Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/20b0bc1b-7e39-47a8-967a-5b3f58d75e03.roa
File: 20b0bc1b-7e39-47a8-967a-5b3f58d75e03.roa (raw, json)
Hash identifier: Nzrpns9bm9cALEcEiecaF8A15VtGjATDt4/EVO0KgJw=
Subject key identifier: 38:82:2E:72:4C:56:05:D3:FD:A7:53:B5:F4:B5:5E:5C:72:B0:A1:95
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 085FF7561CB52CB4A673695397104F59E43EB531
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/20b0bc1b-7e39-47a8-967a-5b3f58d75e03.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 240f:8000::/24 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:5f:f7:56:1c:b5:2c:b4:a6:73:69:53:97:10:4f:59:e4:3e:b5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5e:df:e9:31:13:2e:99:36:11:9d:a4:cb:8a:
71:97:30:c2:3e:4e:5f:ac:2c:0f:e2:15:5a:a3:0d:
dd:26:15:31:97:b4:77:a9:22:a7:21:a6:71:30:7d:
da:61:a8:9f:79:27:78:91:f4:0f:60:e8:c7:91:84:
43:c8:63:87:01:29:dd:3d:47:7b:5a:e2:b9:61:52:
52:cf:cf:6e:ca:f8:da:bf:88:69:74:cb:3c:e9:53:
39:d2:a9:e1:31:58:af:bd:20:eb:a3:59:35:fb:53:
a1:b5:45:a2:a1:e2:49:e3:97:12:86:47:ab:28:a5:
5d:c4:a5:20:fb:b8:99:dc:33:ce:2d:94:65:29:59:
e5:4e:02:13:af:c4:07:92:16:0f:16:c0:11:8f:cc:
50:f0:0a:e7:ac:ad:b0:fe:16:de:11:b4:e2:ad:96:
6b:02:5a:85:de:17:96:e4:48:32:06:7a:3a:b5:bc:
f1:e6:fd:14:10:d9:6d:1e:f6:45:6e:5e:cd:c7:f9:
08:ae:8f:69:d5:22:7e:4c:6f:0d:f3:95:d3:75:07:
3f:57:c1:6c:74:44:5b:2e:01:b5:fc:e8:54:0a:0d:
b5:00:fd:5e:37:4f:10:0b:12:3c:0a:75:91:ba:cd:
03:f8:61:7a:cc:0b:df:b0:9c:12:00:a8:14:1a:79:
4c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:82:2E:72:4C:56:05:D3:FD:A7:53:B5:F4:B5:5E:5C:72:B0:A1:95
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/20b0bc1b-7e39-47a8-967a-5b3f58d75e03.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8000::/24
Signature Algorithm: sha256WithRSAEncryption
a3:da:3e:cd:70:b6:76:0c:88:19:01:4a:bc:28:88:e0:d5:f8:
6f:9c:83:fd:c6:38:1f:c1:9e:08:b6:e4:13:62:d3:30:2a:7a:
78:71:3a:5e:3e:8f:73:c1:e5:e7:da:cc:68:a8:13:4c:de:ee:
9b:2f:53:ca:83:d4:e4:8d:7b:20:d1:de:aa:3e:56:4d:d3:a0:
6e:14:6d:52:82:1a:36:05:e0:5e:09:92:9e:fa:05:7d:64:33:
58:b3:3a:27:5a:f7:9b:2d:6f:78:8f:85:4a:fd:4d:d5:96:da:
75:bd:45:b0:a0:43:1c:a7:6c:1c:1d:c8:83:09:7c:e4:68:b2:
ae:68:20:cf:48:bb:8a:df:72:9d:71:58:7c:07:ce:3a:e4:0c:
2c:31:21:16:d0:25:8c:4c:08:35:3c:74:d7:93:8b:5a:27:0e:
c6:e6:ef:7a:e2:c5:17:1a:e3:e4:a6:8f:5e:19:bf:04:00:08:
f9:32:a8:71:a2:de:9b:83:5a:78:af:fa:a5:22:eb:ae:61:cc:
17:7f:26:94:c2:97:d5:01:49:3d:5f:f8:2a:62:f5:f4:d6:6e:
4f:19:dc:38:eb:c8:0b:36:2d:f8:5d:a4:d7:d1:99:fe:ae:f8:
2b:99:d4:d2:fa:d3:81:3b:8f:60:30:37:45:63:ab:a5:6d:5c:
20:66:ea:6b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUCF/3Vhy1LLSmc2lTlxBPWeQ+tTEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAYzE3NmU0YTdiNWZlNTcwNTdjNjQw
NjY1MWFkN2I4OTViNDdiYTAxMWViMTM2ZDM4YTMzNGZmNjUwNWZlODNhYTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV7f6TETLpk2EZ2ky4pxlzDCPk5f
rCwP4hVaow3dJhUxl7R3qSKnIaZxMH3aYaifeSd4kfQPYOjHkYRDyGOHASndPUd7
WuK5YVJSz89uyvjav4hpdMs86VM50qnhMVivvSDro1k1+1OhtUWioeJJ45cShker
KKVdxKUg+7iZ3DPOLZRlKVnlTgITr8QHkhYPFsARj8xQ8ArnrK2w/hbeEbTirZZr
AlqF3heW5EgyBno6tbzx5v0UENltHvZFbl7Nx/kIro9p1SJ+TG8N85XTdQc/V8Fs
dERbLgG1/OhUCg21AP1eN08QCxI8CnWRus0D+GF6zAvfsJwSAKgUGnlMgQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDiCLnJMVgXT/adTtfS1XlxysKGVMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzIwYjBiYzFiLTdlMzktNDdhOC05NjdhLTViM2Y1OGQ3NWUwMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQCj2j7NcLZ2DIgZAUq8KIjg
1fhvnIP9xjgfwZ4ItuQTYtMwKnp4cTpePo9zweXn2sxoqBNM3u6bL1PKg9TkjXsg
0d6qPlZN06BuFG1Sgho2BeBeCZKe+gV9ZDNYszonWvebLW94j4VK/U3Vltp1vUWw
oEMcp2wcHciDCXzkaLKuaCDPSLuK33KdcVh8B8465AwsMSEW0CWMTAg1PHTXk4ta
Jw7G5u964sUXGuPkpo9eGb8EAAj5Mqhxot6bg1p4r/qlIuuuYcwXfyaUwpfVAUk9
X/gqYvX01m5PGdw468gLNi34XaTX0Zn+rvgrmdTS+tOBO49gMDdFY6ulbVwgZupr
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:22:15 2025 by rpki-client