Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa
File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json)
Hash identifier: 5uXQbMU8uUnA52YRHkyJcf7yGzP3UboEP8yi1qiLhIM=
Subject key identifier: 42:CB:F0:60:4F:B5:5C:20:11:F8:76:AA:A5:34:35:75:A6:3B:18:16
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 6AD7BACC494B2EE268EE5C7BFF9EB245C947FFFF
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa
Signing time: Fri 28 Mar 2025 00:00:14 +0000
ROA not before: Fri 28 Mar 2025 00:00:14 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80a0:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d7:ba:cc:49:4b:2e:e2:68:ee:5c:7b:ff:9e:b2:45:c9:47:ff:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 28 00:00:14 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:64:89:ed:16:ed:60:f7:8d:ab:ec:76:d1:78:
7c:be:10:49:1b:c4:ee:c7:66:7e:09:e3:3e:1b:d8:
81:d1:c0:7a:c4:b2:91:e6:03:aa:e9:26:cf:ec:95:
46:85:b5:21:44:9c:2e:88:01:b6:65:70:de:89:02:
5c:d1:0c:2f:b3:cc:70:e8:af:38:d2:9e:83:ca:b9:
6a:01:35:08:47:e5:9e:57:f1:83:1c:d0:af:b8:38:
29:82:b5:f4:55:5c:b3:bb:02:83:ef:2f:b8:bc:51:
5c:16:f2:03:30:06:a8:d0:ed:ae:e3:d6:d4:79:f7:
9f:1d:3c:58:fb:04:a8:7a:0e:86:12:3a:7e:e1:12:
1f:b5:80:78:a8:62:e7:c5:b6:9c:56:6f:11:d9:d8:
41:d3:33:91:b5:12:80:d7:b5:54:53:6d:fe:0e:3e:
10:20:01:2d:c9:f0:73:f9:40:2e:f1:25:f6:98:cb:
c0:d5:68:a6:52:75:40:bd:4b:5b:44:99:ed:5a:5c:
2b:07:ac:c6:20:de:23:03:dd:32:a1:43:01:21:9d:
74:b7:2b:c9:50:6b:07:f1:67:9d:4a:3a:f3:50:e8:
b8:e2:8c:33:4d:77:67:55:b1:8a:eb:88:a0:88:0b:
55:51:93:0b:3b:bc:f2:65:1a:f5:8d:e7:b2:6c:c8:
17:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CB:F0:60:4F:B5:5C:20:11:F8:76:AA:A5:34:35:75:A6:3B:18:16
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80a0:8000::/40
Signature Algorithm: sha256WithRSAEncryption
90:a9:65:36:35:0b:72:86:1a:88:4c:f7:bb:16:0e:4b:5a:e9:
5e:2d:a4:89:b1:c7:84:60:57:56:16:35:13:4b:e0:95:f3:ba:
19:c6:47:a7:86:5b:b1:01:41:d9:43:71:d2:44:ed:ae:21:d7:
d9:a1:48:4f:0f:d2:1f:92:67:a2:d4:a7:ce:6a:c6:18:22:cc:
74:ae:c7:8c:29:a5:cd:04:2f:b4:14:29:7c:e7:f6:af:13:96:
38:be:70:c3:62:ad:2e:3e:c7:cd:22:a0:43:44:26:6e:97:7d:
16:28:bb:64:ad:ec:e3:c3:2e:ed:8b:bb:4b:0a:86:3a:95:98:
7d:77:46:ea:90:73:89:f0:02:61:b7:85:bc:2f:ad:ed:79:a1:
b0:ec:6c:65:ac:27:05:ad:fb:5c:51:15:b6:90:fc:c6:f4:be:
43:2d:fe:33:9e:48:09:89:21:87:a6:9b:56:08:56:f3:35:0f:
55:43:b5:50:4f:53:06:9b:95:20:e4:f0:c6:ba:4e:d4:cc:57:
93:23:87:2b:6f:5e:ac:94:62:28:44:fe:2d:30:cd:46:af:82:
92:84:78:c8:59:d3:b3:c0:39:0b:db:e6:d8:40:6f:5b:e0:fb:
69:fc:97:9c:42:57:42:56:47:99:ae:a6:5b:cb:87:58:82:31:
20:f6:e2:cf
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUate6zElLLuJo7lx7/56yRclH//8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMyODAwMDAxNFoX
DTI1MDUwMjIzNTk1OVowejFJMEcGA1UEBRNAODU0MDdhY2IwODA1MThmOWM1ZGIy
ZDIzYjhlYzc4YjVjMTE2ZWEwNjkwZDZiYjE5YzY0ZGZmYTI2ZTk5OTAxOTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2SJ7RbtYPeNq+x20Xh8vhBJG8Tu
x2Z+CeM+G9iB0cB6xLKR5gOq6SbP7JVGhbUhRJwuiAG2ZXDeiQJc0Qwvs8xw6K84
0p6DyrlqATUIR+WeV/GDHNCvuDgpgrX0VVyzuwKD7y+4vFFcFvIDMAao0O2u49bU
efefHTxY+wSoeg6GEjp+4RIftYB4qGLnxbacVm8R2dhB0zORtRKA17VUU23+Dj4Q
IAEtyfBz+UAu8SX2mMvA1WimUnVAvUtbRJntWlwrB6zGIN4jA90yoUMBIZ10tyvJ
UGsH8WedSjrzUOi44owzTXdnVbGK64igiAtVUZMLO7zyZRr1jeeybMgXawIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFELL8GBPtVwgEfh2qqU0NXWmOxgWMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAJCpZTY1C3KGGohM97sW
Dkta6V4tpImxx4RgV1YWNRNL4JXzuhnGR6eGW7EBQdlDcdJE7a4h19mhSE8P0h+S
Z6LUp85qxhgizHSux4wppc0EL7QUKXzn9q8Tlji+cMNirS4+x80ioENEJm6XfRYo
u2St7OPDLu2Lu0sKhjqVmH13RuqQc4nwAmG3hbwvre15obDsbGWsJwWt+1xRFbaQ
/Mb0vkMt/jOeSAmJIYemm1YIVvM1D1VDtVBPUwablSDk8Ma6TtTMV5MjhytvXqyU
YihE/i0wzUavgpKEeMhZ07PAOQvb5thAb1vg+2n8l5xCV0JWR5muplvLh1iCMSD2
4s8=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:33:07 2025 by rpki-client