:ac:4b:af:43:0e:30:04:ea:37:db:44:
55:e8:43:f7:bf:24:5d:f5:19:9d:b4:2d:ac:03:dc:98:62:cf:
b0:bd:8c:a4
-----BEGIN CERTIFICATE-----
MIIG7jCCBdagAwIBAgIUCLsoEZCaNrTuTbSqlJIqTfAlKfIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTMwMDAwMDAwMTEwLwYDVQQFEyhCNzBCMTAyNjZB
MjhBOUYyRTlERjJGN0VGRDQzOTlCNjlFNDg4QjM0MB4XDTI0MDMxMTEwMTMyOFoX
DTI1MDMxMDEwMTgyOFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBOEQ0MEMyMzlFQzI4QzA0QTcxN0UwMTk2MjMyODkzMDc1M0JDM0IzNjQ3
OEI2MkQ0Mjg1N0IzRTlDQUM1QjkyRTczQUE5QTRFRkU1QkZGMENDNkMyNTYxMjJB
Q0E5MzI2QkE2OTU2MkZFM0QwRTFBQ0Q4NDRBQThDQTE1ODI3MDYyNThEM0FDM0Ey
QjVDMURCODU5RTk0QjdFM0VCRjk0Q0VCQTA1MjM5QTA2QkVCMUZGQUQ5NDYwNkJB
NDIwOUI0MDRFQTlEMDI2QThGMUY3RThERkExQTIzRDM4QzdBQzc2RUZBRkU1QUY2
QkEwNTIyODRBOTcxOUYyNjc0NDcyQzhFRDg1QkI5QUQ5RkE0NkE0NzNGN0M0QTU2
NTk3MEQ3N0Y1NkM3OTUxM0E5NzRDOEMwNjc2MEU2RDdDMjM5QzA5QjM1MUU2MzE4
MzExQjc5NkZCODM5QjkxQjM5MzlFNUYzNTU1MjVENzU3QzFBMzBCQkZEMjA5MEJG
MkEzMDFEQkJBM0JGMUQwNDE3N0U3RTdEMUUwRUY2MjM2QjYzNDlFQzZDQzRCNEI1
NkNFOTA4QjIxMzg3MEEyRTFBNEU0NUY1M0I5NDkzRURDMUMxNjU0N0RFNTA4QjVG
NjczOUVFQjQ1ODU5RDNDQjM1OEIyOUM2MjI5MTYyOTlERkQ1NzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo1AwjnsKMBKcX4BliMokw
dTvDs2R4ti1ChXs+nKxbkuc6qaTv5b/wzGwlYSKsqTJrppVi/j0OGs2ESqjKFYJw
YljTrDorXB24WelLfj6/lM66BSOaBr6x/62UYGukIJtATqnQJqjx9+jfoaI9OMes
du+v5a9roFIoSpcZ8mdEcsjthbua2fpGpHP3xKVllw139Wx5UTqXTIwGdg5tfCOc
CbNR5jGDEbeW+4ObkbOTnl81VSXXV8GjC7/SCQvyowHbujvx0EF35+fR4O9iNrY0
nsbMS0tWzpCLIThwouGk5F9TuUk+3BwWVH3lCLX2c57rRYWdPLNYspxiKRYpnf1X
AgMBAAGjggHlMIIB4TAdBgNVHQ4EFgQU9KTjGj4kCRZ1LXG/+pnH06um43kwHwYD
VR0jBBgwFoAUtwsQJmooqfLp3y9+/UOZtp5IizQwDgYDVR0PAQH/BAQDAgeAMF8G
A1UdHwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5ha3JuLm5ldC9yZXBvL0FLUk4v
Mi9CNzBCMTAyNjZBMjhBOUYyRTlERjJGN0VGRDQzOTlCNjlFNDg4QjM0LmNybDB+
BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5u
ZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi90
d3NRSm1vb3FmTHAzeTktX1VPWnRwNUlpelEuY2VyMHIGCCsGAQUFBwELBGYwZDBi
BggrBgEFBQcwC4ZWcnN5bmM6Ly9ycGtpLmFrcm4ubmV0L3JlcG8vQUtSTi8yLzMy
MzQzMDMxM2EzMjMxMzIzMDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDM5MzgzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w
DQQCAAIwBwMFACQBISAwDQYJKoZIhvcNAQELBQADggEBAFG1A6JoCtua3lr5eYoO
t20QzIltytzdWw3xcMS1qrBDJhElJxQMwMysgJjSZJZSZ7GJI3r+AjPkVCGDqZJQ
lnTAtl9j+f0KB8q2RTg2/H5tDuoQIrvr6cuMj04ybspuy9bakscmasl01TM3J1U0
GrUEzkVgb5dLCPb3HGLqmSEb/qdvXlM5sURHXoZNPZEIo4nuH1EvSudxwCK3zEh6
ejwwkuXDM8hNopJ/y7hY1/6usglzOEriz8VQ+dyi9MsLpYSDcT9XPtfID5WwbuAD
MLdnihtGx4ZYGa8ss0rphfasS69DDjAE6jfbRFXoQ/e/JF31GZ20LawD3Jhiz7C9
jKQ=
-----END CERTIFICATE-----
Generated at Fri Jun 14 18:52:07 2024 by rpki-client on console-fra.rpki-client.org