Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e34302e302f32342d3234203d3e203136353039.roa
File: 3134372e32382e34302e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: nLt+iO+S6+Wzv3y5kmSbBY68X9l/sq5/MW/D5u6dx1Q=
Subject key identifier: 43:F7:A0:3B:D6:17:A9:30:88:22:48:E8:DD:4E:98:D9:AD:65:6E:31
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 36EA6CDFF26CA970890AF066C4BE99F170F47B1B
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e34302e302f32342d3234203d3e203136353039.roa
Signing time: Tue 14 Apr 2026 19:46:13 +0000
ROA not before: Tue 14 Apr 2026 19:41:13 +0000
ROA not after: Tue 13 Apr 2027 19:46:13 +0000
asID: 16509
IP address blocks: 147.28.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:ea:6c:df:f2:6c:a9:70:89:0a:f0:66:c4:be:99:f1:70:f4:7b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Apr 14 19:41:13 2026 GMT
Not After : Apr 13 19:46:13 2027 GMT
Subject: CN=43F7A03BD617A930882248E8DD4E98D9AD656E31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:45:88:1c:80:9b:5c:75:20:da:e5:08:89:
1f:fa:11:b8:39:c5:81:f9:38:20:06:42:40:4a:51:
db:88:85:75:3b:dd:f8:f8:4f:cc:b3:50:d2:46:d7:
e7:8c:76:29:ac:bc:cb:61:10:0b:c7:a7:b6:d1:bb:
04:8c:1d:f4:a6:4f:72:6d:47:3d:01:19:04:d7:81:
75:c7:24:54:e1:b5:84:1a:37:48:95:6c:be:b0:61:
5f:3d:6a:28:8a:8c:41:a4:d7:4f:5a:73:79:7a:d5:
f8:23:be:35:38:a9:96:cf:af:64:e9:79:10:27:3d:
81:e4:56:58:ad:02:a0:fd:3e:e7:e8:74:9a:bb:38:
52:17:5d:cf:d3:78:25:8b:aa:1d:df:c6:2a:45:34:
3e:40:59:49:d9:d5:4f:af:fb:2e:e2:80:4d:1f:91:
48:64:1d:2c:45:1b:19:cb:3b:a5:8b:b6:93:d3:6c:
ca:56:56:7e:8f:92:e3:b0:9a:a5:33:26:9c:9e:7a:
4b:96:5a:b3:08:3c:7c:92:7a:db:e5:e6:0c:9f:84:
69:53:7a:5f:02:1b:a1:26:8c:58:96:b2:08:e2:14:
24:13:c6:e1:07:b9:98:ef:f9:9e:cf:ed:8f:82:49:
a1:8c:b8:74:a0:e0:3e:35:14:37:5e:e4:bb:ac:99:
f6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F7:A0:3B:D6:17:A9:30:88:22:48:E8:DD:4E:98:D9:AD:65:6E:31
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e34302e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.40.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:e3:c5:af:8b:f6:aa:fc:f7:ea:42:4d:96:b8:e1:55:b0:79:
a2:7d:6a:f9:b1:95:63:d1:eb:32:e1:2a:bf:f1:4a:91:25:2a:
45:d8:d9:e5:c4:2d:5c:1a:bf:d5:b2:2b:ef:f7:c7:f3:d3:cc:
31:93:65:8d:57:e4:ac:f8:80:f6:c5:a8:5e:51:94:a8:44:26:
af:12:5a:55:82:e2:f3:10:84:0b:03:fe:70:8d:19:ff:47:34:
3a:10:7f:21:3d:c8:03:f9:d8:b4:4a:da:fd:ae:f4:2e:4a:5e:
41:6e:a1:98:a9:82:c5:e4:53:f4:8c:2b:9e:fd:e1:a0:0f:6d:
2c:78:af:77:40:52:8e:41:76:f1:7b:73:ef:e1:eb:39:bf:ff:
bd:85:65:ec:c4:1a:9e:88:b5:85:b2:4e:6b:05:31:45:90:bd:
51:8e:54:af:59:9e:f9:90:b0:3c:c2:81:df:9b:03:70:8f:9a:
3f:7a:b5:68:ac:01:0c:41:b7:3a:e6:ae:e4:e9:77:19:e0:3c:
8e:9b:92:6f:8a:6d:82:dd:40:0a:e6:3f:c0:eb:95:d4:e7:eb:
0f:3c:bf:37:4c:ad:95:22:a9:ce:48:2f:d8:4b:7e:91:68:f9:
cb:21:6e:df:40:04:c7:85:49:5f:99:d5:ce:ce:b5:38:8b:f9:
91:bd:b1:a6
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUNups3/JsqXCJCvBmxL6Z8XD0exswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNjA0MTQxOTQxMTNaFw0yNzA0MTMxOTQ2MTNaMDMxMTAvBgNV
BAMTKDQzRjdBMDNCRDYxN0E5MzA4ODIyNDhFOERENEU5OEQ5QUQ2NTZFMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdaEWIHICbXHUg2uUIiR/6Ebg5
xYH5OCAGQkBKUduIhXU73fj4T8yzUNJG1+eMdimsvMthEAvHp7bRuwSMHfSmT3Jt
Rz0BGQTXgXXHJFThtYQaN0iVbL6wYV89aiiKjEGk109ac3l61fgjvjU4qZbPr2Tp
eRAnPYHkVlitAqD9PufodJq7OFIXXc/TeCWLqh3fxipFND5AWUnZ1U+v+y7igE0f
kUhkHSxFGxnLO6WLtpPTbMpWVn6PkuOwmqUzJpyeekuWWrMIPHySetvl5gyfhGlT
el8CG6EmjFiWsgjiFCQTxuEHuZjv+Z7P7Y+CSaGMuHSg4D41FDde5LusmfYLAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUQ/egO9YXqTCIIkjo3U6Y2a1lbjEwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM0MzcyZTMyMzgyZTM0MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTM2MzUzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkxwoMA0GCSqGSIb3DQEBCwUAA4IBAQCj
48Wvi/aq/PfqQk2WuOFVsHmifWr5sZVj0esy4Sq/8UqRJSpF2NnlxC1cGr/Vsivv
98fz08wxk2WNV+Ss+ID2xaheUZSoRCavElpVguLzEIQLA/5wjRn/RzQ6EH8hPcgD
+di0Str9rvQuSl5BbqGYqYLF5FP0jCue/eGgD20seK93QFKOQXbxe3Pv4es5v/+9
hWXsxBqeiLWFsk5rBTFFkL1RjlSvWZ75kLA8woHfmwNwj5o/erVorAEMQbc65q7k
6XcZ4DyOm5Jvim2C3UAK5j/A65XU5+sPPL83TK2VIqnOSC/YS36RaPnLIW7fQATH
hUlfmdXOzrU4i/mRvbGm
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:41:28 2026 by rpki-client