Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203134363138.roa
File: 3134372e32382e33362e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: E1GNfiJIPZY4+8SN9A5g41laSZ7J4nhMUN38GhQ42VI=
Subject key identifier: A4:64:1E:0C:6F:0B:36:7C:C2:BA:70:27:C5:37:66:93:0E:E3:16:48
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 63CA1192E587258EBFB6F3C05C4F38099B2EFDAE
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203134363138.roa
Signing time: Fri 02 Aug 2024 11:24:24 +0000
ROA not before: Fri 02 Aug 2024 11:19:24 +0000
ROA not after: Fri 01 Aug 2025 11:24:24 +0000
asID: 14618
IP address blocks: 147.28.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 17:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ca:11:92:e5:87:25:8e:bf:b6:f3:c0:5c:4f:38:09:9b:2e:fd:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Aug 2 11:19:24 2024 GMT
Not After : Aug 1 11:24:24 2025 GMT
Subject: CN=A4641E0C6F0B367CC2BA7027C53766930EE31648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:a7:16:b2:bc:a0:6f:23:f6:e2:ee:fd:35:
61:28:16:bb:90:94:fb:37:3b:37:d4:2b:90:88:cf:
2d:63:88:a8:23:b2:bc:69:e1:33:18:f9:ca:23:4b:
16:1b:be:e1:75:fe:cd:0b:4b:51:88:25:70:0e:58:
27:b3:80:5d:99:14:d0:f9:67:c6:d8:d3:ae:00:96:
91:30:03:f9:6f:3f:fc:83:2c:2c:75:07:10:5d:48:
7d:d6:c7:5f:56:1d:56:68:2f:6e:ec:f5:4d:4c:a4:
d2:3c:59:6a:05:b4:27:1b:30:e4:9e:e4:69:d6:0b:
ae:a3:08:a6:e3:e9:bc:25:90:fe:af:45:d6:56:38:
d8:77:b9:36:61:b7:51:aa:53:20:e7:39:82:fe:c8:
77:24:3e:b4:db:61:37:d7:c1:32:2c:70:ea:9a:a1:
03:e8:91:17:bc:83:b6:c1:b3:63:05:62:a2:9c:a4:
e1:c7:67:35:57:4c:d0:c7:da:f2:8b:3a:c5:f1:d2:
a4:fd:3a:57:e2:ef:f5:45:e0:cb:5f:82:d8:65:0d:
3b:79:9d:7d:7d:8d:03:83:2d:d9:98:0a:89:8c:3f:
8b:08:dc:ba:03:63:2f:5b:0b:2f:af:ef:0e:81:c1:
dc:2c:92:f0:8f:ef:b8:8e:13:49:55:f4:b0:99:2f:
c4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:64:1E:0C:6F:0B:36:7C:C2:BA:70:27:C5:37:66:93:0E:E3:16:48
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.36.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:0e:de:9d:62:f1:f2:a6:07:a8:3a:ea:3a:47:3e:3d:9c:90:
2f:8c:47:1b:47:64:46:26:b6:80:cc:93:3d:6a:71:3a:55:19:
c0:2e:48:c5:03:a3:d7:7f:20:d0:84:6c:d7:3f:44:8e:09:d5:
15:e1:69:95:e6:c5:c9:19:90:ad:83:79:35:de:26:f7:97:0e:
27:32:dc:0b:92:12:e2:80:39:02:d1:74:13:e3:d6:62:1d:82:
95:db:94:3b:4c:b2:b2:87:da:68:a3:4a:0c:23:88:7f:cb:23:
08:93:fe:bb:d2:6c:80:36:39:89:79:4c:9a:88:f1:eb:a5:6d:
87:78:7c:99:b6:7d:9a:7e:e4:2b:f6:9d:85:3b:f2:a2:59:a7:
8c:b8:f0:77:0f:b7:05:a5:f4:38:fa:c2:1c:a4:86:24:da:f3:
95:c7:78:f5:f6:61:0f:88:84:12:c4:f4:d1:66:8f:e2:a7:30:
b6:2b:1d:34:fc:ff:5f:00:6e:30:aa:ba:83:73:14:a1:1b:9f:
9e:83:90:47:2d:e4:32:d6:e6:36:8c:a0:89:b2:98:19:ad:21:
80:1d:43:ef:95:b6:e0:30:b4:19:57:98:fb:86:a3:52:8c:5c:
14:a5:85:ac:ac:4c:d5:d8:5a:a7:05:4c:95:9e:d4:1c:59:f6:
22:66:bc:e9
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUY8oRkuWHJY6/tvPAXE84CZsu/a4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNDA4MDIxMTE5MjRaFw0yNTA4MDExMTI0MjRaMDMxMTAvBgNV
BAMTKEE0NjQxRTBDNkYwQjM2N0NDMkJBNzAyN0M1Mzc2NjkzMEVFMzE2NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2jKcWsrygbyP24u79NWEoFruQ
lPs3OzfUK5CIzy1jiKgjsrxp4TMY+cojSxYbvuF1/s0LS1GIJXAOWCezgF2ZFND5
Z8bY064AlpEwA/lvP/yDLCx1BxBdSH3Wx19WHVZoL27s9U1MpNI8WWoFtCcbMOSe
5GnWC66jCKbj6bwlkP6vRdZWONh3uTZht1GqUyDnOYL+yHckPrTbYTfXwTIscOqa
oQPokRe8g7bBs2MFYqKcpOHHZzVXTNDH2vKLOsXx0qT9Olfi7/VF4MtfgthlDTt5
nX19jQODLdmYComMP4sI3LoDYy9bCy+v7w6BwdwskvCP77iOE0lV9LCZL8QnAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUpGQeDG8LNnzCunAnxTdmkw7jFkgwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM0MzcyZTMyMzgyZTMzMzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTM0MzYzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkxwkMA0GCSqGSIb3DQEBCwUAA4IBAQCN
Dt6dYvHypgeoOuo6Rz49nJAvjEcbR2RGJraAzJM9anE6VRnALkjFA6PXfyDQhGzX
P0SOCdUV4WmV5sXJGZCtg3k13ib3lw4nMtwLkhLigDkC0XQT49ZiHYKV25Q7TLKy
h9poo0oMI4h/yyMIk/670myANjmJeUyaiPHrpW2HeHyZtn2afuQr9p2FO/KiWaeM
uPB3D7cFpfQ4+sIcpIYk2vOVx3j19mEPiIQSxPTRZo/ipzC2Kx00/P9fAG4wqrqD
cxShG5+eg5BHLeQy1uY2jKCJspgZrSGAHUPvlbbgMLQZV5j7hqNSjFwUpYWsrEzV
2FqnBUyVntQcWfYiZrzp
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:36 2025 by rpki-client