Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa
File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json)
Hash identifier: 6ZovkzuXWR5embjPjsD9FFhdC0QqrGaSRoXufIxo+Ns=
Subject key identifier: FA:86:56:5F:88:38:44:D8:16:70:D0:C6:23:03:63:15:B0:A0:4F:55
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 2582ACCB7FE9CF5173D12802C64EFB6C944ABFC5
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa
Signing time: Wed 05 Mar 2025 00:00:07 +0000
ROA not before: Wed 05 Mar 2025 00:00:07 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6500:2000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:82:ac:cb:7f:e9:cf:51:73:d1:28:02:c6:4e:fb:6c:94:4a:bf:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 5 00:00:07 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fe:3d:75:ad:6b:96:34:47:6e:b2:d7:fe:9d:
37:fe:01:bb:a5:c3:aa:61:ae:d8:81:c7:9e:70:7e:
bd:15:be:83:25:47:c5:1d:3f:b7:02:db:a6:8b:66:
b7:2f:0b:97:a5:ae:90:86:27:74:87:da:bc:43:6b:
0b:2e:62:41:f4:ae:2b:b2:bb:bd:13:7a:b2:e3:33:
63:ee:c9:df:cd:72:89:54:aa:fd:e4:c0:ca:cc:4e:
63:be:13:df:34:b4:8c:1c:2b:6a:1b:af:dc:be:a6:
b3:1c:da:8b:50:b5:15:45:0a:c1:ec:b1:03:c8:59:
fb:4c:66:10:50:88:2a:e8:a8:3b:15:00:09:96:a4:
d0:29:79:11:51:8a:e8:d2:c0:27:6c:7c:f1:9b:f4:
c9:fa:16:5c:51:cd:c2:b6:a5:cd:98:67:58:46:64:
a3:20:33:6c:51:78:00:3f:5f:f4:22:8c:be:4e:19:
b5:29:07:dd:32:f5:e8:df:ec:0c:09:38:6e:1f:35:
76:28:f3:b1:59:70:ef:d5:9f:d4:cc:e2:b6:16:84:
7d:63:19:22:27:46:72:2a:7c:73:ca:b8:16:ce:67:
52:7b:07:83:4b:ee:d2:ca:98:1e:76:9e:c0:e8:bc:
77:a9:03:52:a2:07:e5:8d:39:8f:1a:0e:53:85:1d:
60:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:86:56:5F:88:38:44:D8:16:70:D0:C6:23:03:63:15:B0:A0:4F:55
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6500:2000::/36
Signature Algorithm: sha256WithRSAEncryption
f8:37:9d:ca:30:b1:f4:7d:38:19:d5:2c:4b:23:96:95:0c:77:
bc:a8:57:5e:ad:d7:a3:25:fd:24:b7:37:99:77:3d:28:68:c7:
c8:b5:96:0e:9d:b7:21:a1:fd:dc:02:7c:f7:79:52:07:93:ec:
24:3a:64:85:f1:27:32:bc:88:0d:49:4e:ec:20:9e:01:6e:51:
c5:83:03:2e:3e:2b:82:ac:d3:05:85:a1:b7:4c:1a:19:dd:7c:
2f:5a:a2:69:9c:42:9e:0f:94:dd:3b:ad:c4:43:14:7d:c4:f7:
0b:46:e7:39:f3:f9:8c:52:13:ad:cf:f2:3d:99:ef:02:b6:fc:
5a:cb:fb:5d:3e:fa:b1:e0:dd:1a:ed:82:dd:92:74:d8:56:9b:
ac:d5:36:63:42:d9:f8:2f:fa:da:3e:da:ca:0c:1c:ee:aa:24:
27:ae:90:2f:1b:29:78:96:15:ac:cd:0a:95:b1:ec:af:61:f0:
65:6f:d9:fb:e0:a8:ab:d6:c6:29:57:b0:de:14:92:a8:fc:9b:
ea:b1:81:16:94:8e:6c:9c:cb:47:b0:37:58:c4:b1:2e:9b:b6:
aa:6c:c6:af:62:e5:bc:6b:82:36:a3:fa:9c:28:22:61:e3:1c:
e2:26:49:a1:0a:fa:29:63:29:17:dc:35:2e:d7:53:ae:d9:e1:
3d:f0:5d:ec
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJYKsy3/pz1Fz0SgCxk77bJRKv8UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMwNTAwMDAwN1oX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAMzg1ZjAxZDI2NzkyMmFlMmNhOWM1
MmM2NmZhZjVhYTUzOGI0NTk2ZmM2MmUwYWVmNGY1MDgzNjY1ODllODI4ODEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf49da1rljRHbrLX/p03/gG7pcOq
Ya7YgceecH69Fb6DJUfFHT+3Atumi2a3LwuXpa6Qhid0h9q8Q2sLLmJB9K4rsru9
E3qy4zNj7snfzXKJVKr95MDKzE5jvhPfNLSMHCtqG6/cvqazHNqLULUVRQrB7LED
yFn7TGYQUIgq6Kg7FQAJlqTQKXkRUYro0sAnbHzxm/TJ+hZcUc3CtqXNmGdYRmSj
IDNsUXgAP1/0Ioy+Thm1KQfdMvXo3+wMCThuHzV2KPOxWXDv1Z/UzOK2FoR9Yxki
J0ZyKnxzyrgWzmdSeweDS+7Sypgedp7A6Lx3qQNSogfljTmPGg5ThR1gjwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPqGVl+IOETYFnDQxiMDYxWwoE9VMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBAPg3ncowsfR9OBnVLEsj
lpUMd7yoV16t16Ml/SS3N5l3PShox8i1lg6dtyGh/dwCfPd5UgeT7CQ6ZIXxJzK8
iA1JTuwgngFuUcWDAy4+K4Ks0wWFobdMGhndfC9aommcQp4PlN07rcRDFH3E9wtG
5znz+YxSE63P8j2Z7wK2/FrL+10++rHg3Rrtgt2SdNhWm6zVNmNC2fgv+to+2soM
HO6qJCeukC8bKXiWFazNCpWx7K9h8GVv2fvgqKvWxilXsN4Ukqj8m+qxgRaUjmyc
y0ewN1jEsS6btqpsxq9i5bxrgjaj+pwoImHjHOImSaEK+iljKRfcNS7XU67Z4T3w
Xew=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:24 2025 by rpki-client