Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa
File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json)
Hash identifier: cH943DC4IwcYYVM5xLtZ3NJChO5pM1whgAnx0K/weZw=
Subject key identifier: 03:7A:F6:92:96:1B:88:A9:EB:E7:F6:19:92:A7:9A:D7:DD:63:8D:B6
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 03338118FEE0B77ED04C05441BCED6446C13258B
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa
Signing time: Sat 05 Apr 2025 00:00:03 +0000
ROA not before: Sat 05 Apr 2025 00:00:03 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 00:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:33:81:18:fe:e0:b7:7e:d0:4c:05:44:1b:ce:d6:44:6c:13:25:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Apr 5 00:00:03 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a3:28:c7:db:44:f5:f4:2a:9f:78:92:00:95:
62:4e:bb:ba:7e:c6:ea:32:ab:8c:ff:4e:ff:67:41:
c1:a0:27:e5:0f:86:72:07:40:9c:63:ab:78:ad:25:
75:a8:5e:96:cc:21:a3:43:38:18:59:98:08:dc:63:
6a:1d:c1:7a:26:58:73:54:17:b9:ff:ab:dc:2d:ce:
3c:48:ac:27:52:3c:bf:13:e8:6d:25:dd:3d:f5:7f:
9a:90:72:42:79:7a:42:36:1c:32:66:af:6a:81:c8:
3b:91:7c:cd:03:08:27:d8:c3:1f:15:80:3d:5f:f1:
3b:09:aa:2c:b5:2a:dd:76:ad:26:8c:50:01:e0:d3:
a0:be:e2:0c:8b:1f:3d:55:52:ad:f2:38:f0:9b:c8:
88:47:3a:67:97:7a:2b:67:af:82:a9:db:a4:3c:7d:
44:40:ba:3e:b0:c0:d2:86:30:eb:e2:49:2e:9d:b3:
92:cd:dc:5b:0b:0e:99:c4:4a:a5:e2:8d:e7:f1:51:
8e:99:aa:16:45:61:cd:55:fc:d4:9d:dd:59:94:85:
4c:34:36:7b:f4:d6:0a:90:be:1e:95:d2:0d:72:20:
51:f6:6c:1d:fb:15:b1:d0:f9:77:ec:5c:c4:10:b5:
e0:63:5a:ed:76:bc:3b:e7:57:6f:f2:a1:cc:99:5d:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7A:F6:92:96:1B:88:A9:EB:E7:F6:19:92:A7:9A:D7:DD:63:8D:B6
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/32
Signature Algorithm: sha256WithRSAEncryption
ad:08:72:37:d3:8d:0a:31:13:96:49:71:4f:c6:6c:77:27:05:
3a:49:6e:e6:7c:87:6b:31:3e:12:db:54:0c:9f:46:e6:0d:df:
f2:54:d4:ee:2e:e4:ed:9d:e6:14:fe:f8:1b:3d:ac:a3:56:0e:
c6:ef:8a:a1:04:0b:61:ee:0b:69:47:4d:87:7b:d8:d4:3d:54:
4d:7d:6c:5f:60:5f:60:09:93:15:d0:d9:ef:1d:e2:55:a4:92:
21:5f:84:b5:f3:ec:16:a7:67:08:51:87:4d:c4:b0:95:e1:23:
77:53:9a:a8:54:06:38:9c:6f:43:24:c6:60:9f:ad:68:eb:9e:
78:ce:f6:16:62:d0:14:e0:ad:1b:15:f0:e3:94:6c:5c:a5:b4:
68:d6:58:91:03:af:f0:42:da:b9:6a:0e:4b:79:6c:10:4a:62:
bd:f4:13:8e:41:a2:a4:ef:3e:40:df:c3:b7:d0:d1:de:87:7f:
7f:9d:8e:a2:4d:51:1b:e8:ef:49:05:9a:f8:f5:1a:73:47:13:
b1:ae:6f:38:08:fa:00:b8:2e:65:c6:80:c3:a6:6b:51:83:1d:
87:32:55:2d:86:f5:45:61:6d:da:f5:6f:a9:41:86:a9:1f:e4:
da:ab:71:ab:a8:11:32:9d:0b:aa:47:42:a2:8d:6f:d7:09:7d:
e9:0c:94:d5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUAzOBGP7gt37QTAVEG87WRGwTJYswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQwNTAwMDAwM1oX
DTI1MDUxMDIzNTk1OVowejFJMEcGA1UEBRNANTE1NTA1Zjc2ZDUzZDcyN2VkNjVl
MDQzYjg0YTlkYzgzYWEwNWY0ZWI2Y2Q4NzU0YmQxM2JlNDQ3ZmRkZTlmMjEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqMox9tE9fQqn3iSAJViTru6fsbq
MquM/07/Z0HBoCflD4ZyB0CcY6t4rSV1qF6WzCGjQzgYWZgI3GNqHcF6JlhzVBe5
/6vcLc48SKwnUjy/E+htJd099X+akHJCeXpCNhwyZq9qgcg7kXzNAwgn2MMfFYA9
X/E7CaostSrddq0mjFAB4NOgvuIMix89VVKt8jjwm8iIRzpnl3orZ6+CqdukPH1E
QLo+sMDShjDr4kkunbOSzdxbCw6ZxEql4o3n8VGOmaoWRWHNVfzUnd1ZlIVMNDZ7
9NYKkL4eldINciBR9mwd+xWx0Pl37FzEELXgY1rtdrw751dv8qHMmV2bQQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAN69pKWG4ip6+f2GZKnmtfdY422MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEArQhyN9ONCjETlklxT8Zs
dycFOklu5nyHazE+EttUDJ9G5g3f8lTU7i7k7Z3mFP74Gz2so1YOxu+KoQQLYe4L
aUdNh3vY1D1UTX1sX2BfYAmTFdDZ7x3iVaSSIV+EtfPsFqdnCFGHTcSwleEjd1Oa
qFQGOJxvQyTGYJ+taOueeM72FmLQFOCtGxXw45RsXKW0aNZYkQOv8ELauWoOS3ls
EEpivfQTjkGipO8+QN/Dt9DR3od/f52Ook1RG+jvSQWa+PUac0cTsa5vOAj6ALgu
ZcaAw6ZrUYMdhzJVLYb1RWFt2vVvqUGGqR/k2qtxq6gRMp0LqkdCoo1v1wl96QyU
1Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:18:51 2025 by rpki-client