Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203134363138.roa
File: 3134372e32382e33362e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: X3YfI9XhMBzqSxlG5J9Y7QTZBGXms6H2VTzDt/+z6JM=
Subject key identifier: FC:E3:8C:39:5D:D8:25:9E:F4:23:75:13:58:0B:26:05:7E:E3:6A:DF
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 7BB94F470326F275D3560325281C0D1E0BCD1B2C
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203134363138.roa
Signing time: Fri 01 Sep 2023 11:14:33 +0000
ROA not before: Fri 01 Sep 2023 11:09:33 +0000
ROA not after: Fri 30 Aug 2024 11:14:33 +0000
asID: 14618
IP address blocks: 147.28.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:b9:4f:47:03:26:f2:75:d3:56:03:25:28:1c:0d:1e:0b:cd:1b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Sep 1 11:09:33 2023 GMT
Not After : Aug 30 11:14:33 2024 GMT
Subject: CN=FCE38C395DD8259EF4237513580B26057EE36ADF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:11:46:48:9b:b7:97:c2:9b:f3:9b:be:f6:d7:
54:cc:2a:1b:f8:c4:08:82:e5:fb:cd:65:42:f3:17:
ae:19:bd:79:c1:31:cf:9e:12:c3:59:50:ea:18:85:
61:43:50:dd:1d:fb:ae:9b:61:c9:97:d5:a9:c8:2d:
dc:29:82:d9:ab:12:80:f9:63:04:75:07:90:9a:7e:
97:0a:26:9d:8f:c4:d9:b9:86:5b:d7:2b:35:ee:cc:
f4:b4:42:6b:30:26:03:43:cf:36:df:55:3d:f8:30:
e8:ce:8b:ba:9c:b2:3a:70:43:40:9f:4e:20:aa:28:
9b:99:79:eb:66:89:dd:19:f8:96:5b:95:c5:45:61:
f6:f9:73:ea:67:23:a7:e9:66:52:0a:25:27:00:d2:
a8:fa:54:8a:f0:8f:35:fb:5f:e9:69:0c:02:ff:2e:
d5:83:75:1a:94:ba:33:d0:b5:a4:28:97:dc:26:87:
6b:39:ce:1c:19:14:8a:ce:a2:ff:6c:3c:e4:8e:04:
e8:1a:90:86:2c:e3:a6:e6:38:62:83:4d:a5:e0:a8:
40:dc:df:f7:64:4a:a5:c3:50:a7:66:ed:20:44:f2:
00:34:dd:c0:57:48:50:31:18:f4:c8:8a:12:ae:ec:
80:1a:5a:19:b8:4e:b2:e6:34:9e:57:37:cf:9c:23:
d5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E3:8C:39:5D:D8:25:9E:F4:23:75:13:58:0B:26:05:7E:E3:6A:DF
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.36.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:79:d1:e5:6b:2d:62:dd:55:4f:ac:bb:db:6b:43:ec:67:8e:
bb:c0:7b:ae:bf:94:fa:47:a7:3d:60:87:20:09:3b:7e:f5:43:
e7:7f:c1:f8:ef:2e:e8:27:b7:1f:15:9a:1d:05:aa:25:33:39:
0a:97:6c:09:c0:b2:43:fa:2e:80:74:a9:9c:3a:c7:bf:52:2d:
5c:59:ec:a2:46:46:a8:4a:01:35:cf:51:84:ba:f7:00:fa:e5:
57:4c:53:55:5b:f8:68:12:c4:38:fe:ea:35:02:44:f6:e1:dd:
5c:fd:90:42:ad:31:6f:6b:9d:85:ba:a9:f0:5e:0b:b8:72:f7:
39:1c:ba:d7:0c:b6:90:4f:9f:71:e3:72:24:89:be:20:a2:87:
d8:00:9c:26:ee:5f:60:f3:2c:57:b3:69:99:5d:87:0f:24:a2:
e4:0c:e8:b6:d1:9e:ae:42:ee:ae:f1:ec:0a:1d:bf:7c:11:4a:
a0:ee:9b:52:91:10:89:4f:4c:d3:a4:94:ec:a9:77:15:7d:90:
ab:e7:d7:ac:76:f0:a1:b3:65:5a:7c:8f:90:17:09:f0:c1:df:
ed:68:f9:30:67:eb:8f:f7:82:5e:4b:26:5a:1e:8a:67:82:2f:
d8:e5:8f:b0:66:e0:e1:cd:97:98:78:09:ae:ba:90:b5:1c:de:
10:6d:48:86
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUe7lPRwMm8nXTVgMlKBwNHgvNGywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yMzA5MDExMTA5MzNaFw0yNDA4MzAxMTE0MzNaMDMxMTAvBgNV
BAMTKEZDRTM4QzM5NUREODI1OUVGNDIzNzUxMzU4MEIyNjA1N0VFMzZBREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfEUZIm7eXwpvzm77211TMKhv4
xAiC5fvNZULzF64ZvXnBMc+eEsNZUOoYhWFDUN0d+66bYcmX1anILdwpgtmrEoD5
YwR1B5CafpcKJp2PxNm5hlvXKzXuzPS0QmswJgNDzzbfVT34MOjOi7qcsjpwQ0Cf
TiCqKJuZeetmid0Z+JZblcVFYfb5c+pnI6fpZlIKJScA0qj6VIrwjzX7X+lpDAL/
LtWDdRqUujPQtaQol9wmh2s5zhwZFIrOov9sPOSOBOgakIYs46bmOGKDTaXgqEDc
3/dkSqXDUKdm7SBE8gA03cBXSFAxGPTIihKu7IAaWhm4TrLmNJ5XN8+cI9WbAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQU/OOMOV3YJZ70I3UTWAsmBX7jat8wHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM0MzcyZTMyMzgyZTMzMzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTM0MzYzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkxwkMA0GCSqGSIb3DQEBCwUAA4IBAQBq
edHlay1i3VVPrLvba0PsZ467wHuuv5T6R6c9YIcgCTt+9UPnf8H47y7oJ7cfFZod
BaolMzkKl2wJwLJD+i6AdKmcOse/Ui1cWeyiRkaoSgE1z1GEuvcA+uVXTFNVW/ho
EsQ4/uo1AkT24d1c/ZBCrTFva52FuqnwXgu4cvc5HLrXDLaQT59x43Ikib4goofY
AJwm7l9g8yxXs2mZXYcPJKLkDOi20Z6uQu6u8ewKHb98EUqg7ptSkRCJT0zTpJTs
qXcVfZCr59esdvChs2VafI+QFwnwwd/taPkwZ+uP94JeSyZaHopngi/Y5Y+wZuDh
zZeYeAmuupC1HN4QbUiG
-----END CERTIFICATE-----
Generated at Wed May 1 22:10:28 2024 by rpki-client on console-ams.rpki-client.org