Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa
File: 4a75b2a7-15e5-4501-aaaf-4737a678d996.roa (raw, json)
Hash identifier: kwpbjhyr76p7+6VMBRAXF0CicmE3qqcuA+yJtb6xJFg=
Subject key identifier: 94:52:08:FD:2C:EC:3D:B4:F4:69:3B:76:9B:31:E0:20:83:EB:4F:F9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 12442104C13E8171FB140CDC46C873C0337C0D1E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa
Signing time: Sat 29 Mar 2025 00:01:27 +0000
ROA not before: Sat 29 Mar 2025 00:01:27 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da68:7000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:44:21:04:c1:3e:81:71:fb:14:0c:dc:46:c8:73:c0:33:7c:0d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 29 00:01:27 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ad:75:c0:c2:5b:d6:6b:c4:64:56:4c:18:05:
3f:9f:ef:ee:73:38:24:f5:5d:25:77:a3:59:5a:23:
66:ed:b0:35:cb:89:52:7c:65:de:bc:ab:72:4d:07:
b3:59:c9:72:f8:cb:6c:11:f2:04:0c:8f:c4:4c:e0:
a0:48:bf:cb:3a:f4:a1:81:7c:aa:02:89:65:0b:9d:
5a:61:14:24:2a:08:fd:11:13:53:6c:3f:4e:60:fa:
56:e8:29:c4:98:2a:a0:64:84:4a:80:ff:cd:d5:f0:
66:60:ea:da:c7:c6:9c:be:02:dc:44:5f:e5:2c:df:
11:a2:02:a5:9c:2d:03:db:a5:ab:28:37:9d:f9:92:
22:32:fa:20:8d:b2:70:28:93:8e:90:97:5f:67:49:
36:22:95:be:6b:fd:be:f6:47:ac:ef:f6:06:24:c0:
e7:68:e1:2a:b3:05:9a:d3:5a:18:cf:a9:f1:f0:13:
56:6f:0e:56:94:9a:c7:4b:c4:00:13:fc:c9:08:76:
37:85:eb:29:9c:40:cb:d9:33:d2:c0:b1:81:81:bc:
42:86:cc:cd:d5:11:2f:86:08:f0:da:9e:07:43:7f:
fb:58:f2:79:c7:5b:83:ef:e3:2e:f0:f6:f4:8c:79:
82:80:79:81:c3:30:ed:7b:c9:99:f2:a4:ef:bf:8a:
1b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:52:08:FD:2C:EC:3D:B4:F4:69:3B:76:9B:31:E0:20:83:EB:4F:F9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da68:7000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:47:a3:cd:71:84:2b:b7:4f:9f:e1:a0:c2:4f:17:5f:49:78:
b7:5a:94:5a:70:0b:ae:99:04:6d:19:5f:50:a4:b9:4d:99:1f:
b8:6b:9e:32:e6:c0:07:ac:2a:26:f3:63:a1:b7:db:2d:c7:16:
1d:27:88:98:d7:da:be:71:67:a6:df:97:44:ac:fd:31:6b:97:
62:25:d4:ad:2c:84:2f:13:a9:2d:db:05:de:32:c5:49:cd:fc:
fb:87:38:a3:f5:97:bf:6a:fd:85:f8:da:b3:fb:04:5f:74:c8:
f8:2b:3a:d9:f1:dc:54:2a:10:ca:1b:0a:16:86:db:05:a6:a8:
7f:84:22:d8:e0:3b:d5:a1:5e:15:16:a4:d3:33:2e:2c:2b:a5:
60:0d:32:23:47:b9:eb:d9:6a:73:da:e2:d4:b7:6a:c6:9f:2b:
ab:93:3c:8f:6e:62:46:b6:ae:fa:fa:90:ee:b0:68:f3:2d:fb:
76:21:7b:77:ab:97:a2:43:06:01:e4:db:5b:b8:f9:8a:ed:64:
8a:4b:54:d8:2b:9c:24:ea:a6:57:e7:47:e3:ec:38:46:09:b2:
03:97:f2:88:4d:3f:35:06:56:03:6d:68:43:19:2f:d9:c9:76:
17:e3:43:f0:e1:be:e7:80:88:d3:24:a9:7e:5d:81:60:f6:5c:
58:7d:e7:27
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEkQhBME+gXH7FAzcRshzwDN8DR4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDEyN1oX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNANWU0MTJmZjhkZmYxYzQ4ZDRhNzNl
ZjM1MTZhMzNkYTA5ZGQwYWUwNThkZTlhY2MyNmIxZWVhZmY5M2QwZDI0YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua11wMJb1mvEZFZMGAU/n+/uczgk
9V0ld6NZWiNm7bA1y4lSfGXevKtyTQezWcly+MtsEfIEDI/ETOCgSL/LOvShgXyq
AollC51aYRQkKgj9ERNTbD9OYPpW6CnEmCqgZIRKgP/N1fBmYOrax8acvgLcRF/l
LN8RogKlnC0D26WrKDed+ZIiMvogjbJwKJOOkJdfZ0k2IpW+a/2+9kes7/YGJMDn
aOEqswWa01oYz6nx8BNWbw5WlJrHS8QAE/zJCHY3hespnEDL2TPSwLGBgbxChszN
1REvhgjw2p4HQ3/7WPJ5x1uD7+Mu8Pb0jHmCgHmBwzDte8mZ8qTvv4obvwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJRSCP0s7D209Gk7dpsx4CCD60/5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRhNzViMmE3LTE1ZTUtNDUwMS1hYWFmLTQ3MzdhNjc4ZDk5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaHAwDQYJKoZIhvcNAQELBQADggEBAI9Ho81xhCu3T5/hoMJP
F19JeLdalFpwC66ZBG0ZX1CkuU2ZH7hrnjLmwAesKibzY6G32y3HFh0niJjX2r5x
Z6bfl0Ss/TFrl2Il1K0shC8TqS3bBd4yxUnN/PuHOKP1l79q/YX42rP7BF90yPgr
Otnx3FQqEMobChaG2wWmqH+EItjgO9WhXhUWpNMzLiwrpWANMiNHuevZanPa4tS3
asafK6uTPI9uYka2rvr6kO6waPMt+3Yhe3erl6JDBgHk21u4+YrtZIpLVNgrnCTq
plfnR+PsOEYJsgOX8ohNPzUGVgNtaEMZL9nJdhfjQ/DhvueAiNMkqX5dgWD2XFh9
5yc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:27:46 2025 by rpki-client