Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa
File: 7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa (raw, json)
Hash identifier: tTvQ3P4uk46c75pN/VQqPIQXJZVxXgZIUWGbjSrm7ig=
Subject key identifier: E6:B0:83:70:31:36:D3:F1:8D:21:55:8B:0F:1D:05:28:4E:E5:69:EF
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 5B475DD8CBFE92BBD03123398E00DD49929CFF4C
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa
Signing time: Sat 29 Mar 2025 00:00:03 +0000
ROA not before: Sat 29 Mar 2025 00:00:03 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 00:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:47:5d:d8:cb:fe:92:bb:d0:31:23:39:8e:00:dd:49:92:9c:ff:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:03 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6f:cd:e6:d0:bf:4d:ba:34:e5:94:8b:56:25:
ca:e6:49:b0:0e:ad:ec:1f:ec:f2:cd:de:95:3b:66:
df:1a:2c:51:1e:9d:06:07:09:8b:27:6b:96:1b:ad:
84:89:e2:ca:72:37:56:4b:0e:a2:f8:ec:bd:99:a6:
ce:6e:42:22:b7:15:36:8e:65:eb:07:6c:e4:7d:e1:
54:a0:09:1a:09:fe:3a:5b:9c:80:cc:30:65:cc:b9:
be:2b:06:dc:50:57:b2:a4:00:26:bf:7b:06:e8:a0:
0f:a4:e2:7e:79:d9:3d:9a:0c:e7:0e:60:b1:e0:6c:
96:8e:01:9b:f2:df:23:99:55:bc:02:d1:14:36:31:
8c:c1:15:de:a3:6c:50:f8:17:f9:f5:ab:4e:fa:15:
4b:bc:1c:bf:69:be:b1:8e:75:4e:74:43:fd:75:15:
a5:c3:24:01:55:8f:db:1c:7f:f7:18:fa:3b:8a:e9:
83:7a:5d:cd:59:72:d4:2c:32:9c:29:a4:b5:99:92:
55:3a:df:c1:54:a8:d3:f7:37:96:83:cd:be:54:71:
00:de:84:e9:e0:46:95:d5:83:9f:df:1c:df:98:15:
ad:55:df:d0:d9:27:03:53:c9:49:ae:74:2b:39:6f:
a1:d9:67:00:57:6b:2d:d7:a6:41:f4:1d:2e:ad:8a:
ff:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B0:83:70:31:36:D3:F1:8D:21:55:8B:0F:1D:05:28:4E:E5:69:EF
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.192.0/18
Signature Algorithm: sha256WithRSAEncryption
25:a4:4d:4b:1a:7f:04:ec:ba:ba:09:e0:92:11:41:5d:1d:41:
51:31:82:40:62:22:37:34:2f:2e:15:8c:eb:1c:c2:95:33:b8:
59:08:bd:66:73:a9:d0:af:ab:c3:5f:3c:1b:b5:e4:8c:8b:8d:
59:17:f9:35:4d:6b:56:6a:73:68:0c:9e:5e:04:bc:74:9c:f8:
41:f3:bc:0e:b9:f5:a4:6a:aa:c3:e9:f8:50:05:8c:2b:59:95:
98:49:34:f1:78:67:49:08:07:00:fd:26:bf:f9:eb:78:f5:26:
48:97:bb:0c:92:a5:02:fe:09:4a:10:92:70:72:06:54:95:15:
40:30:9c:c0:ed:11:30:1f:2d:b6:b1:90:31:2d:fb:36:0f:71:
36:1c:ed:c3:75:1a:ff:c0:9c:74:4f:0b:8c:c6:80:1e:2f:a5:
ae:39:48:99:f9:35:ed:ae:0c:69:ce:dc:32:6b:9a:02:53:00:
3e:07:e7:b3:b6:85:65:8c:57:23:e3:02:50:13:83:19:70:31:
09:c9:fe:95:f5:11:7b:87:cb:7c:86:f6:04:98:7a:35:ac:d8:
74:ff:2e:09:f6:fd:f3:ff:d6:d8:1e:af:36:74:b9:27:60:32:
34:72:0b:70:58:f5:bf:18:49:a1:20:34:df:f6:37:76:51:4a:
f4:5a:d8:2d
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUW0dd2Mv+krvQMSM5jgDdSZKc/0wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwM1oX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZjhiMDA4YWYyMWM4Njc0YWM2MDU1
N2ViNzEzOGNkYjQwMjRhZDg3ZmQzYjM3NDBkZjg3N2IwMzc0ZDAxN2QxYjEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2/N5tC/Tbo05ZSLViXK5kmwDq3s
H+zyzd6VO2bfGixRHp0GBwmLJ2uWG62EieLKcjdWSw6i+Oy9mabObkIitxU2jmXr
B2zkfeFUoAkaCf46W5yAzDBlzLm+KwbcUFeypAAmv3sG6KAPpOJ+edk9mgznDmCx
4GyWjgGb8t8jmVW8AtEUNjGMwRXeo2xQ+Bf59atO+hVLvBy/ab6xjnVOdEP9dRWl
wyQBVY/bHH/3GPo7iumDel3NWXLULDKcKaS1mZJVOt/BVKjT9zeWg82+VHEA3oTp
4EaV1YOf3xzfmBWtVd/Q2ScDU8lJrnQrOW+h2WcAV2st16ZB9B0urYr/IQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOawg3AxNtPxjSFViw8dBShO5WnvMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzdhNjQ2ZWMzLWZjMGUtNDBlNy1hZGI0LTgyZDVmZDgzZjAyOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGrynAMA0GCSqGSIb3DQEBCwUAA4IBAQAlpE1LGn8E7Lq6CeCSEUFd
HUFRMYJAYiI3NC8uFYzrHMKVM7hZCL1mc6nQr6vDXzwbteSMi41ZF/k1TWtWanNo
DJ5eBLx0nPhB87wOufWkaqrD6fhQBYwrWZWYSTTxeGdJCAcA/Sa/+et49SZIl7sM
kqUC/glKEJJwcgZUlRVAMJzA7REwHy22sZAxLfs2D3E2HO3DdRr/wJx0TwuMxoAe
L6WuOUiZ+TXtrgxpztwya5oCUwA+B+eztoVljFcj4wJQE4MZcDEJyf6V9RF7h8t8
hvYEmHo1rNh0/y4J9v3z/9bYHq82dLknYDI0cgtwWPW/GEmhIDTf9jd2UUr0Wtgt
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:17:11 2025 by rpki-client