Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa
File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json)
Hash identifier: WOrCZsuSU93907mrq1/8L9PYRpGTUReLldH2W+51axM=
Subject key identifier: 17:FF:E2:DC:FB:D7:FB:4D:3B:1A:5A:89:66:20:88:82:B5:EB:DA:7D
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 0136A860FB9FAB9AB536E1BD04595B881A05DB69
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa
Signing time: Mon 31 Mar 2025 15:00:03 +0000
ROA not before: Mon 31 Mar 2025 15:00:03 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 00:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:36:a8:60:fb:9f:ab:9a:b5:36:e1:bd:04:59:5b:88:1a:05:db:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 31 15:00:03 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:1d:98:96:9c:7b:8f:7c:69:ca:d7:8e:6a:
9e:0a:87:eb:c9:b5:02:d1:a8:c0:f5:0e:bf:fd:c4:
75:d1:ec:b1:31:d4:3c:0c:43:64:98:7d:8a:15:6e:
fd:6f:33:27:f8:43:d4:19:f4:73:29:69:2b:7a:b9:
0f:d7:f9:8e:fd:56:03:ac:ea:82:2c:3d:50:b9:b6:
71:14:5a:5d:5c:8c:41:8e:78:0c:ca:28:f3:00:54:
40:99:06:4f:35:94:99:4e:84:21:d2:5b:bc:36:a8:
b8:12:32:d0:15:9c:1a:ae:d1:a4:a9:37:8c:b9:83:
f3:bb:9f:86:5d:65:04:a3:2f:ee:b7:bd:48:76:91:
de:e6:a1:cc:26:24:25:85:6d:a1:74:bc:17:28:bc:
0c:ff:6c:7f:1c:75:94:ab:73:62:15:0a:a8:df:08:
a8:f5:1a:39:1e:92:a0:5b:79:1a:34:89:0a:04:2f:
2c:2c:58:cf:99:16:83:5c:ae:b5:72:38:a4:7d:fb:
84:c9:dd:a3:0f:fa:b4:13:fd:08:e1:7f:cd:82:76:
2e:54:d5:28:03:e0:f9:c4:7c:9b:9d:fc:f5:79:2a:
42:af:10:5e:30:90:14:01:b8:68:ea:b7:df:8d:ba:
83:96:aa:18:bf:9b:4b:ab:7c:9a:b7:5d:5e:99:ee:
76:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FF:E2:DC:FB:D7:FB:4D:3B:1A:5A:89:66:20:88:82:B5:EB:DA:7D
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/48
Signature Algorithm: sha256WithRSAEncryption
ae:5f:68:6b:03:88:ee:21:2a:aa:46:1d:5f:6e:14:f1:96:65:
d4:b7:1b:93:2e:d7:c1:8f:b6:75:a8:b1:8f:f2:e1:99:03:e7:
f0:cc:aa:75:88:c3:9d:aa:80:9b:16:8e:8f:bc:27:54:94:f6:
ea:6c:11:40:3a:c1:69:df:3e:a9:a2:9b:6c:ac:83:23:de:f2:
9f:c1:42:40:ab:f3:8a:d4:16:51:6c:88:61:67:7f:16:f2:a1:
1c:5d:81:d7:a4:4e:81:53:e8:1e:af:1b:4b:e6:c6:98:76:55:
bc:21:1b:6c:80:7b:c0:c4:22:d2:2e:99:a8:85:2c:93:55:17:
99:70:5a:a9:3d:d7:8b:bf:aa:e7:39:fe:32:3c:62:3d:16:87:
9e:65:cf:90:57:eb:c1:6b:76:0b:18:6a:82:61:97:37:ba:97:
a8:19:be:07:a2:57:e6:1b:70:0c:d5:28:e0:aa:ad:a0:3d:c5:
a4:7b:e3:a9:cd:29:51:f3:9f:1b:47:75:fb:fa:a0:39:fd:d0:
3b:1e:17:f7:3c:b1:d2:32:c7:dc:9f:21:7a:b7:05:79:31:97:
b1:f9:c4:13:06:df:bf:02:d0:1e:71:0b:0b:54:f9:87:ab:19:
8d:71:26:64:d0:d9:ca:60:f5:67:7d:6d:4c:e7:1d:9d:16:d4:
e7:8a:a8:96
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUATaoYPufq5q1NuG9BFlbiBoF22kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMzMTE1MDAwM1oX
DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAOWEzZjFhMGJjNWU0N2M2YjMwYWNm
NjdhNzdjYWQzNjg1M2RmY2ZkYTA4ODI5ZDI5YmIwODBmM2U4ZDY0ZmI5ODEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOkdmJace498acrXjmqeCofrybUC
0ajA9Q6//cR10eyxMdQ8DENkmH2KFW79bzMn+EPUGfRzKWkrerkP1/mO/VYDrOqC
LD1QubZxFFpdXIxBjngMyijzAFRAmQZPNZSZToQh0lu8Nqi4EjLQFZwartGkqTeM
uYPzu5+GXWUEoy/ut71IdpHe5qHMJiQlhW2hdLwXKLwM/2x/HHWUq3NiFQqo3wio
9Ro5HpKgW3kaNIkKBC8sLFjPmRaDXK61cjikffuEyd2jD/q0E/0I4X/NgnYuVNUo
A+D5xHybnfz1eSpCrxBeMJAUAbho6rffjbqDlqoYv5tLq3yat11eme52gQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBf/4tz71/tNOxpaiWYgiIK169p9MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCuX2hrA4juISqqRh1f
bhTxlmXUtxuTLtfBj7Z1qLGP8uGZA+fwzKp1iMOdqoCbFo6PvCdUlPbqbBFAOsFp
3z6poptsrIMj3vKfwUJAq/OK1BZRbIhhZ38W8qEcXYHXpE6BU+gerxtL5saYdlW8
IRtsgHvAxCLSLpmohSyTVReZcFqpPdeLv6rnOf4yPGI9FoeeZc+QV+vBa3YLGGqC
YZc3upeoGb4HolfmG3AM1Sjgqq2gPcWke+OpzSlR858bR3X7+qA5/dA7Hhf3PLHS
MsfcnyF6twV5MZex+cQTBt+/AtAecQsLVPmHqxmNcSZk0NnKYPVnfW1M5x2dFtTn
iqiW
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:14:44 2025 by rpki-client