
Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33372e302f32342d3234203d3e203134363138.roa
File: 3134372e32382e33372e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: zhXjBNsBUkLMsumZyMxLGCKtpqOf4qps5grpsZEPXP8=
Subject key identifier: A0:E5:13:1B:D3:BF:C1:6C:49:73:4E:45:1B:F3:E3:47:AE:CC:3E:3D
Certificate issuer: /CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Certificate serial: 1FBF6CDA57FB017CB84059CF30369A2BA1B0A4F5
Authority key identifier: 5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33372e302f32342d3234203d3e203134363138.roa
Signing time: Wed 18 Jun 2025 13:58:21 +0000
ROA not before: Wed 18 Jun 2025 13:53:21 +0000
ROA not after: Wed 17 Jun 2026 13:58:21 +0000
asID: 14618
IP address blocks: 147.28.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:bf:6c:da:57:fb:01:7c:b8:40:59:cf:30:36:9a:2b:a1:b0:a4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ead10be7ec295336e4b5680e0d393b677c3649a
Validity
Not Before: Jun 18 13:53:21 2025 GMT
Not After : Jun 17 13:58:21 2026 GMT
Subject: CN=A0E5131BD3BFC16C49734E451BF3E347AECC3E3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:f7:0a:ff:63:b9:57:8b:d1:45:72:fc:14:
10:a3:fb:6f:a2:2e:8d:4e:e6:0a:2c:16:f2:3a:fb:
53:ca:a4:eb:59:bf:b0:5a:f7:1f:4c:22:4e:05:a7:
1d:68:e2:f7:73:ea:5d:4d:8e:9b:51:38:9b:89:c3:
40:52:a9:9c:aa:c2:a8:aa:36:d6:e2:08:9c:d0:f3:
4b:6e:d1:e8:cd:4d:b7:d1:06:16:dc:71:ae:27:fe:
40:72:b6:7d:c6:1b:47:d2:ba:8e:c7:80:02:f3:3b:
f2:7e:d1:d0:4d:0b:4f:ae:f6:ad:65:47:59:81:79:
67:ad:d9:c2:5b:e5:d8:7c:61:c7:79:78:2a:d8:ca:
6e:08:7f:f5:a3:e8:fa:a7:53:eb:0b:29:bd:7a:b3:
03:d9:4e:a5:6b:aa:73:fb:f2:78:4b:0b:b9:98:f2:
25:c3:16:fe:60:ce:12:32:fa:08:a1:d6:c2:75:40:
96:5b:b6:c2:e1:f4:81:0b:5e:ed:b0:f6:fb:c6:b8:
e3:69:d7:51:38:80:ff:d3:fd:0c:12:e9:42:51:f2:
b6:8c:79:53:c3:de:9b:68:7f:a0:4d:e9:56:e2:f4:
87:87:a0:14:95:81:d0:e7:2e:39:c7:d4:34:11:e0:
84:e0:52:a7:49:7d:16:48:00:5c:64:12:79:31:c1:
53:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E5:13:1B:D3:BF:C1:6C:49:73:4E:45:1B:F3:E3:47:AE:CC:3E:3D
X509v3 Authority Key Identifier:
keyid:5E:AD:10:BE:7E:C2:95:33:6E:4B:56:80:E0:D3:93:B6:77:C3:64:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/5EAD10BE7EC295336E4B5680E0D393B677C3649A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq0Qvn7ClTNuS1aA4NOTtnfDZJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A9192A980000/3/3134372e32382e33372e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.37.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:1f:70:9d:c2:a3:eb:6b:08:77:e4:e8:9e:a2:d0:b9:df:f6:
ea:2d:b8:da:83:d2:e1:0c:68:b6:96:43:1c:a9:a4:bc:11:dd:
7b:cd:4b:52:d2:a2:ef:0e:48:2a:80:c3:4c:e6:cb:84:a8:4b:
65:c0:6f:93:4a:0b:75:34:93:9e:27:a5:54:37:44:28:15:cb:
b4:8c:bf:61:14:41:05:75:c2:b4:9e:b7:b6:ee:07:8d:fd:2d:
56:b4:f5:a8:9a:99:f6:e9:f6:3e:44:73:4c:2e:70:a5:63:4a:
91:bc:4b:05:72:5a:64:e0:a2:0b:ae:f2:ea:f7:72:68:26:7c:
ea:cc:63:f8:68:33:f5:e9:8f:37:c9:07:57:43:c3:28:a3:b3:
39:b7:69:e5:60:06:d8:a8:b0:7c:1b:95:48:5c:4a:ff:ef:ad:
c0:4f:8d:96:75:18:c5:a7:df:25:c2:a2:c5:b0:ee:32:27:db:
03:bc:63:a8:73:8b:26:62:a1:ec:22:65:83:ff:c6:44:a9:8a:
ee:47:ab:70:86:c3:0e:21:12:21:6c:96:df:d4:35:cb:ab:a4:
a4:55:dd:34:71:27:4c:4f:55:b7:17:3a:a3:f7:77:86:c7:b9:
9e:a2:97:15:4c:98:1c:2b:30:00:90:a0:f0:7f:08:46:08:b8:
1a:d2:a9:ae
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUH79s2lf7AXy4QFnPMDaaK6GwpPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVhZDEwYmU3ZWMyOTUzMzZlNGI1NjgwZTBkMzkzYjY3
N2MzNjQ5YTAeFw0yNTA2MTgxMzUzMjFaFw0yNjA2MTcxMzU4MjFaMDMxMTAvBgNV
BAMTKEEwRTUxMzFCRDNCRkMxNkM0OTczNEU0NTFCRjNFMzQ3QUVDQzNFM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr0fcK/2O5V4vRRXL8FBCj+2+i
Lo1O5gosFvI6+1PKpOtZv7Ba9x9MIk4Fpx1o4vdz6l1NjptROJuJw0BSqZyqwqiq
NtbiCJzQ80tu0ejNTbfRBhbcca4n/kBytn3GG0fSuo7HgALzO/J+0dBNC0+u9q1l
R1mBeWet2cJb5dh8Ycd5eCrYym4If/Wj6PqnU+sLKb16swPZTqVrqnP78nhLC7mY
8iXDFv5gzhIy+gih1sJ1QJZbtsLh9IELXu2w9vvGuONp11E4gP/T/QwS6UJR8raM
eVPD3ptof6BN6Vbi9IeHoBSVgdDnLjnH1DQR4ITgUqdJfRZIAFxkEnkxwVN3AgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUoOUTG9O/wWxJc05FG/PjR67MPj0wHwYDVR0j
BBgwFoAUXq0Qvn7ClTNuS1aA4NOTtnfDZJowDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQTkxOTJBOTgwMDAwLzMvNUVBRDEwQkU3RUMyOTUzMzZFNEI1NjgwRTBEMzkz
QjY3N0MzNjQ5QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3lu
YzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hxMFF2bjdDbFRO
dVMxYUE0Tk9UdG5mRFpKby5jZXIwgYkGCCsGAQUFBwELBH0wezB5BggrBgEFBQcw
C4ZtcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MkE5
ODAwMDAvMy8zMTM0MzcyZTMyMzgyZTMzMzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTM0MzYzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkxwlMA0GCSqGSIb3DQEBCwUAA4IBAQBL
H3CdwqPrawh35OieotC53/bqLbjag9LhDGi2lkMcqaS8Ed17zUtS0qLvDkgqgMNM
5suEqEtlwG+TSgt1NJOeJ6VUN0QoFcu0jL9hFEEFdcK0nre27geN/S1WtPWompn2
6fY+RHNMLnClY0qRvEsFclpk4KILrvLq93JoJnzqzGP4aDP16Y83yQdXQ8Moo7M5
t2nlYAbYqLB8G5VIXEr/763AT42WdRjFp98lwqLFsO4yJ9sDvGOoc4smYqHsImWD
/8ZEqYruR6twhsMOIRIhbJbf1DXLq6SkVd00cSdMT1W3Fzqj93eGx7meopcVTJgc
KzAAkKDwfwhGCLga0qmu
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:57:24 2025 by rpki-client