Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa
File: 0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa (raw, json)
Hash identifier: mmTq0rkMwK4WKP6Qk78cFnsiaz/MDevts9GEOFONFxo=
Subject key identifier: 8B:89:61:1C:5D:96:1C:36:E8:74:EA:92:51:74:5F:81:3C:BC:08:44
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 43884123EB74B3536460430D1701D7B098880236
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa
Signing time: Tue 25 Mar 2025 16:50:02 +0000
ROA not before: Tue 25 Mar 2025 16:50:02 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 00:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:88:41:23:eb:74:b3:53:64:60:43:0d:17:01:d7:b0:98:88:02:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Mar 25 16:50:02 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:83:84:8e:5c:9e:a6:6a:cc:d8:4e:df:af:07:
37:3c:72:21:81:01:3f:79:31:99:a2:fe:db:ca:84:
7a:bb:2e:2b:a2:e9:77:24:3c:36:8e:c5:7e:bc:ee:
b7:65:ab:c1:33:3e:ab:c8:bf:4a:cb:c6:1b:a3:f1:
e9:c4:0a:9c:fe:3f:31:67:2b:b6:12:2b:6a:b1:23:
11:d7:54:9a:0d:9b:50:60:e2:43:e3:e4:ae:94:69:
a1:25:40:75:53:29:e2:64:3b:a2:f3:90:02:c6:33:
de:56:f2:0f:f2:dc:76:e0:e8:8c:87:c0:fa:0b:40:
49:46:01:74:82:cd:05:9f:78:ea:32:d1:a2:82:51:
09:99:1a:43:96:cc:5b:ee:fe:5c:5b:7f:3d:30:7e:
3b:48:f1:9b:a8:96:41:3e:b1:67:4c:1d:ca:97:8d:
50:59:d6:ce:a1:dc:ec:4f:66:25:dc:e7:0f:0c:ee:
09:83:da:6d:ab:1b:af:de:95:be:05:f8:9c:8c:5b:
0a:a1:58:32:98:d1:3b:63:5e:94:fd:37:dd:30:07:
da:e4:af:73:9a:3a:3f:07:07:6d:78:29:9a:e5:0c:
35:d2:8a:cd:de:5d:ef:da:ef:fa:6b:9f:16:fc:b0:
23:58:04:d9:86:8a:3f:c2:d0:1b:f7:c5:93:a1:fc:
47:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:89:61:1C:5D:96:1C:36:E8:74:EA:92:51:74:5F:81:3C:BC:08:44
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b0c2d18-2b42-4e53-9e6a-d6f7d5dc2334.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1000::/48
Signature Algorithm: sha256WithRSAEncryption
07:c3:e7:f3:d1:f3:96:de:75:da:a4:e4:77:b0:70:6a:de:5b:
40:73:cb:dd:72:30:c5:7b:15:28:c8:17:9b:bd:3b:62:fb:f1:
e5:7e:fa:d8:0e:9f:50:3d:bd:22:0a:2b:cd:e4:35:8b:1d:0b:
32:80:c9:96:92:81:65:cc:88:29:00:0e:6d:b8:87:4a:8c:39:
01:bd:e9:c8:98:33:87:29:f6:b7:68:74:c9:84:e9:26:fe:b2:
20:a9:45:04:ff:c8:de:22:28:5e:4f:5d:73:20:ae:78:a2:cf:
0c:46:9e:56:5b:11:5d:3c:dd:1f:db:0b:c3:a8:71:65:69:19:
54:57:48:b8:77:d9:19:f9:65:c7:4f:bd:de:ab:ff:17:79:d0:
ea:a3:ac:21:42:5c:3f:c8:f7:c3:88:91:b9:e8:39:0a:4a:00:
ac:60:b6:3a:18:f7:be:d7:20:1a:6e:83:a4:15:ad:d0:fe:ae:
8a:82:28:22:54:bf:55:ca:da:bc:f5:0d:9c:ec:83:9a:11:0b:
c3:4a:40:5a:59:ed:d1:2d:eb:fb:34:00:12:ad:fd:4e:73:ed:
00:b8:93:83:12:4d:6a:b1:2a:68:0c:3d:76:76:6a:96:9d:61:
61:d6:45:03:a6:9a:68:7e:b4:80:79:db:42:cc:7d:be:e4:10:
4c:44:d1:82
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUQ4hBI+t0s1NkYEMNFwHXsJiIAjYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDMyNTE2NTAwMloX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANTA0M2UxNGEzMjhjMmY5ZDA4ZWQ5
ZWM5YmZlYjNlMjVmYzA0ZmIyYjA4NzJjZDVjMjY5NzVjMzk5NThmMTU3MjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYOEjlyepmrM2E7frwc3PHIhgQE/
eTGZov7byoR6uy4roul3JDw2jsV+vO63ZavBMz6ryL9Ky8Ybo/HpxAqc/j8xZyu2
EitqsSMR11SaDZtQYOJD4+SulGmhJUB1UyniZDui85ACxjPeVvIP8tx24OiMh8D6
C0BJRgF0gs0Fn3jqMtGiglEJmRpDlsxb7v5cW389MH47SPGbqJZBPrFnTB3Kl41Q
WdbOodzsT2Yl3OcPDO4Jg9ptqxuv3pW+BficjFsKoVgymNE7Y16U/TfdMAfa5K9z
mjo/BwdteCma5Qw10orN3l3v2u/6a58W/LAjWATZhoo/wtAb98WTofxHwQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIuJYRxdlhw26HTqklF0X4E8vAhEMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzBiMGMyZDE4LTJiNDItNGU1My05ZTZhLWQ2ZjdkNWRjMjMzNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHw+fz0fOW3nXapOR3
sHBq3ltAc8vdcjDFexUoyBebvTti+/HlfvrYDp9QPb0iCivN5DWLHQsygMmWkoFl
zIgpAA5tuIdKjDkBvenImDOHKfa3aHTJhOkm/rIgqUUE/8jeIiheT11zIK54os8M
Rp5WWxFdPN0f2wvDqHFlaRlUV0i4d9kZ+WXHT73eq/8XedDqo6whQlw/yPfDiJG5
6DkKSgCsYLY6GPe+1yAaboOkFa3Q/q6KgigiVL9Vytq89Q2c7IOaEQvDSkBaWe3R
Lev7NAASrf1Oc+0AuJODEk1qsSpoDD12dmqWnWFh1kUDpppofrSAedtCzH2+5BBM
RNGC
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:57:57 2025 by rpki-client