Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa
File: 13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa (raw, json)
Hash identifier: g34Ha/XaRKobhZ8aq8Ib/UNrM2mzSVkas3IDYSJjFpY=
Subject key identifier: B5:43:F6:4D:16:83:7A:65:32:B7:10:BD:A0:DD:B7:2D:A2:CF:F2:E0
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4910300F20ABB75334D29ACCF384B4A6EDA2D1B0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa
Signing time: Tue 25 Mar 2025 16:10:09 +0000
ROA not before: Tue 25 Mar 2025 16:10:09 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafe:9000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:10:30:0f:20:ab:b7:53:34:d2:9a:cc:f3:84:b4:a6:ed:a2:d1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 25 16:10:09 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:47:86:cd:13:5d:23:73:86:f2:88:ac:89:8b:
86:99:4a:bb:5d:0f:3f:ca:6d:fc:76:50:1c:eb:63:
b7:98:bd:88:8f:56:51:3d:8b:f1:3f:ea:04:32:56:
b3:17:3e:63:8c:2f:8c:d2:ad:ea:2f:e6:e6:4e:b8:
7f:2f:b1:47:0b:57:f0:a0:6e:61:3e:55:11:12:3e:
43:69:64:7b:73:64:b7:6e:29:50:46:ce:8e:88:5d:
8a:73:ec:a2:2a:24:52:39:57:f0:86:be:02:26:c5:
64:d0:1b:53:b1:c1:1f:ac:7f:15:33:1d:17:69:07:
e6:bf:65:f0:db:41:de:51:7e:91:b4:ae:20:61:68:
b9:96:ab:68:fb:dc:61:a9:38:41:f0:80:ed:2c:a5:
53:b8:0c:63:1b:5f:df:6d:a2:c4:4e:d8:b7:84:b6:
83:8b:87:d8:81:89:43:3b:b6:d3:98:c5:d7:f7:39:
a2:0d:53:f2:2e:e4:58:3f:6a:2b:4a:93:9a:7d:a5:
be:9e:ba:77:2d:0f:c9:ec:3b:e3:e8:ea:76:ca:74:
7f:21:7d:2d:1c:1c:aa:49:5e:46:e8:0c:b9:09:c6:
39:1c:22:38:2e:56:e9:a4:36:51:2d:a1:80:97:28:
24:fa:52:f7:ca:ee:c6:f7:d4:7d:af:93:11:c5:8a:
94:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:43:F6:4D:16:83:7A:65:32:B7:10:BD:A0:DD:B7:2D:A2:CF:F2:E0
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13f5f01a-ab8f-4788-ba91-6bc86de44e18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafe:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:32:79:35:47:fd:4e:03:39:0a:3e:a5:6f:ab:93:40:7a:2f:
84:08:ab:78:35:31:67:5d:b3:4a:27:d7:b7:34:62:c0:3e:e2:
bc:5b:aa:73:d0:5c:86:91:8d:3c:0b:a7:f9:3d:76:a0:38:9a:
4b:62:7b:00:a8:53:2e:88:91:22:14:33:af:ce:86:c6:a3:e2:
9a:60:2c:d5:ff:9e:11:96:32:74:42:0d:fb:e3:c2:b8:58:f8:
37:fa:6c:1d:01:f9:00:ef:1a:e4:a4:c4:4c:dc:69:dc:dc:dd:
8e:35:e1:e6:50:ff:32:b5:c7:fb:e1:6a:d6:86:77:bf:14:ab:
0e:30:05:ca:1d:f6:e2:e4:9a:67:0e:d4:b4:85:1f:da:fc:5b:
ed:28:69:8d:35:6d:a2:12:57:40:10:13:fb:ca:e4:ca:c0:1c:
d8:f3:90:74:97:e4:91:f1:38:cb:23:ef:04:cf:75:87:0c:22:
cb:18:68:9d:29:06:1c:8e:73:19:ba:58:ad:d9:0d:27:bd:7a:
82:97:93:bf:40:b1:57:4b:76:4a:c0:ae:40:bd:8f:c0:e1:0e:
69:4a:72:0e:38:53:30:46:bd:79:21:f4:f2:83:4d:04:b1:e3:
97:b7:44:ee:a1:c9:c4:45:ea:6e:52:91:73:1b:19:5e:fb:bb:
79:d3:35:c8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSRAwDyCrt1M00prM84S0pu2i0bAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MTAwOVoX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYjA1ZDI5MWU1OGJjMTgzMTA0YmMy
OGY4NGE0MDQ0MmZjMGQ1N2QwYjNkMzFmYTZiYTA1Mjc1YjBlNzRhNGJmODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEeGzRNdI3OG8oisiYuGmUq7XQ8/
ym38dlAc62O3mL2Ij1ZRPYvxP+oEMlazFz5jjC+M0q3qL+bmTrh/L7FHC1fwoG5h
PlUREj5DaWR7c2S3bilQRs6OiF2Kc+yiKiRSOVfwhr4CJsVk0BtTscEfrH8VMx0X
aQfmv2Xw20HeUX6RtK4gYWi5lqto+9xhqThB8IDtLKVTuAxjG1/fbaLETti3hLaD
i4fYgYlDO7bTmMXX9zmiDVPyLuRYP2orSpOafaW+nrp3LQ/J7Dvj6Op2ynR/IX0t
HByqSV5G6Ay5CcY5HCI4LlbppDZRLaGAlygk+lL3yu7G99R9r5MRxYqUywIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLVD9k0Wg3plMrcQvaDdty2iz/LgMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzEzZjVmMDFhLWFiOGYtNDc4OC1iYTkxLTZiYzg2ZGU0NGUxOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/pAwDQYJKoZIhvcNAQELBQADggEBAKUyeTVH/U4DOQo+pW+r
k0B6L4QIq3g1MWdds0on17c0YsA+4rxbqnPQXIaRjTwLp/k9dqA4mktiewCoUy6I
kSIUM6/Ohsaj4ppgLNX/nhGWMnRCDfvjwrhY+Df6bB0B+QDvGuSkxEzcadzc3Y41
4eZQ/zK1x/vhataGd78Uqw4wBcod9uLkmmcO1LSFH9r8W+0oaY01baISV0AQE/vK
5MrAHNjzkHSX5JHxOMsj7wTPdYcMIssYaJ0pBhyOcxm6WK3ZDSe9eoKXk79AsVdL
dkrArkC9j8DhDmlKcg44UzBGvXkh9PKDTQSx45e3RO6hycRF6m5SkXMbGV77u3nT
Ncg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:26:38 2025 by rpki-client