Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b717a7c-c565-45fc-8176-9e1532f89063.roa
File: 2b717a7c-c565-45fc-8176-9e1532f89063.roa (raw, json)
Hash identifier: 4Aeui0P7SORFahwM3PwKuZqGIgu0GQOhR0qsSc+z8QQ=
Subject key identifier: F1:05:93:F4:9B:7E:80:F7:E3:E2:2B:2B:09:84:E0:9E:29:E2:DD:09
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 61906DFAF5437077BDC772CAE60D6A66A7280E39
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b717a7c-c565-45fc-8176-9e1532f89063.roa
Signing time: Fri 28 Mar 2025 00:00:28 +0000
ROA not before: Fri 28 Mar 2025 00:00:28 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daee:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:90:6d:fa:f5:43:70:77:bd:c7:72:ca:e6:0d:6a:66:a7:28:0e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 28 00:00:28 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:ae:7b:5c:69:33:72:92:16:c9:3d:f6:42:
02:28:de:af:b7:a1:74:1a:96:ef:1a:3a:30:1c:c6:
6d:37:36:ef:f0:9a:67:2f:e3:10:34:3d:32:b2:70:
74:61:bf:ed:51:59:49:ab:b3:d3:c3:1d:0b:e5:02:
9d:33:d3:f6:29:93:5b:8e:03:db:5c:53:c9:af:7c:
be:3a:20:cb:07:00:88:64:32:5a:81:5b:b6:3c:18:
04:a1:5b:48:f5:72:9a:2f:32:42:81:b9:eb:97:97:
3a:29:42:ab:fe:fe:9b:42:1b:d4:c2:ea:59:85:51:
53:cf:65:70:15:df:02:c7:ff:de:e0:ff:87:bb:c3:
c4:15:e9:0e:f8:5a:7c:7d:44:b4:55:28:26:e4:a5:
e1:9a:45:5f:1c:0b:d7:78:ca:f8:72:db:aa:b6:fe:
13:53:2f:1f:6e:18:2b:57:c1:1e:2d:45:a3:a5:6f:
29:1a:54:57:47:20:67:9d:0c:57:8f:30:81:57:7d:
a2:af:0a:ee:46:94:6d:e2:d9:f1:5a:9a:be:6e:48:
a6:3a:c3:60:d5:36:21:af:f7:de:fd:25:7b:ce:21:
67:ea:d6:26:aa:f9:49:2a:9e:48:2a:01:53:74:bf:
2e:49:5d:d6:2f:5a:bb:df:c9:f7:08:03:e8:66:cc:
97:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:05:93:F4:9B:7E:80:F7:E3:E2:2B:2B:09:84:E0:9E:29:E2:DD:09
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b717a7c-c565-45fc-8176-9e1532f89063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daee:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:f3:0e:c8:de:11:97:ee:68:cb:ed:69:38:c9:88:9f:2b:6a:
1b:73:b8:11:a0:4e:d0:37:ce:e4:88:e4:df:88:bc:cc:a3:54:
08:94:98:52:4d:ba:a3:64:a1:58:14:cb:5d:10:e4:53:98:5f:
1e:ce:9a:15:61:ab:96:db:1e:90:1f:0d:be:2b:f5:23:b0:6a:
1d:f7:b1:e8:e4:52:a1:0c:86:59:dc:8d:7f:07:e7:97:72:c0:
2a:72:37:a5:8e:a1:a4:bd:57:75:29:3e:7e:eb:00:b1:fb:e1:
a2:57:e2:3c:59:90:23:13:57:4a:5f:19:26:69:a5:2e:36:e5:
a2:13:36:7b:2c:bd:72:92:b9:65:4f:3d:fc:30:88:67:23:5e:
14:0c:f7:6c:cc:fd:34:e1:e4:c2:90:71:99:44:0e:3e:81:ed:
70:d3:82:42:e1:5b:9d:5a:86:ed:c8:a7:61:4e:59:02:05:a8:
c6:13:85:1c:61:4e:4b:0a:59:1a:30:18:89:20:e5:bb:05:b7:
4d:ca:9f:55:98:9b:3e:8b:ca:87:30:73:26:b0:cf:b2:7e:85:
81:73:17:19:f6:53:45:e7:88:50:31:7f:14:4c:27:c9:88:f4:
bc:e0:d2:82:11:c7:a6:54:e1:ce:11:ef:b1:be:3b:0b:9e:f0:
08:7b:d2:a6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYZBt+vVDcHe9x3LK5g1qZqcoDjkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyODAwMDAyOFoX
DTI1MDUwMjIzNTk1OVowejFJMEcGA1UEBRNAY2I5ZGJkYjQwZTZkMTIxYjUzZGVh
NzJmZTMxN2FjMmZkOThiOThhNGJjOGZiNDVlZjNkMzJhZDE3ZDBjMjQwZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl2ue1xpM3KSFsk99kICKN6vt6F0
GpbvGjowHMZtNzbv8JpnL+MQND0ysnB0Yb/tUVlJq7PTwx0L5QKdM9P2KZNbjgPb
XFPJr3y+OiDLBwCIZDJagVu2PBgEoVtI9XKaLzJCgbnrl5c6KUKr/v6bQhvUwupZ
hVFTz2VwFd8Cx//e4P+Hu8PEFekO+Fp8fUS0VSgm5KXhmkVfHAvXeMr4ctuqtv4T
Uy8fbhgrV8EeLUWjpW8pGlRXRyBnnQxXjzCBV32irwruRpRt4tnxWpq+bkimOsNg
1TYhr/fe/SV7ziFn6tYmqvlJKp5IKgFTdL8uSV3WL1q738n3CAPoZsyXgwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPEFk/SbfoD34+IrKwmE4J4p4t0JMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJiNzE3YTdjLWM1NjUtNDVmYy04MTc2LTllMTUzMmY4OTA2My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7iAwDQYJKoZIhvcNAQELBQADggEBAG3zDsjeEZfuaMvtaTjJ
iJ8rahtzuBGgTtA3zuSI5N+IvMyjVAiUmFJNuqNkoVgUy10Q5FOYXx7OmhVhq5bb
HpAfDb4r9SOwah33sejkUqEMhlncjX8H55dywCpyN6WOoaS9V3UpPn7rALH74aJX
4jxZkCMTV0pfGSZppS425aITNnssvXKSuWVPPfwwiGcjXhQM92zM/TTh5MKQcZlE
Dj6B7XDTgkLhW51ahu3Ip2FOWQIFqMYThRxhTksKWRowGIkg5bsFt03Kn1WYmz6L
yocwcyawz7J+hYFzFxn2U0XniFAxfxRMJ8mI9Lzg0oIRx6ZU4c4R77G+Owue8Ah7
0qY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:24 2025 by rpki-client