Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/2/3139332e372e3230372e302f32342d3234203d3e203630343932.roa
File: 3139332e372e3230372e302f32342d3234203d3e203630343932.roa (raw, json)
Hash identifier: zVASvqVyMDytylIqPVP7DsBgbWwYXluD1/EFwCFPV98=
Subject key identifier: A4:11:16:AF:76:4E:4C:A3:2D:BA:72:61:0E:F2:86:15:AD:BC:91:F3
Certificate issuer: /CN=211a048890969fa7d4b6aef8c020cda4444ec2e5
Certificate serial: 128B0ECF0FD7A757B06958E3585489687633C6D2
Authority key identifier: 21:1A:04:88:90:96:9F:A7:D4:B6:AE:F8:C0:20:CD:A4:44:4E:C2:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IRoEiJCWn6fUtq74wCDNpEROwuU.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/2/3139332e372e3230372e302f32342d3234203d3e203630343932.roa
Signing time: Fri 01 Sep 2023 11:14:35 +0000
ROA not before: Fri 01 Sep 2023 11:09:35 +0000
ROA not after: Fri 30 Aug 2024 11:14:35 +0000
asID: 60492
IP address blocks: 193.7.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/2/211A048890969FA7D4B6AEF8C020CDA4444EC2E5.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/2/211A048890969FA7D4B6AEF8C020CDA4444EC2E5.mft
rsync://rpki.ripe.net/repository/DEFAULT/IRoEiJCWn6fUtq74wCDNpEROwuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 04:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:8b:0e:cf:0f:d7:a7:57:b0:69:58:e3:58:54:89:68:76:33:c6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=211a048890969fa7d4b6aef8c020cda4444ec2e5
Validity
Not Before: Sep 1 11:09:35 2023 GMT
Not After : Aug 30 11:14:35 2024 GMT
Subject: CN=A41116AF764E4CA32DBA72610EF28615ADBC91F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3b:b1:6b:05:1a:de:1a:88:70:20:0e:74:b6:
39:3a:52:63:49:6e:e5:95:ee:6a:38:a7:3a:00:39:
a0:0f:3a:8a:2d:73:02:6c:56:c8:93:37:e3:40:4a:
65:07:65:9c:b6:78:ef:c7:80:39:c0:d4:d4:ad:59:
85:ac:10:de:89:31:5c:2a:06:27:4a:e9:a5:7e:bb:
88:b8:81:2e:f7:be:80:82:f1:5f:b7:db:34:c0:aa:
02:fd:87:5e:d7:76:75:b9:1e:d9:8f:52:13:67:1e:
85:36:c5:fc:d5:b1:c3:3a:0b:c4:f1:8a:e1:e9:ba:
1e:1d:01:20:06:31:45:d6:29:e2:31:83:1f:8c:bf:
7c:4d:56:31:47:12:5e:da:85:12:ff:09:d4:27:b6:
4c:62:cc:fe:73:a6:10:ef:fd:1f:61:0f:66:79:81:
0f:6b:72:d0:cc:7e:b0:b3:63:cd:05:07:c9:83:7c:
c4:b2:60:ee:e7:eb:0d:4b:3d:dc:03:b8:51:96:b9:
80:c7:57:a8:9c:1d:bf:46:66:da:ac:aa:86:38:fb:
55:0a:b5:f3:c3:59:7a:9d:27:45:6b:c0:33:12:3a:
d7:93:e6:bc:c7:af:d5:c7:c9:f7:7a:5e:df:f9:8a:
93:75:25:81:71:7c:d3:6a:3d:33:62:b4:c2:1a:e2:
19:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:11:16:AF:76:4E:4C:A3:2D:BA:72:61:0E:F2:86:15:AD:BC:91:F3
X509v3 Authority Key Identifier:
keyid:21:1A:04:88:90:96:9F:A7:D4:B6:AE:F8:C0:20:CD:A4:44:4E:C2:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/2/211A048890969FA7D4B6AEF8C020CDA4444EC2E5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IRoEiJCWn6fUtq74wCDNpEROwuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/2/3139332e372e3230372e302f32342d3234203d3e203630343932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.7.207.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:73:9a:80:14:9a:14:3a:85:7a:5e:b5:96:95:bc:cd:6a:71:
5b:ba:34:31:54:61:f6:fe:17:0f:5b:6d:ef:07:42:fe:1f:05:
c4:a7:fd:e2:fa:5c:8a:87:00:f5:61:fb:6f:6e:f1:0a:da:96:
63:c8:e4:2c:7f:b1:23:aa:02:cc:86:f2:2e:74:e3:43:04:ed:
9d:85:c5:c4:d4:b6:33:38:48:6d:5e:a2:d9:ea:e9:12:34:49:
cc:19:95:4d:b2:1e:7c:47:01:d1:64:47:6b:15:78:76:b6:fa:
74:39:f2:1b:d2:c8:b9:68:67:fc:4d:d0:8f:37:b5:56:a7:b4:
7d:2d:51:f4:39:a1:58:34:3c:8d:92:d6:75:01:6f:11:68:f7:
fa:c6:32:cf:09:e7:eb:50:8b:0d:26:05:84:9b:7d:85:bb:b0:
09:56:f0:88:be:96:2a:d2:1a:7c:5f:d0:17:36:fb:c7:59:03:
74:13:01:f0:45:e7:9c:f9:22:b6:84:c0:9d:ed:7d:63:d4:68:
fe:c7:86:1e:a3:bd:ac:61:d3:b6:f5:ec:67:01:31:93:64:15:
f8:d3:5e:6b:17:10:ae:0f:fe:4a:b1:43:f0:1f:da:4b:c1:de:
1e:f6:c6:f4:2d:7c:ba:b0:5d:d7:ea:b9:dc:47:c9:17:23:d1:
40:e6:1c:67
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUEosOzw/Xp1ewaVjjWFSJaHYzxtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjExYTA0ODg5MDk2OWZhN2Q0YjZhZWY4YzAyMGNkYTQ0
NDRlYzJlNTAeFw0yMzA5MDExMTA5MzVaFw0yNDA4MzAxMTE0MzVaMDMxMTAvBgNV
BAMTKEE0MTExNkFGNzY0RTRDQTMyREJBNzI2MTBFRjI4NjE1QURCQzkxRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAO7FrBRreGohwIA50tjk6UmNJ
buWV7mo4pzoAOaAPOootcwJsVsiTN+NASmUHZZy2eO/HgDnA1NStWYWsEN6JMVwq
BidK6aV+u4i4gS73voCC8V+32zTAqgL9h17XdnW5HtmPUhNnHoU2xfzVscM6C8Tx
iuHpuh4dASAGMUXWKeIxgx+Mv3xNVjFHEl7ahRL/CdQntkxizP5zphDv/R9hD2Z5
gQ9rctDMfrCzY80FB8mDfMSyYO7n6w1LPdwDuFGWuYDHV6icHb9GZtqsqoY4+1UK
tfPDWXqdJ0VrwDMSOteT5rzHr9XHyfd6Xt/5ipN1JYFxfNNqPTNitMIa4hmNAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUpBEWr3ZOTKMtunJhDvKGFa28kfMwHwYDVR0j
BBgwFoAUIRoEiJCWn6fUtq74wCDNpEROwuUwDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzIvMjExQTA0ODg5MDk2OUZBN0Q0QjZBRUY4QzAyMENE
QTQ0NDRFQzJFNS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lSb0VpSkNXbjZm
VXRxNzR3Q0ROcEVST3d1VS5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMi8zMTM5MzMyZTM3MmUzMjMwMzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNjMwMzQzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQfPMA0GCSqGSIb3DQEBCwUAA4IBAQC1
c5qAFJoUOoV6XrWWlbzNanFbujQxVGH2/hcPW23vB0L+HwXEp/3i+lyKhwD1Yftv
bvEK2pZjyOQsf7EjqgLMhvIudONDBO2dhcXE1LYzOEhtXqLZ6ukSNEnMGZVNsh58
RwHRZEdrFXh2tvp0OfIb0si5aGf8TdCPN7VWp7R9LVH0OaFYNDyNktZ1AW8RaPf6
xjLPCefrUIsNJgWEm32Fu7AJVvCIvpYq0hp8X9AXNvvHWQN0EwHwReec+SK2hMCd
7X1j1Gj+x4Yeo72sYdO29exnATGTZBX4015rFxCuD/5KsUPwH9pLwd4e9sb0LXy6
sF3X6rncR8kXI9FA5hxn
-----END CERTIFICATE-----
Generated at Sat May 18 12:15:30 2024 by rpki-client on console-fra.rpki-client.org