Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa
File: 3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa (raw, json)
Hash identifier: RWKqVnRN2I3KOl+Svsryzmn8x6qEzu58XKLJ1hFzIss=
Subject key identifier: 11:78:AD:F4:E6:77:6E:2D:80:D9:1D:55:D4:58:30:A7:99:23:12:2E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 53C9C3108C4F7B95E36971D6E533422FAB7CF699
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa
Signing time: Sat 15 Mar 2025 00:00:08 +0000
ROA not before: Sat 15 Mar 2025 00:00:08 +0000
ROA not after: Sat 19 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da32:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c9:c3:10:8c:4f:7b:95:e3:69:71:d6:e5:33:42:2f:ab:7c:f6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 15 00:00:08 2025 GMT
Not After : Apr 19 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2b:00:16:d9:9b:89:2f:20:19:ea:fa:6f:c4:
70:96:34:e5:df:20:5b:7c:43:1b:5f:0d:58:02:9f:
a0:ef:eb:f5:f2:b0:0f:9b:52:8b:23:a2:8c:3e:35:
2f:50:f0:df:bf:b4:11:2a:64:a1:b8:a3:eb:35:fb:
fe:ba:3d:79:53:17:64:d2:2f:ce:56:53:10:79:51:
87:4c:38:2f:e9:c7:cd:a6:68:f1:48:4d:ed:f8:37:
ab:a5:7f:4c:72:ca:ba:43:1c:be:0d:0e:44:6e:13:
5d:e4:17:e3:1a:e3:8e:6a:4a:e5:8c:5c:07:48:05:
0e:22:ef:9f:62:62:e5:be:c7:c4:f4:e8:31:36:a3:
14:75:18:18:2c:95:53:3a:cb:39:7f:e0:0b:08:ee:
1d:d1:37:90:be:0b:5d:96:8f:eb:38:d2:cd:1d:db:
96:e7:3b:b8:99:bc:41:a4:a3:cb:37:3c:46:17:78:
a2:4e:4a:1b:9c:e7:43:7e:63:8c:3a:f3:71:39:c5:
f5:dd:e1:28:cc:ad:52:9c:ca:34:32:18:d1:26:12:
87:94:c3:31:8a:8a:30:a6:f3:d8:2b:4d:bd:e4:9c:
01:87:eb:72:d9:a0:36:16:ec:13:3f:e1:91:05:fb:
fb:58:8c:53:80:39:af:f5:b3:20:86:0d:e7:aa:23:
3b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:78:AD:F4:E6:77:6E:2D:80:D9:1D:55:D4:58:30:A7:99:23:12:2E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da32:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:8b:4a:dc:b4:e6:32:46:8d:4b:7f:b0:ca:92:c0:7f:b2:e1:
5a:8d:e7:1d:90:16:b0:25:47:d0:ec:0f:93:20:5d:36:69:d1:
1d:98:e1:94:3b:d4:9c:ee:7f:5d:a4:d7:c8:2f:aa:f5:8a:fc:
5b:86:bd:c4:8c:cd:41:7d:14:d7:5e:4d:fe:24:e1:9f:2e:e2:
3a:c3:c0:15:5d:91:72:d7:4c:20:dd:5a:86:e3:01:4c:d1:9e:
ef:ad:0a:0e:e4:29:94:bc:ba:79:e8:1e:e3:d8:e4:d3:eb:75:
80:c4:78:1a:be:ce:22:bb:7a:de:78:83:80:9f:66:a5:55:cc:
45:92:0f:78:4b:93:ee:c0:d8:bc:e5:66:fb:14:9d:73:a3:c5:
9f:5c:8d:d2:be:01:1b:1e:40:b1:dc:41:75:14:fc:df:e6:cd:
12:ab:19:a5:7c:ff:6e:5d:50:f3:52:cd:82:d7:53:15:4a:3c:
41:a0:36:86:8c:f0:f2:ac:f2:13:e9:83:46:be:59:1e:fb:7f:
b8:55:20:27:4f:0d:e4:9c:18:80:ac:f9:13:27:5b:27:70:88:
d4:45:dd:06:ce:a2:a4:63:d5:4a:b7:46:15:d1:ec:b0:d0:e4:
2a:7d:68:7d:68:db:61:76:c7:4e:94:a1:51:8b:d5:03:86:d4:
12:02:b1:5f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUU8nDEIxPe5XjaXHW5TNCL6t89pkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxNTAwMDAwOFoX
DTI1MDQxOTIzNTk1OVowejFJMEcGA1UEBRNAYjM4ZDQ2OGJkOWEwODIyYTVmMWFh
Mzc4YWEyNGI1MzljOTc5Njk5ZWZlZGEyZmYyMWNjMTRjNzlmODE4YTUxMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ysAFtmbiS8gGer6b8RwljTl3yBb
fEMbXw1YAp+g7+v18rAPm1KLI6KMPjUvUPDfv7QRKmShuKPrNfv+uj15Uxdk0i/O
VlMQeVGHTDgv6cfNpmjxSE3t+DerpX9Mcsq6Qxy+DQ5EbhNd5BfjGuOOakrljFwH
SAUOIu+fYmLlvsfE9OgxNqMUdRgYLJVTOss5f+ALCO4d0TeQvgtdlo/rONLNHduW
5zu4mbxBpKPLNzxGF3iiTkobnOdDfmOMOvNxOcX13eEozK1SnMo0MhjRJhKHlMMx
ioowpvPYK0295JwBh+ty2aA2FuwTP+GRBfv7WIxTgDmv9bMghg3nqiM7hwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBF4rfTmd24tgNkdVdRYMKeZIxIuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNmMzE5YmE0LTRmNzUtNDlmZC05YTNiLWE5MGM5MzhhMjRhZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMkAwDQYJKoZIhvcNAQELBQADggEBAEuLSty05jJGjUt/sMqS
wH+y4VqN5x2QFrAlR9DsD5MgXTZp0R2Y4ZQ71Jzuf12k18gvqvWK/FuGvcSMzUF9
FNdeTf4k4Z8u4jrDwBVdkXLXTCDdWobjAUzRnu+tCg7kKZS8unnoHuPY5NPrdYDE
eBq+ziK7et54g4CfZqVVzEWSD3hLk+7A2LzlZvsUnXOjxZ9cjdK+ARseQLHcQXUU
/N/mzRKrGaV8/25dUPNSzYLXUxVKPEGgNoaM8PKs8hPpg0a+WR77f7hVICdPDeSc
GICs+RMnWydwiNRF3QbOoqRj1Uq3RhXR7LDQ5Cp9aH1o22F2x06UoVGL1QOG1BIC
sV8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:50 2025 by rpki-client