Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa
File: 48a67156-122e-41d4-a2a8-8046cc5ecc41.roa (raw, json)
Hash identifier: JZnug/HXYEKzXGv4H/uTH5u0KbF5pS07f3JCnbXmFXY=
Subject key identifier: E3:AF:C9:C5:E2:71:7B:69:15:C9:88:80:98:0E:C3:85:B8:8D:C2:64
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 7ED90D924E727AC34E3D2346E5D1036536730AA0
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa
Signing time: Sat 29 Mar 2025 00:00:06 +0000
ROA not before: Sat 29 Mar 2025 00:00:06 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 00:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d9:0d:92:4e:72:7a:c3:4e:3d:23:46:e5:d1:03:65:36:73:0a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:06 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:fa:b1:40:37:01:54:33:c0:c3:3d:4c:53:
6f:a6:13:f5:a3:0b:49:9a:12:b4:ee:87:9c:54:7d:
bd:cc:67:75:79:a4:c9:55:33:21:9e:78:43:6b:b1:
14:33:95:ae:62:23:e1:33:1c:d1:51:88:43:d8:bb:
c4:20:5f:00:67:e8:b5:a9:f2:49:53:9a:cc:9f:1a:
01:09:77:5f:aa:1c:0f:76:ed:8b:1b:63:4a:b0:37:
7c:36:9b:a6:7f:36:2b:49:bd:4f:b9:7f:17:41:09:
74:91:91:65:df:b5:6b:b0:d4:14:79:b7:c3:70:2f:
d8:d5:5d:0a:fb:37:5d:79:e6:b9:bb:91:a8:27:0a:
0e:cc:7c:6b:33:9c:79:22:bb:61:df:62:8e:08:07:
40:86:85:28:0c:b2:24:c8:c1:79:78:8f:29:10:7e:
a5:a7:94:e9:af:74:90:50:83:52:1b:29:74:74:d1:
ee:d5:4c:ca:8d:c9:8e:ff:ac:5c:2f:2c:91:b6:7e:
30:9b:bf:03:b3:99:21:54:f4:79:9f:5b:08:7c:9d:
eb:31:74:9f:d4:21:29:a7:d1:6f:c6:a1:ac:cf:17:
a6:01:ff:dd:44:9c:84:d6:af:ba:02:ad:4b:a0:e3:
99:5d:a6:a2:6b:fe:49:04:df:08:b4:75:5f:d9:ef:
0d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:AF:C9:C5:E2:71:7B:69:15:C9:88:80:98:0E:C3:85:B8:8D:C2:64
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.238.0/23
Signature Algorithm: sha256WithRSAEncryption
89:0c:6b:ae:41:ba:b6:66:be:17:3f:7e:d1:37:fd:d6:52:66:
93:d1:02:31:c4:6e:1f:18:81:c0:06:18:a5:31:2f:32:04:78:
f5:9c:a8:10:65:b2:5b:9a:dd:04:ee:da:b8:b3:e1:c1:ea:ee:
29:0f:9a:b4:d1:09:7f:a7:54:da:ef:8c:93:c8:06:12:1a:c4:
74:c8:f5:b2:88:30:f9:0f:45:cd:4e:0b:74:f2:71:40:4c:ae:
61:91:6e:66:c5:4a:13:63:20:5a:0a:a7:de:32:93:1c:b5:2d:
ba:e2:c7:0a:8f:3d:21:4a:1a:58:4e:d7:bb:76:44:67:1e:e4:
2a:70:27:a8:1a:67:cc:c0:ee:a5:36:b4:66:e7:80:b3:a5:06:
89:30:d2:c9:98:57:1c:89:ab:a6:d3:5e:ad:af:c4:54:da:38:
4e:cc:42:ce:69:6f:9a:ec:94:86:c9:a7:4f:34:4e:40:bb:6c:
1e:45:cf:06:86:57:c1:be:66:0a:c2:04:b6:8e:2d:13:01:85:
2e:ca:8f:b6:4b:bd:a2:cd:7a:2c:bf:e6:35:26:8d:f9:cf:e0:
5a:1e:10:ac:ee:3a:8d:1c:65:af:fe:2e:dd:e8:d0:90:a0:7c:
04:2c:0a:64:c9:ac:55:14:62:8c:fc:cd:df:02:9c:b6:d2:5f:
53:77:f3:61
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUftkNkk5yesNOPSNG5dEDZTZzCqAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwNloX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZmRhNmU1OWVhOTgyYzE1OWNmNjM5
ODZiZmJjNWNlODRlZjZkN2YxMjg3NGEzMDcxYzJmZmQ4NjE1YjZmOTY4ZDEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoX6sUA3AVQzwMM9TFNvphP1owtJ
mhK07oecVH29zGd1eaTJVTMhnnhDa7EUM5WuYiPhMxzRUYhD2LvEIF8AZ+i1qfJJ
U5rMnxoBCXdfqhwPdu2LG2NKsDd8NpumfzYrSb1PuX8XQQl0kZFl37VrsNQUebfD
cC/Y1V0K+zddeea5u5GoJwoOzHxrM5x5Irth32KOCAdAhoUoDLIkyMF5eI8pEH6l
p5Tpr3SQUINSGyl0dNHu1UzKjcmO/6xcLyyRtn4wm78Ds5khVPR5n1sIfJ3rMXSf
1CEpp9FvxqGszxemAf/dRJyE1q+6Aq1LoOOZXaaia/5JBN8ItHVf2e8NMQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOOvycXicXtpFcmIgJgOw4W4jcJkMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzQ4YTY3MTU2LTEyMmUtNDFkNC1hMmE4LTgwNDZjYzVlY2M0MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBrynuMA0GCSqGSIb3DQEBCwUAA4IBAQCJDGuuQbq2Zr4XP37RN/3W
UmaT0QIxxG4fGIHABhilMS8yBHj1nKgQZbJbmt0E7tq4s+HB6u4pD5q00Ql/p1Ta
74yTyAYSGsR0yPWyiDD5D0XNTgt08nFATK5hkW5mxUoTYyBaCqfeMpMctS264scK
jz0hShpYTte7dkRnHuQqcCeoGmfMwO6lNrRm54CzpQaJMNLJmFcciaum016tr8RU
2jhOzELOaW+a7JSGyadPNE5Au2weRc8GhlfBvmYKwgS2ji0TAYUuyo+2S72izXos
v+Y1Jo35z+BaHhCs7jqNHGWv/i7d6NCQoHwELApkyaxVFGKM/M3fApy20l9Td/Nh
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:27:51 2025 by rpki-client