Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33382e302f32342d3234203d3e203136353039.roa
File: 3134372e32382e33382e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: oZYQeDDg4ZC+KcNWcTQ05rvJN9hnSElm9xiGeGWKAME=
Subject key identifier: AD:E1:A8:0C:9F:92:1D:87:B7:B6:E4:2F:94:17:A6:08:D5:38:FF:8A
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 3A8C7FD82C2678A6DF6702E3EBFC9D89D59822E6
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33382e302f32342d3234203d3e203136353039.roa
Signing time: Mon 04 Dec 2023 15:20:16 +0000
ROA not before: Mon 04 Dec 2023 15:15:16 +0000
ROA not after: Mon 02 Dec 2024 15:20:16 +0000
asID: 16509
IP address blocks: 147.28.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:8c:7f:d8:2c:26:78:a6:df:67:02:e3:eb:fc:9d:89:d5:98:22:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Dec 4 15:15:16 2023 GMT
Not After : Dec 2 15:20:16 2024 GMT
Subject: CN=ADE1A80C9F921D87B7B6E42F9417A608D538FF8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:14:75:11:10:1d:9f:8c:08:15:e3:06:db:db:
a9:a3:40:af:56:16:ec:10:93:55:10:d5:df:7b:ee:
7e:4c:48:66:72:79:f3:ec:4b:66:e7:94:56:5c:cf:
f1:fd:90:b8:46:7b:3b:ca:46:02:aa:0b:67:2d:dc:
13:be:4e:e8:02:d0:a7:2e:77:5c:d3:2e:d5:26:94:
bc:5d:b0:f8:d1:fa:c5:3c:2e:e2:d6:4a:ba:47:d8:
c9:96:c8:70:6e:b0:99:51:40:4e:6a:fb:07:a3:d4:
db:69:fc:50:32:7a:6d:2b:e3:3f:9e:5e:40:75:c8:
65:b6:9c:a7:3e:38:84:81:63:df:4f:ab:cc:b4:96:
a4:2f:ff:16:c1:9a:a6:c0:a5:f2:27:06:be:b7:dc:
71:51:ab:df:95:93:ee:52:01:26:21:0a:63:f9:be:
f9:63:1c:01:a6:3c:b8:1e:cb:21:43:33:fa:dc:5a:
aa:d7:38:c9:41:0e:f7:b6:a2:dd:11:7d:6d:03:de:
ab:56:7f:f3:82:a7:2d:15:08:0c:ac:a3:40:7f:ab:
39:a4:74:5b:6e:24:2e:96:ab:cc:61:d1:15:19:a2:
24:d6:49:9b:25:a4:09:ae:b4:c5:70:7d:eb:43:87:
2f:44:92:46:aa:e0:7f:66:c2:64:a4:2c:93:3c:c3:
e1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E1:A8:0C:9F:92:1D:87:B7:B6:E4:2F:94:17:A6:08:D5:38:FF:8A
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33382e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.38.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:cd:df:ae:92:bf:a4:0c:c9:33:fd:c3:81:91:fb:d1:b9:3e:
26:89:27:5a:92:19:49:ee:b1:53:eb:a8:6b:7e:62:86:b2:b5:
ec:54:88:73:32:af:3d:dd:8c:59:5c:8b:ab:a9:65:b8:1b:c6:
23:7a:f5:55:12:40:d3:85:b8:4e:e1:bd:85:71:eb:87:f6:71:
09:09:c1:94:32:ca:ea:22:0a:dc:8e:f6:fa:4c:74:fe:c0:f5:
dc:0f:a4:bc:bb:60:55:50:ef:36:8f:07:b1:b6:33:13:38:50:
b2:03:2e:86:63:94:0e:75:31:fa:fb:41:59:3c:8c:5b:70:bf:
cc:66:73:64:ad:2c:aa:1f:12:dc:40:02:15:27:17:db:ca:6e:
e1:da:5f:30:f0:f7:c3:dc:a7:25:bf:6a:d5:ab:61:b3:c5:7c:
cf:d2:ed:e3:5b:fd:b9:da:85:b2:76:93:df:ef:25:4f:e9:a1:
36:41:ac:67:72:86:f9:4a:73:e6:9c:7a:7d:6a:89:0f:cb:8e:
30:e6:6a:87:56:3c:38:29:cb:f8:f0:e9:1c:53:e5:f7:97:02:
87:e4:96:d2:52:5e:88:cb:20:6c:44:20:ce:a2:75:6c:4d:6e:
a9:f7:44:38:a7:5b:98:83:b4:a1:ae:d4:c0:71:4d:85:20:97:
dd:e3:89:ff
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUOox/2CwmeKbfZwLj6/ydidWYIuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yMzEyMDQxNTE1MTZaFw0yNDEyMDIxNTIwMTZaMDMxMTAvBgNV
BAMTKEFERTFBODBDOUY5MjFEODdCN0I2RTQyRjk0MTdBNjA4RDUzOEZGOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZFHUREB2fjAgV4wbb26mjQK9W
FuwQk1UQ1d977n5MSGZyefPsS2bnlFZcz/H9kLhGezvKRgKqC2ct3BO+TugC0Kcu
d1zTLtUmlLxdsPjR+sU8LuLWSrpH2MmWyHBusJlRQE5q+wej1Ntp/FAyem0r4z+e
XkB1yGW2nKc+OISBY99Pq8y0lqQv/xbBmqbApfInBr633HFRq9+Vk+5SASYhCmP5
vvljHAGmPLgeyyFDM/rcWqrXOMlBDve2ot0RfW0D3qtWf/OCpy0VCAyso0B/qzmk
dFtuJC6Wq8xh0RUZoiTWSZslpAmutMVwfetDhy9Ekkaq4H9mwmSkLJM8w+EJAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUreGoDJ+SHYe3tuQvlBemCNU4/4owHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM0MzcyZTMyMzgyZTMzMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTM2MzUzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkxwmMA0GCSqGSIb3DQEBCwUAA4IBAQB9
zd+ukr+kDMkz/cOBkfvRuT4miSdakhlJ7rFT66hrfmKGsrXsVIhzMq893YxZXIur
qWW4G8YjevVVEkDThbhO4b2FceuH9nEJCcGUMsrqIgrcjvb6THT+wPXcD6S8u2BV
UO82jwextjMTOFCyAy6GY5QOdTH6+0FZPIxbcL/MZnNkrSyqHxLcQAIVJxfbym7h
2l8w8PfD3Kclv2rVq2GzxXzP0u3jW/252oWydpPf7yVP6aE2Qaxncob5SnPmnHp9
aokPy44w5mqHVjw4Kcv48OkcU+X3lwKH5JbSUl6IyyBsRCDOonVsTW6p90Q4p1uY
g7ShrtTAcU2FIJfd44n/
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:10 2024 by rpki-client on console-fra.rpki-client.org