Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa
File: 381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa (raw, json)
Hash identifier: qiduxW6OKaX8A8UkVzjBFeOckjCrwZj/WeoIAbh9e10=
Subject key identifier: 48:BF:D3:BA:80:30:E0:D2:EF:72:BA:68:02:79:E8:18:B6:86:38:61
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 0EAE8139163C654FB7FE824FFF0E424434C56C54
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa
Signing time: Wed 05 Mar 2025 00:00:04 +0000
ROA not before: Wed 05 Mar 2025 00:00:04 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:ae:81:39:16:3c:65:4f:b7:fe:82:4f:ff:0e:42:44:34:c5:6c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Mar 5 00:00:04 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5b:34:59:86:4a:fa:1c:cf:36:1c:74:f7:a5:
41:2b:d9:29:76:ed:04:b5:3a:94:46:a6:53:77:f1:
28:51:ed:46:3d:16:5a:37:08:55:c4:18:4b:41:ed:
6f:77:c4:3c:48:21:ec:41:0e:71:67:ae:21:fa:aa:
37:be:4a:ed:90:a0:56:f6:ce:58:6c:24:d2:22:98:
0e:d9:a0:92:03:e6:a5:87:5d:44:59:ff:fd:ca:d2:
b5:2a:5f:0e:d3:3d:2c:67:80:15:86:cc:c9:88:c9:
f1:10:dd:c1:cb:5b:98:01:1e:c1:b3:71:01:95:40:
dd:c5:92:f2:49:b3:31:a4:08:fa:8a:8d:36:b6:9e:
a3:5e:5f:81:96:f3:5f:95:d5:36:c0:76:a6:de:c3:
88:d7:fc:fa:c6:d5:d7:c1:64:3f:89:1f:e3:ba:84:
f1:e8:9e:26:a4:79:c0:3c:14:ae:59:41:2b:69:b2:
73:36:b9:13:10:94:61:90:c0:10:90:8b:3c:a4:2c:
d9:22:4b:00:c4:1a:01:6e:03:7c:3b:06:41:5d:46:
56:06:97:bd:f8:1d:32:56:aa:cf:2a:c3:31:79:94:
0c:ff:d6:e2:e9:67:6d:01:20:d8:06:a8:33:80:15:
61:b8:cb:99:bc:d5:ff:23:b7:bf:82:b3:1f:24:85:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BF:D3:BA:80:30:E0:D2:EF:72:BA:68:02:79:E8:18:B6:86:38:61
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/381fc6e6-5d49-41bc-b584-d9437c68e3cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300::/48
Signature Algorithm: sha256WithRSAEncryption
3d:d4:d7:4f:93:3e:f2:4f:44:cc:98:5d:93:55:61:b0:65:50:
78:20:83:f2:33:f2:af:3d:47:e3:21:e5:79:bb:e8:f3:1c:88:
60:ce:84:c5:96:28:26:9d:e4:89:3a:4b:ce:4c:62:a5:e1:a4:
55:e8:72:8b:c1:97:f7:61:0e:d0:88:e5:b5:ec:97:1b:5a:04:
2d:bc:e6:1c:7d:07:d4:64:71:98:36:f2:8f:64:e9:c4:dd:29:
33:c4:19:89:70:67:00:0c:83:e9:67:a7:4f:f0:13:86:a6:52:
3c:96:ff:84:4d:e0:1d:9c:52:4d:c9:39:ac:23:1e:1a:1c:83:
0c:94:44:55:78:27:44:4a:cd:e3:9c:2a:6d:7e:61:a2:de:88:
22:65:b9:d3:3c:50:85:f2:29:32:54:ef:1b:59:5b:68:1e:fc:
a9:f5:e5:36:1b:9d:92:3b:a5:d2:46:80:74:f9:eb:97:08:67:
91:b7:6f:24:04:bc:ee:f8:3a:4a:e7:d2:9a:86:bd:46:5d:88:
b9:33:06:0c:5d:31:28:2f:7a:be:67:9d:5e:33:be:cb:e2:46:
02:e2:af:a5:b9:f8:da:ef:a6:a5:60:00:0b:7d:91:39:58:5e:
be:f0:da:ca:9c:1d:de:18:04:a5:ef:52:af:44:71:c6:e8:77:
75:63:e2:50
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUDq6BORY8ZU+3/oJP/w5CRDTFbFQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDMwNTAwMDAwNFoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAOThiNWVmMmE1ZWMxYTQ2MTRjNzBh
YTA4MzE0MWI4ODBjZjk4NGYyMzVmYTlkZGE3NWY4NjBmOTAxYmUwMjU0MjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ls0WYZK+hzPNhx096VBK9kpdu0E
tTqURqZTd/EoUe1GPRZaNwhVxBhLQe1vd8Q8SCHsQQ5xZ64h+qo3vkrtkKBW9s5Y
bCTSIpgO2aCSA+alh11EWf/9ytK1Kl8O0z0sZ4AVhszJiMnxEN3By1uYAR7Bs3EB
lUDdxZLySbMxpAj6io02tp6jXl+BlvNfldU2wHam3sOI1/z6xtXXwWQ/iR/juoTx
6J4mpHnAPBSuWUErabJzNrkTEJRhkMAQkIs8pCzZIksAxBoBbgN8OwZBXUZWBpe9
+B0yVqrPKsMxeZQM/9bi6WdtASDYBqgzgBVhuMuZvNX/I7e/grMfJIUI+wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEi/07qAMODS73K6aAJ56Bi2hjhhMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzM4MWZjNmU2LTVkNDktNDFiYy1iNTg0LWQ5NDM3YzY4ZTNjZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA91NdPkz7yT0TMmF2T
VWGwZVB4IIPyM/KvPUfjIeV5u+jzHIhgzoTFligmneSJOkvOTGKl4aRV6HKLwZf3
YQ7QiOW17JcbWgQtvOYcfQfUZHGYNvKPZOnE3SkzxBmJcGcADIPpZ6dP8BOGplI8
lv+ETeAdnFJNyTmsIx4aHIMMlERVeCdESs3jnCptfmGi3ogiZbnTPFCF8ikyVO8b
WVtoHvyp9eU2G52SO6XSRoB0+euXCGeRt28kBLzu+DpK59Kahr1GXYi5MwYMXTEo
L3q+Z51eM77L4kYC4q+lufja76alYAALfZE5WF6+8NrKnB3eGASl71KvRHHG6Hd1
Y+JQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:14:06 2025 by rpki-client