Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/2/3139332e372e3230342e302f32342d3234203d3e203432343237.roa
File: 3139332e372e3230342e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: FNqrnceU3iwVod2WSMXQFQeJdYf+AyNGsDarmParqg0=
Subject key identifier: 69:F6:4C:93:09:FA:06:6B:4E:60:CC:E2:BE:E4:5C:28:71:E6:42:A1
Certificate issuer: /CN=211a048890969fa7d4b6aef8c020cda4444ec2e5
Certificate serial: 6061F48CD3A7A6A2A406D1834F55CAD012DA0CFC
Authority key identifier: 21:1A:04:88:90:96:9F:A7:D4:B6:AE:F8:C0:20:CD:A4:44:4E:C2:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IRoEiJCWn6fUtq74wCDNpEROwuU.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/2/3139332e372e3230342e302f32342d3234203d3e203432343237.roa
Signing time: Fri 01 Sep 2023 11:14:35 +0000
ROA not before: Fri 01 Sep 2023 11:09:35 +0000
ROA not after: Fri 30 Aug 2024 11:14:35 +0000
asID: 42427
IP address blocks: 193.7.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/2/211A048890969FA7D4B6AEF8C020CDA4444EC2E5.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/2/211A048890969FA7D4B6AEF8C020CDA4444EC2E5.mft
rsync://rpki.ripe.net/repository/DEFAULT/IRoEiJCWn6fUtq74wCDNpEROwuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:61:f4:8c:d3:a7:a6:a2:a4:06:d1:83:4f:55:ca:d0:12:da:0c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=211a048890969fa7d4b6aef8c020cda4444ec2e5
Validity
Not Before: Sep 1 11:09:35 2023 GMT
Not After : Aug 30 11:14:35 2024 GMT
Subject: CN=69F64C9309FA066B4E60CCE2BEE45C2871E642A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:75:7c:99:1c:2b:47:ff:53:36:1a:ff:a3:
7d:88:c4:c3:ac:cd:5b:f8:78:ce:0f:e4:e3:ec:ca:
73:63:38:65:24:e9:07:f9:d8:93:2c:5e:4e:11:c7:
ae:21:cf:b4:50:8e:45:80:23:06:83:1d:02:c6:b5:
bb:ad:37:56:d5:d6:3e:cf:e1:9c:4e:0d:f0:41:6f:
47:a6:c2:a5:90:68:35:7e:9e:37:9f:93:ea:0a:ec:
89:71:b6:4e:26:c2:78:78:4b:35:f4:3d:d2:ea:1b:
40:2c:fa:19:ef:56:20:81:c5:6b:33:70:83:46:2d:
a7:42:39:76:e6:fc:3a:f6:06:59:e3:fc:f9:31:77:
32:a4:b0:00:f9:0e:dc:ba:3a:81:51:cc:6a:8a:55:
5d:a0:fc:30:6c:94:a5:6a:45:d3:75:bd:72:62:d6:
e0:14:dd:72:15:b7:8b:bf:12:7a:45:7d:8f:ef:ed:
e7:82:96:71:43:1c:8f:bf:fd:d0:6e:c4:a5:6f:88:
5e:1d:7e:3c:cf:9b:a7:86:e5:c2:1e:e0:f9:7f:0a:
be:b7:06:f3:9e:06:8f:dc:0f:89:ce:84:8e:5c:16:
44:fd:47:ba:90:e8:69:99:2d:8b:73:d3:e4:c4:68:
8b:63:79:90:a4:e7:e3:fb:32:a5:4c:92:63:4a:8e:
f4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F6:4C:93:09:FA:06:6B:4E:60:CC:E2:BE:E4:5C:28:71:E6:42:A1
X509v3 Authority Key Identifier:
keyid:21:1A:04:88:90:96:9F:A7:D4:B6:AE:F8:C0:20:CD:A4:44:4E:C2:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/2/211A048890969FA7D4B6AEF8C020CDA4444EC2E5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IRoEiJCWn6fUtq74wCDNpEROwuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/2/3139332e372e3230342e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.7.204.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:31:62:1f:8f:7d:53:1f:cb:17:0e:31:06:3e:10:8b:6c:19:
f4:1c:30:cf:03:fc:55:ad:5e:14:66:14:8e:9b:d1:d6:af:4f:
0e:34:5d:5a:f8:3a:89:66:6b:c8:1f:aa:53:9a:45:95:4b:2e:
f8:b2:69:bf:c1:01:87:f6:27:f6:5d:04:f5:83:78:e8:3a:37:
ab:c1:e8:ae:d3:63:05:3a:f8:7e:60:af:ac:a3:89:1f:1c:95:
99:88:f4:69:ff:ae:4d:2e:4c:a1:fb:44:dc:97:76:52:68:76:
0c:e7:a8:dc:61:41:60:5d:ec:17:e4:a5:c2:c3:5d:b0:56:a1:
95:38:bf:9d:8d:b0:da:8b:fb:50:bc:b9:03:1b:79:9f:68:0a:
7e:c0:a6:2e:77:a6:07:a0:81:8b:7a:c8:45:dd:62:f9:e7:4a:
8d:3e:cc:42:81:8b:bb:79:03:9d:03:19:2f:56:f3:fc:69:bd:
be:34:cb:12:fa:14:8b:3c:b8:2f:28:93:a5:b7:3e:2a:a6:80:
a9:28:f1:01:f5:4a:1b:78:f5:17:5f:e0:7a:09:ac:62:71:ce:
a8:b7:d4:e8:ef:a0:52:cc:c1:9b:dd:d0:c5:36:bc:45:98:76:
35:77:29:d7:8b:58:8f:7b:0f:f9:c8:03:56:38:67:34:1d:ef:
35:f8:5f:74
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUYGH0jNOnpqKkBtGDT1XK0BLaDPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjExYTA0ODg5MDk2OWZhN2Q0YjZhZWY4YzAyMGNkYTQ0
NDRlYzJlNTAeFw0yMzA5MDExMTA5MzVaFw0yNDA4MzAxMTE0MzVaMDMxMTAvBgNV
BAMTKDY5RjY0QzkzMDlGQTA2NkI0RTYwQ0NFMkJFRTQ1QzI4NzFFNjQyQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPiXV8mRwrR/9TNhr/o32IxMOs
zVv4eM4P5OPsynNjOGUk6Qf52JMsXk4Rx64hz7RQjkWAIwaDHQLGtbutN1bV1j7P
4ZxODfBBb0emwqWQaDV+njefk+oK7Ilxtk4mwnh4SzX0PdLqG0As+hnvViCBxWsz
cINGLadCOXbm/Dr2Blnj/PkxdzKksAD5Dty6OoFRzGqKVV2g/DBslKVqRdN1vXJi
1uAU3XIVt4u/EnpFfY/v7eeClnFDHI+//dBuxKVviF4dfjzPm6eG5cIe4Pl/Cr63
BvOeBo/cD4nOhI5cFkT9R7qQ6GmZLYtz0+TEaItjeZCk5+P7MqVMkmNKjvRdAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUafZMkwn6BmtOYMzivuRcKHHmQqEwHwYDVR0j
BBgwFoAUIRoEiJCWn6fUtq74wCDNpEROwuUwDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzIvMjExQTA0ODg5MDk2OUZBN0Q0QjZBRUY4QzAyMENE
QTQ0NDRFQzJFNS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lSb0VpSkNXbjZm
VXRxNzR3Q0ROcEVST3d1VS5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMi8zMTM5MzMyZTM3MmUzMjMwMzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQfMMA0GCSqGSIb3DQEBCwUAA4IBAQCg
MWIfj31TH8sXDjEGPhCLbBn0HDDPA/xVrV4UZhSOm9HWr08ONF1a+DqJZmvIH6pT
mkWVSy74smm/wQGH9if2XQT1g3joOjerweiu02MFOvh+YK+so4kfHJWZiPRp/65N
Lkyh+0Tcl3ZSaHYM56jcYUFgXewX5KXCw12wVqGVOL+djbDai/tQvLkDG3mfaAp+
wKYud6YHoIGLeshF3WL550qNPsxCgYu7eQOdAxkvVvP8ab2+NMsS+hSLPLgvKJOl
tz4qpoCpKPEB9UobePUXX+B6Caxicc6ot9To76BSzMGb3dDFNrxFmHY1dynXi1iP
ew/5yANWOGc0He81+F90
-----END CERTIFICATE-----
Generated at Fri May 24 18:03:43 2024 by rpki-client on console-fra.rpki-client.org