Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38372e302f32342d3234203d3e203432343237.roa
File: 3138352e35382e38372e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: gf3KKI2IwKwtI62NJxtqHgSFWRW6gMkyb50TjzVumi0=
Subject key identifier: C7:91:FD:78:DF:B4:06:D1:08:6C:E6:ED:72:87:16:E4:76:4B:54:26
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 7828871F4E89116E8E1F0FAC35D7F838B3FF393F
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38372e302f32342d3234203d3e203432343237.roa
Signing time: Fri 04 Jul 2025 12:05:11 +0000
ROA not before: Fri 04 Jul 2025 12:00:11 +0000
ROA not after: Fri 03 Jul 2026 12:05:11 +0000
asID: 42427
IP address blocks: 185.58.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 14:04:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:28:87:1f:4e:89:11:6e:8e:1f:0f:ac:35:d7:f8:38:b3:ff:39:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Jul 4 12:00:11 2025 GMT
Not After : Jul 3 12:05:11 2026 GMT
Subject: CN=C791FD78DFB406D1086CE6ED728716E4764B5426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9c:35:33:ac:78:02:35:fb:f2:0f:3e:33:01:
ff:1f:33:9e:00:8d:a2:4a:e7:35:b4:68:9b:b7:46:
90:74:16:61:4d:d8:dd:77:00:b6:5f:c0:c4:96:ce:
4b:49:0d:5f:9f:b3:cb:09:8e:94:89:5d:b3:37:e7:
27:31:d6:d3:cc:5f:c5:6a:6a:8d:c9:74:0f:85:06:
cd:1d:cb:0a:ce:10:5c:64:ac:6d:95:fa:5f:6b:a2:
9c:46:49:75:08:07:ca:de:ed:bf:8d:51:e1:b1:74:
39:26:f4:a3:52:f5:f2:25:e2:17:ed:cf:17:00:30:
49:fa:31:44:10:c3:29:d6:a0:74:73:c8:25:bf:8c:
1b:ba:46:3b:f2:a0:88:05:4e:c4:f8:7b:3c:20:e7:
2a:ad:31:14:d9:3f:02:77:8a:2c:00:11:86:a0:b3:
bb:f2:73:98:4d:f2:9d:ed:03:a7:2d:6e:9d:fd:ae:
c3:2d:08:08:3c:2b:b7:56:6e:0a:7a:25:f8:70:9c:
02:a1:8a:b9:c4:b8:50:b5:80:be:5b:5f:96:d6:20:
e4:9c:3b:da:a0:f6:bf:d9:97:cf:49:7e:c1:30:6c:
91:5f:e8:11:1a:55:85:b0:f9:32:51:55:b3:d9:06:
cd:3d:e9:49:cb:48:52:c5:39:fa:8c:41:bc:56:2a:
d5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:91:FD:78:DF:B4:06:D1:08:6C:E6:ED:72:87:16:E4:76:4B:54:26
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3138352e35382e38372e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.87.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:1d:ae:03:3f:ce:6c:05:4b:39:9b:fd:21:ef:e8:23:a8:c4:
11:ac:71:1d:4a:91:c9:5b:af:42:e7:ed:39:e6:a8:30:d6:20:
12:88:da:86:21:5c:5f:36:b1:4c:77:fb:5d:8d:54:0c:59:03:
4f:8b:54:2f:a5:12:6c:90:23:a6:95:b5:0b:22:18:02:ef:c9:
da:75:32:05:97:5e:55:96:be:8b:28:3d:35:a2:28:35:85:dd:
14:a0:6a:02:9b:e5:6d:74:06:ce:8b:34:59:9d:b6:ca:42:82:
51:bd:28:c8:6a:0e:f3:a5:af:a7:2c:6d:f6:96:16:11:e8:07:
8e:3a:b8:c2:36:9f:2b:bc:e5:fe:a0:aa:2a:f3:ac:84:50:43:
5e:b3:f1:d9:ba:d7:dd:81:d3:14:a8:fb:53:01:93:a6:88:f4:
f3:76:ef:fa:cb:01:db:48:ac:ea:74:6c:7d:84:68:13:0f:cf:
39:d8:af:0a:8a:36:57:69:f8:3f:bf:3b:a5:54:a9:d8:9f:f5:
51:40:5f:9c:6a:36:56:28:d6:eb:24:f8:22:44:53:cb:65:94:
9f:b8:aa:c6:c7:75:34:87:a0:ff:85:10:e9:e7:4e:06:a2:df:
8b:69:9a:6a:5d:67:4f:45:7d:9f:81:5c:3b:2e:d7:e6:8b:10:
a5:43:76:c7
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUeCiHH06JEW6OHw+sNdf4OLP/OT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNTA3MDQxMjAwMTFaFw0yNjA3MDMxMjA1MTFaMDMxMTAvBgNV
BAMTKEM3OTFGRDc4REZCNDA2RDEwODZDRTZFRDcyODcxNkU0NzY0QjU0MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDInDUzrHgCNfvyDz4zAf8fM54A
jaJK5zW0aJu3RpB0FmFN2N13ALZfwMSWzktJDV+fs8sJjpSJXbM35ycx1tPMX8Vq
ao3JdA+FBs0dywrOEFxkrG2V+l9ropxGSXUIB8re7b+NUeGxdDkm9KNS9fIl4hft
zxcAMEn6MUQQwynWoHRzyCW/jBu6RjvyoIgFTsT4ezwg5yqtMRTZPwJ3iiwAEYag
s7vyc5hN8p3tA6ctbp39rsMtCAg8K7dWbgp6JfhwnAKhirnEuFC1gL5bX5bWIOSc
O9qg9r/Zl89JfsEwbJFf6BEaVYWw+TJRVbPZBs096UnLSFLFOfqMQbxWKtXXAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUx5H9eN+0BtEIbObtcocW5HZLVCYwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM4MzUyZTM1MzgyZTM4MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTpXMA0GCSqGSIb3DQEBCwUAA4IBAQAd
Ha4DP85sBUs5m/0h7+gjqMQRrHEdSpHJW69C5+055qgw1iASiNqGIVxfNrFMd/td
jVQMWQNPi1QvpRJskCOmlbULIhgC78nadTIFl15Vlr6LKD01oig1hd0UoGoCm+Vt
dAbOizRZnbbKQoJRvSjIag7zpa+nLG32lhYR6AeOOrjCNp8rvOX+oKoq86yEUENe
s/HZutfdgdMUqPtTAZOmiPTzdu/6ywHbSKzqdGx9hGgTD8852K8KijZXafg/vzul
VKnYn/VRQF+cajZWKNbrJPgiRFPLZZSfuKrGx3U0h6D/hRDp504Got+LaZpqXWdP
RX2fgVw7LtfmixClQ3bH
-----END CERTIFICATE-----
Generated at Mon Aug 11 05:57:14 2025 by rpki-client