Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa
File: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (raw, json)
Hash identifier: xhHQDLSJ6yPbZTjlXKsWqW/jJY8O0zFfjtGgiWC7Wfw=
Subject key identifier: AE:08:91:81:80:DA:20:02:E5:9F:08:77:DE:2A:D6:B1:64:93:EE:9D
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 7DCA5CABF78C35B42A6CD8E2E0E81C8060E972E9
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa
Signing time: Tue 25 Mar 2025 16:50:04 +0000
ROA not before: Tue 25 Mar 2025 16:50:04 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:ca:5c:ab:f7:8c:35:b4:2a:6c:d8:e2:e0:e8:1c:80:60:e9:72:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Mar 25 16:50:04 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e3:fb:c3:e4:aa:ea:d7:c2:93:6c:61:f6:c0:
aa:11:fb:95:c6:63:d8:5d:03:8f:12:ae:86:49:4c:
97:37:7f:08:bf:fd:cd:55:4a:91:e7:7b:f3:96:ef:
2c:83:ff:6f:8e:b9:e7:8b:77:39:e0:74:65:24:e5:
ad:bb:72:64:f3:68:98:7f:3d:73:78:fa:54:a0:c8:
66:2b:b0:71:01:dd:ca:9e:bf:c4:01:7d:28:bb:c9:
f0:0e:65:75:b6:f0:33:fd:f7:32:66:7d:c6:27:01:
31:a7:e4:f9:00:d6:b2:5b:43:20:34:21:a5:6a:45:
0b:33:c8:93:71:d8:07:e0:5f:26:2d:db:89:00:ef:
b5:47:b5:31:c0:20:e7:2c:d5:d2:dd:7a:0b:d5:89:
91:3c:6d:62:24:eb:a8:51:bc:00:7c:d7:ae:01:80:
be:c0:9e:a3:24:27:db:b9:94:f9:d2:a0:65:77:8b:
ba:4e:4e:80:ae:75:dc:c5:62:48:74:62:2f:28:3a:
e9:59:2b:dd:89:e3:e8:19:7d:b9:d5:00:c1:3c:6f:
53:8f:8c:c5:b9:0c:01:e3:e2:ec:d0:89:6e:22:e3:
4a:35:4d:9b:cf:9f:e4:63:ac:15:4a:28:ab:32:d8:
71:05:ec:53:40:12:cf:e0:a6:dd:24:e0:03:05:57:
0a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:08:91:81:80:DA:20:02:E5:9F:08:77:DE:2A:D6:B1:64:93:EE:9D
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300::/32
Signature Algorithm: sha256WithRSAEncryption
90:2f:f9:f2:fe:c6:98:53:fa:64:d0:57:62:31:bc:71:18:91:
49:e3:07:0d:3f:a2:45:e7:48:a1:11:32:78:5e:96:15:6f:7f:
08:9e:40:94:f2:56:7d:4d:cd:ea:0c:82:a0:27:ac:c1:c3:76:
05:b8:c7:53:c7:a9:4b:c1:7f:60:ca:b2:b8:10:55:47:8c:00:
08:96:30:fa:cd:b1:3b:43:f8:4e:2d:4b:23:38:51:eb:3a:2b:
11:fa:cf:35:0e:bb:e3:2d:09:ac:4f:58:71:0c:47:e7:99:cf:
20:57:93:65:22:a6:c1:36:53:e9:a2:44:66:46:d9:9f:c5:02:
1f:ef:66:ab:d7:9c:83:ea:90:7f:cb:08:b1:e7:0d:75:6c:91:
79:2c:c0:23:9f:4b:23:f8:ca:e2:a4:0a:fc:46:9f:8c:6e:48:
b7:7e:6b:ea:6e:51:e1:e9:b9:25:7a:6f:e1:d5:6e:d0:ef:dd:
9c:ea:11:01:46:a9:25:c7:10:e9:af:61:a5:6a:ca:f3:dd:90:
7b:68:fb:a8:7d:c6:6d:96:74:ed:b5:8f:78:96:36:8d:76:2d:
04:46:0f:5b:cf:d8:d5:57:90:ec:3c:8d:60:e1:fa:0b:4c:3d:
36:c8:a9:0e:a3:d9:98:8b:4e:76:a8:27:29:3d:4a:15:6e:6b:
6f:24:97:7a
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUfcpcq/eMNbQqbNji4OgcgGDpcukwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDMyNTE2NTAwNFoX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMGUyNzc4ZDU4NTM2Y2ZlZTVjMjYz
ZmI0M2UzNmJkYjhiZDdjMWQ1NDg2MTM5MGE2YzRjMjE0ZGRjNzNkMDQwZDEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeP7w+Sq6tfCk2xh9sCqEfuVxmPY
XQOPEq6GSUyXN38Iv/3NVUqR53vzlu8sg/9vjrnni3c54HRlJOWtu3Jk82iYfz1z
ePpUoMhmK7BxAd3Knr/EAX0ou8nwDmV1tvAz/fcyZn3GJwExp+T5ANayW0MgNCGl
akULM8iTcdgH4F8mLduJAO+1R7UxwCDnLNXS3XoL1YmRPG1iJOuoUbwAfNeuAYC+
wJ6jJCfbuZT50qBld4u6Tk6ArnXcxWJIdGIvKDrpWSvdiePoGX251QDBPG9Tj4zF
uQwB4+Ls0IluIuNKNU2bz5/kY6wVSiirMthxBexTQBLP4KbdJOADBVcKtQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFK4IkYGA2iAC5Z8Id94q1rFkk+6dMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
L2NjMmY3MDkzLTIxYTYtNDAwZi05ZGIxLTkzYzJmZTAyYmMxYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAkC/58v7GmFP6ZNBXYjG8
cRiRSeMHDT+iRedIoREyeF6WFW9/CJ5AlPJWfU3N6gyCoCeswcN2BbjHU8epS8F/
YMqyuBBVR4wACJYw+s2xO0P4Ti1LIzhR6zorEfrPNQ674y0JrE9YcQxH55nPIFeT
ZSKmwTZT6aJEZkbZn8UCH+9mq9ecg+qQf8sIsecNdWyReSzAI59LI/jK4qQK/Eaf
jG5It35r6m5R4em5JXpv4dVu0O/dnOoRAUapJccQ6a9hpWrK892Qe2j7qH3GbZZ0
7bWPeJY2jXYtBEYPW8/Y1VeQ7DyNYOH6C0w9NsipDqPZmItOdqgnKT1KFW5rbySX
eg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:13 2025 by rpki-client