Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
File: 39312e3232302e34322e302f32342d3234203d3e203432343237.roa (raw, json)
Hash identifier: YX25brmrGM3oug2ihWomF+klj8KOkET1SrTfLJjoyl8=
Subject key identifier: 7E:78:7D:83:9E:59:0E:97:51:19:E5:CD:B0:5E:0E:CA:85:21:AF:D6
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 52961D00C718F4895188B60FEB6C7B86AE03143B
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
Signing time: Fri 05 Jun 2026 12:30:56 +0000
ROA not before: Fri 05 Jun 2026 12:25:56 +0000
ROA not after: Fri 04 Jun 2027 12:30:56 +0000
asID: 42427
IP address blocks: 91.220.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:96:1d:00:c7:18:f4:89:51:88:b6:0f:eb:6c:7b:86:ae:03:14:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Jun 5 12:25:56 2026 GMT
Not After : Jun 4 12:30:56 2027 GMT
Subject: CN=7E787D839E590E975119E5CDB05E0ECA8521AFD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0b:2d:9a:65:87:1b:4b:71:eb:ba:00:4f:6e:
76:10:07:be:e5:e6:2a:a8:89:f9:eb:f6:00:9b:e5:
67:2a:9b:07:7e:5a:f8:05:ef:44:65:03:81:eb:23:
39:8b:1a:b5:87:00:bd:14:91:f8:18:37:08:93:52:
ec:44:90:bc:6c:80:18:a3:f7:23:34:ad:37:12:08:
06:bb:e4:30:c0:ab:85:52:33:3c:42:ef:3b:27:6d:
2c:a2:35:d5:a3:c9:06:e9:ba:c6:73:a7:12:c9:8e:
53:57:14:31:7b:98:68:13:b1:c3:ca:55:29:a2:a6:
02:be:00:d2:5d:cf:ad:f1:55:56:79:ee:25:05:cb:
a6:24:01:21:d0:2a:54:c5:a6:a9:4c:5b:9c:1e:4b:
ad:48:ba:e5:aa:08:14:2d:d0:40:36:7f:1e:21:a7:
1f:df:ee:8a:48:c4:cc:a3:2e:cb:50:64:98:28:ce:
1b:67:d2:33:99:11:a4:bd:0b:6c:75:d9:9d:2c:b0:
f0:98:49:51:aa:1a:38:dc:9c:6d:f1:1b:42:94:9b:
91:35:e6:b0:f6:24:32:49:32:1a:42:92:6a:3e:0d:
b3:0e:d1:b7:aa:c7:89:4a:6e:eb:e6:7e:31:81:c0:
28:6b:b6:28:2d:27:5c:a1:f9:94:fc:31:86:cb:0f:
e8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:78:7D:83:9E:59:0E:97:51:19:E5:CD:B0:5E:0E:CA:85:21:AF:D6
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/39312e3232302e34322e302f32342d3234203d3e203432343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.42.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:62:81:4e:be:5e:9b:a8:af:21:cc:bf:3f:57:10:23:e2:1a:
4f:48:4a:d3:72:98:61:79:7a:b5:b0:eb:99:2d:60:2e:59:83:
ed:ac:b0:66:93:85:7d:11:44:ff:29:2a:e7:dd:81:34:1e:06:
9c:2a:75:f0:c8:3e:cb:a8:c3:ce:1c:14:e2:19:cc:6e:83:82:
54:ae:0f:d0:47:bd:68:bf:f2:d8:ad:86:cc:7d:45:db:3d:21:
2d:02:25:68:87:2c:f4:61:4b:bf:6a:86:fa:c5:b1:c7:76:dd:
22:c1:0c:94:3d:36:2c:b0:65:b0:e5:6d:35:a0:9a:51:a4:ad:
b6:c1:15:90:8f:03:20:ae:43:9c:67:72:1d:91:8c:52:ef:ff:
40:bc:70:dc:43:03:92:45:a2:19:eb:dc:e8:71:02:b1:72:55:
5a:3f:35:77:68:24:31:63:ee:6a:11:d4:dc:1a:e1:76:6a:0a:
f8:19:5c:ad:06:8b:16:f5:cb:36:b5:77:f5:0b:03:c6:87:0b:
e0:d5:93:28:d6:07:8d:b8:70:df:ba:f7:d2:b4:d1:79:1c:34:
09:bd:db:d0:48:a8:7b:7e:c0:1b:54:96:3a:41:33:71:e5:2f:
ea:46:a2:12:d0:71:00:ac:47:3a:33:d8:6d:07:9d:3b:d6:5a:
45:a7:5a:e1
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUUpYdAMcY9IlRiLYP62x7hq4DFDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNjA2MDUxMjI1NTZaFw0yNzA2MDQxMjMwNTZaMDMxMTAvBgNV
BAMTKDdFNzg3RDgzOUU1OTBFOTc1MTE5RTVDREIwNUUwRUNBODUyMUFGRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhCy2aZYcbS3HrugBPbnYQB77l
5iqoifnr9gCb5Wcqmwd+WvgF70RlA4HrIzmLGrWHAL0UkfgYNwiTUuxEkLxsgBij
9yM0rTcSCAa75DDAq4VSMzxC7zsnbSyiNdWjyQbpusZzpxLJjlNXFDF7mGgTscPK
VSmipgK+ANJdz63xVVZ57iUFy6YkASHQKlTFpqlMW5weS61IuuWqCBQt0EA2fx4h
px/f7opIxMyjLstQZJgozhtn0jOZEaS9C2x12Z0ssPCYSVGqGjjcnG3xG0KUm5E1
5rD2JDJJMhpCkmo+DbMO0beqx4lKbuvmfjGBwChrtigtJ1yh+ZT8MYbLD+h9AgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUfnh9g55ZDpdRGeXNsF4OyoUhr9YwHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zOTMxMmUzMjMyMzAyZTM0MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzNDMyMzQzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wqMA0GCSqGSIb3DQEBCwUAA4IBAQCd
YoFOvl6bqK8hzL8/VxAj4hpPSErTcphheXq1sOuZLWAuWYPtrLBmk4V9EUT/KSrn
3YE0HgacKnXwyD7LqMPOHBTiGcxug4JUrg/QR71ov/LYrYbMfUXbPSEtAiVohyz0
YUu/aob6xbHHdt0iwQyUPTYssGWw5W01oJpRpK22wRWQjwMgrkOcZ3IdkYxS7/9A
vHDcQwOSRaIZ69zocQKxclVaPzV3aCQxY+5qEdTcGuF2agr4GVytBosW9cs2tXf1
CwPGhwvg1ZMo1geNuHDfuvfStNF5HDQJvdvQSKh7fsAbVJY6QTNx5S/qRqIS0HEA
rEc6M9htB5071lpFp1rh
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:22:15 2026 by rpki-client