Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203136353039.roa
File: 3134372e32382e33362e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: e1j+NLrJRYiBH2wYSa3JVoXaVzuNVrBHTZYjyOGQ7Ak=
Subject key identifier: 99:B2:73:2B:DF:BF:08:D5:4D:9A:CA:BA:C2:A1:2C:D8:AF:D0:66:A2
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 40726034AC968999FB24771E079288951504EC2B
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203136353039.roa
Signing time: Fri 01 Sep 2023 11:14:34 +0000
ROA not before: Fri 01 Sep 2023 11:09:34 +0000
ROA not after: Fri 30 Aug 2024 11:14:34 +0000
asID: 16509
IP address blocks: 147.28.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:72:60:34:ac:96:89:99:fb:24:77:1e:07:92:88:95:15:04:ec:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Sep 1 11:09:34 2023 GMT
Not After : Aug 30 11:14:34 2024 GMT
Subject: CN=99B2732BDFBF08D54D9ACABAC2A12CD8AFD066A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ed:b6:92:c6:4d:98:d9:8c:a4:b5:7d:9a:82:
94:5a:86:4e:9d:a4:dd:08:7e:37:88:16:39:71:0e:
05:92:df:fe:ae:5d:7a:48:7e:93:08:36:7b:2d:89:
e1:db:67:87:a6:46:27:d5:ce:cc:b5:c6:95:35:e4:
6a:28:39:2b:aa:9c:d4:91:72:b6:46:19:a2:e7:39:
7f:7a:85:61:ef:dd:3f:98:20:b3:20:8c:cc:7b:f8:
d3:e5:68:92:78:95:e1:28:7f:94:c1:81:b9:63:22:
4c:c2:9a:c1:23:3a:2c:dd:a9:33:5f:9c:fb:97:4c:
1e:b2:81:46:8f:55:c2:65:db:ca:bb:ce:00:b1:d0:
91:8d:54:ea:41:42:86:d0:55:87:71:b4:a2:ed:b8:
f2:94:d9:d0:b1:7f:36:bc:40:71:65:07:9e:e4:28:
3e:e0:91:cd:9c:c9:ab:9e:98:16:44:7f:78:dc:32:
53:e2:fc:93:39:d1:f4:04:35:ef:8e:71:21:7f:7c:
5f:ed:8b:8f:37:92:7d:33:d7:a4:ac:c7:9e:60:a9:
01:df:98:fc:42:aa:ca:ca:28:72:65:9d:74:67:eb:
ee:1c:8f:f8:59:f0:ef:8f:d4:8c:a6:cd:ff:47:92:
01:ee:a8:ed:88:6f:b1:89:57:5f:7d:9a:ed:b6:8f:
fd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B2:73:2B:DF:BF:08:D5:4D:9A:CA:BA:C2:A1:2C:D8:AF:D0:66:A2
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33362e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.36.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f3:52:1c:00:f0:28:63:e8:20:0a:d7:e8:77:a8:11:8e:40:
70:60:80:fc:06:cf:30:eb:d5:d4:b6:f5:49:f5:02:a0:3f:00:
54:a6:92:8a:07:ef:03:46:fc:69:05:13:3b:e7:c7:96:76:3e:
fa:2b:21:f0:c0:06:34:5b:15:68:95:de:60:1e:e0:30:8e:74:
21:8d:67:93:4e:57:63:85:2a:76:36:31:67:49:de:dd:c2:7d:
a8:cd:50:86:f0:dd:30:93:33:ab:d2:fc:6d:c9:b5:0a:1f:79:
8d:9c:ee:88:c0:af:98:5d:30:77:fc:49:f2:59:ef:90:4c:e3:
a8:80:8a:8f:a1:b7:a9:95:f0:44:5f:c2:60:2c:43:84:d0:99:
40:60:0b:5a:8b:1e:74:4b:bb:5e:5b:71:86:71:f7:62:0c:43:
6c:69:b8:e6:80:bb:3c:78:5a:c5:75:5b:91:69:0e:60:0d:c0:
3b:b2:af:05:d0:b5:bd:55:5a:27:1d:17:7c:f7:00:db:f4:1e:
28:65:cc:c1:14:b5:a0:18:39:18:87:cb:9a:4b:b3:a3:98:dc:
e3:70:ca:e1:0b:42:fa:41:f1:b1:f0:b7:e3:19:47:9a:1d:d9:
97:86:41:fa:b6:22:62:d8:29:3a:e0:c1:98:d7:c0:10:b2:11:
a8:e0:cc:39
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUQHJgNKyWiZn7JHceB5KIlRUE7CswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yMzA5MDExMTA5MzRaFw0yNDA4MzAxMTE0MzRaMDMxMTAvBgNV
BAMTKDk5QjI3MzJCREZCRjA4RDU0RDlBQ0FCQUMyQTEyQ0Q4QUZEMDY2QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB7baSxk2Y2YyktX2agpRahk6d
pN0IfjeIFjlxDgWS3/6uXXpIfpMINnstieHbZ4emRifVzsy1xpU15GooOSuqnNSR
crZGGaLnOX96hWHv3T+YILMgjMx7+NPlaJJ4leEof5TBgbljIkzCmsEjOizdqTNf
nPuXTB6ygUaPVcJl28q7zgCx0JGNVOpBQobQVYdxtKLtuPKU2dCxfza8QHFlB57k
KD7gkc2cyauemBZEf3jcMlPi/JM50fQENe+OcSF/fF/ti483kn0z16Ssx55gqQHf
mPxCqsrKKHJlnXRn6+4cj/hZ8O+P1Iymzf9HkgHuqO2Ib7GJV199mu22j/2DAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUmbJzK9+/CNVNmsq6wqEs2K/QZqIwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM0MzcyZTMyMzgyZTMzMzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTM2MzUzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkxwkMA0GCSqGSIb3DQEBCwUAA4IBAQCm
81IcAPAoY+ggCtfod6gRjkBwYID8Bs8w69XUtvVJ9QKgPwBUppKKB+8DRvxpBRM7
58eWdj76KyHwwAY0WxVold5gHuAwjnQhjWeTTldjhSp2NjFnSd7dwn2ozVCG8N0w
kzOr0vxtybUKH3mNnO6IwK+YXTB3/EnyWe+QTOOogIqPobeplfBEX8JgLEOE0JlA
YAtaix50S7teW3GGcfdiDENsabjmgLs8eFrFdVuRaQ5gDcA7sq8F0LW9VVonHRd8
9wDb9B4oZczBFLWgGDkYh8uaS7OjmNzjcMrhC0L6QfGx8LfjGUeaHdmXhkH6tiJi
2Ck64MGY18AQshGo4Mw5
-----END CERTIFICATE-----
Generated at Thu May 2 13:56:24 2024 by rpki-client on console-ams.rpki-client.org