Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
File: 39312e3232302e34322e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: lgvt1UrATclt1rB9krdtkzNlQXLOallOKumF09Ge24c=
Subject key identifier: 99:E5:D7:F8:2E:50:EA:16:E5:3C:BF:FA:8D:BA:2B:61:66:6D:81:9F
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 1D4B4CEEB38C67018B00B9AC05F6823D6551A6D7
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
Signing time: Fri 02 Aug 2024 11:24:25 +0000
ROA not before: Fri 02 Aug 2024 11:19:25 +0000
ROA not after: Fri 01 Aug 2025 11:24:25 +0000
asID: 42427
IP address blocks: 91.220.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:4b:4c:ee:b3:8c:67:01:8b:00:b9:ac:05:f6:82:3d:65:51:a6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Aug 2 11:19:25 2024 GMT
Not After : Aug 1 11:24:25 2025 GMT
Subject: CN=99E5D7F82E50EA16E53CBFFA8DBA2B61666D819F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:42:85:2d:3b:b5:9f:94:c5:f5:e9:5e:40:95:
37:52:45:fb:bf:55:3a:d0:d4:ac:a0:11:62:26:85:
55:de:50:ad:76:e1:c7:6a:d5:b7:97:79:89:1e:73:
9e:d1:4f:29:b9:d5:53:21:17:d5:9d:42:d5:ae:67:
23:95:51:5b:d9:8b:9f:c0:dc:0a:76:58:46:0a:12:
ce:53:71:c3:7d:05:5f:1c:85:b6:cb:27:b7:5d:3a:
25:8b:87:e8:88:25:77:6d:98:c6:eb:f3:bb:2d:ca:
ab:fb:b2:b8:91:b3:4c:74:69:0f:64:35:a3:22:a5:
3e:96:bd:ff:29:f7:4f:78:6c:f7:2e:58:b8:38:fe:
3f:74:51:b1:be:b9:a0:e3:27:a7:f0:e2:cc:40:30:
00:87:5f:96:07:6b:5f:87:e0:3d:91:99:04:66:00:
3a:59:7d:fd:b4:bb:70:12:ef:a8:a3:52:c6:cb:81:
ff:e9:bb:db:41:9b:6d:b8:fa:9d:46:d0:05:b2:69:
a3:05:03:d1:99:85:af:fd:92:9d:7c:39:7a:2b:06:
be:ef:35:f4:a7:d2:f2:87:a8:f1:ba:19:47:91:95:
a4:c8:7b:90:89:7e:6b:c5:cc:29:b6:30:47:94:70:
cd:2b:08:ee:8a:22:02:a8:6c:f9:69:eb:d6:ac:ac:
9e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E5:D7:F8:2E:50:EA:16:E5:3C:BF:FA:8D:BA:2B:61:66:6D:81:9F
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.42.0/24
Signature Algorithm: sha256WithRSAEncryption
47:22:65:7c:77:aa:d5:e0:74:5c:a7:be:6b:c5:68:33:b8:02:
78:d0:10:da:48:2b:db:0e:08:0e:62:3f:3c:42:c3:89:0c:0f:
53:a6:89:32:84:91:40:58:df:f6:5f:49:46:fa:64:fd:a3:50:
be:c8:a0:51:cd:c2:4a:01:e2:ab:d3:56:9f:4f:b8:d4:7a:54:
d6:61:d3:45:f5:82:d8:12:7e:d1:40:b5:6a:25:eb:0b:01:5a:
b8:2a:ba:51:f6:b5:14:95:7a:17:b4:f4:8b:2d:a6:a3:b4:74:
96:ca:4e:e2:fb:ef:ab:cf:28:84:c4:78:f7:25:f8:81:7e:8c:
9b:85:75:85:a8:f1:76:37:36:33:e9:ae:88:fb:e2:12:3f:af:
4f:e0:30:87:b6:a4:c4:4c:bd:33:a2:6a:3c:1c:c3:cc:d7:5b:
78:c4:2d:cd:32:30:71:ed:81:87:83:b1:ec:d8:02:da:71:cf:
bc:32:84:b6:9f:9f:d6:e4:e4:e6:2f:39:e9:06:b0:32:f9:54:
86:47:63:09:a6:ef:38:c9:1b:ca:47:9d:50:81:df:8d:f0:77:
ed:2f:a0:d7:b2:ad:d7:af:8c:f2:5d:be:c5:b8:95:58:18:4e:
51:68:6e:38:f9:33:03:99:4c:58:e1:3c:20:e2:51:93:b2:7f:
d4:be:e8:0f
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUHUtM7rOMZwGLALmsBfaCPWVRptcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNDA4MDIxMTE5MjVaFw0yNTA4MDExMTI0MjVaMDMxMTAvBgNV
BAMTKDk5RTVEN0Y4MkU1MEVBMTZFNTNDQkZGQThEQkEyQjYxNjY2RDgxOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxQoUtO7WflMX16V5AlTdSRfu/
VTrQ1KygEWImhVXeUK124cdq1beXeYkec57RTym51VMhF9WdQtWuZyOVUVvZi5/A
3Ap2WEYKEs5TccN9BV8chbbLJ7ddOiWLh+iIJXdtmMbr87styqv7sriRs0x0aQ9k
NaMipT6Wvf8p9094bPcuWLg4/j90UbG+uaDjJ6fw4sxAMACHX5YHa1+H4D2RmQRm
ADpZff20u3AS76ijUsbLgf/pu9tBm224+p1G0AWyaaMFA9GZha/9kp18OXorBr7v
NfSn0vKHqPG6GUeRlaTIe5CJfmvFzCm2MEeUcM0rCO6KIgKobPlp69asrJ55AgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUmeXX+C5Q6hblPL/6jborYWZtgZ8wHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zOTMxMmUzMjMyMzAyZTM0MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wqMA0GCSqGSIb3DQEBCwUAA4IBAQBH
ImV8d6rV4HRcp75rxWgzuAJ40BDaSCvbDggOYj88QsOJDA9TpokyhJFAWN/2X0lG
+mT9o1C+yKBRzcJKAeKr01afT7jUelTWYdNF9YLYEn7RQLVqJesLAVq4KrpR9rUU
lXoXtPSLLaajtHSWyk7i+++rzyiExHj3JfiBfoybhXWFqPF2NzYz6a6I++ISP69P
4DCHtqTETL0zomo8HMPM11t4xC3NMjBx7YGHg7Hs2ALacc+8MoS2n5/W5OTmLznp
BrAy+VSGR2MJpu84yRvKR51Qgd+N8HftL6DXsq3Xr4zyXb7FuJVYGE5RaG44+TMD
mUxY4Twg4lGTsn/UvugP
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:25 2024 by rpki-client on console-ams.rpki-client.org