Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa
File: 4d0d3d64-afcc-4838-bca0-f7693f145edf.roa (raw, json)
Hash identifier: 72+tZrfXaWKHxQMJWB6zus0c14WQTSNvGfcRTqQRSXM=
Subject key identifier: 61:97:F1:25:CA:30:81:45:D8:DF:29:0A:3C:76:91:9E:3A:F5:23:E4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 78BF76E2FCBE16F8A7FC6EB7D45B0056901FDE17
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa
Signing time: Wed 26 Mar 2025 00:01:07 +0000
ROA not before: Wed 26 Mar 2025 00:01:07 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf1:b000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:bf:76:e2:fc:be:16:f8:a7:fc:6e:b7:d4:5b:00:56:90:1f:de:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:01:07 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:61:f3:77:f3:51:e3:08:05:e7:b4:c5:ff:05:
b5:31:76:75:3e:a4:66:c9:7c:18:1e:a6:c4:07:ec:
09:5f:f4:eb:ab:33:41:4a:05:26:46:6f:6e:5c:82:
c6:66:ce:cc:00:e6:19:47:97:1e:77:e4:88:67:a6:
e3:43:94:d6:ea:0d:17:dc:b7:77:12:30:72:c0:cf:
24:e5:e1:47:b0:c8:55:e9:9b:92:a8:22:93:c5:df:
40:cb:6c:97:3f:97:a0:45:5e:ae:bb:bf:fd:95:fe:
20:f5:93:e8:3d:2a:fe:1c:57:45:9c:ec:f2:db:d9:
6d:35:09:b7:90:9f:f4:66:db:2a:50:b1:f7:d5:9c:
66:b9:b6:c6:f2:ca:e2:7f:03:c3:1a:f6:4c:5b:62:
b0:16:0e:b6:a3:7d:42:cf:0f:72:a5:ae:87:ae:36:
5f:b3:f1:5f:30:ea:3c:22:5d:d4:5b:1b:31:9b:34:
fb:f4:65:af:1b:99:76:91:24:b8:49:6b:0b:4a:09:
66:d4:5f:9a:a4:64:43:db:2b:b8:40:e3:2b:c9:ad:
ba:7c:3f:db:c1:65:34:32:b0:c4:31:05:38:7a:5f:
55:ae:be:0c:8c:e8:35:46:0b:e7:85:e7:6c:2f:d3:
84:5d:a8:54:a3:5c:ff:59:7d:fe:8f:0f:20:84:26:
cb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:97:F1:25:CA:30:81:45:D8:DF:29:0A:3C:76:91:9E:3A:F5:23:E4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf1:b000::/40
Signature Algorithm: sha256WithRSAEncryption
99:71:2c:d0:80:38:ee:cb:d3:8d:4a:04:fd:9e:ca:1f:fb:52:
a7:e3:df:90:71:37:92:ed:2f:b4:6d:1f:51:1e:e3:a2:4b:d6:
5c:bb:c6:b7:ed:a3:dc:db:d8:4b:cd:45:1d:c3:bd:9b:0b:78:
72:72:9a:79:be:eb:44:84:12:f0:4c:31:97:a5:43:e3:cf:74:
dd:6c:2d:37:bd:50:b4:bf:6e:ba:19:46:04:35:b7:6e:08:6e:
25:51:eb:99:1d:77:09:31:01:13:92:60:d7:d2:34:c8:ed:e5:
d4:fe:0b:c0:f0:96:60:5a:7c:9a:1d:91:71:1f:f3:6c:80:ed:
22:0f:64:04:f7:3f:6b:52:45:27:d8:04:e4:1b:58:0e:b5:2a:
6f:00:7d:98:17:56:3d:5e:f8:6a:a2:dd:e8:49:5f:23:2d:99:
55:7a:7a:1c:e5:18:1b:5e:7d:24:ac:df:75:f6:be:57:b7:c6:
87:f1:20:ba:5c:ff:a6:c1:a2:51:f4:fc:f9:f9:f7:f1:4b:f3:
52:90:09:41:99:94:cc:37:9d:25:b5:c9:48:36:51:5e:8a:ae:
c1:49:69:ad:6b:94:71:7e:78:2d:38:e4:f9:9b:09:81:f5:ba:
4a:09:31:af:b8:a5:de:99:f7:37:84:70:08:c0:80:94:13:f9:
9a:a4:da:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUeL924vy+Fvin/G631FsAVpAf3hcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDEwN1oX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAZjJmNGJkZjFjMTkyNzA3ZDg1Njdh
OGNjZDBmYWJlNmNlMzkzMDQyNWU1YzlmZjBjZjIxODUwM2ZjZDRhNzFmMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GHzd/NR4wgF57TF/wW1MXZ1PqRm
yXwYHqbEB+wJX/TrqzNBSgUmRm9uXILGZs7MAOYZR5ced+SIZ6bjQ5TW6g0X3Ld3
EjBywM8k5eFHsMhV6ZuSqCKTxd9Ay2yXP5egRV6uu7/9lf4g9ZPoPSr+HFdFnOzy
29ltNQm3kJ/0ZtsqULH31ZxmubbG8srifwPDGvZMW2KwFg62o31Czw9ypa6HrjZf
s/FfMOo8Il3UWxsxmzT79GWvG5l2kSS4SWsLSglm1F+apGRD2yu4QOMrya26fD/b
wWU0MrDEMQU4el9Vrr4MjOg1RgvnhedsL9OEXahUo1z/WX3+jw8ghCbLkwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGGX8SXKMIFF2N8pCjx2kZ469SPkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRkMGQzZDY0LWFmY2MtNDgzOC1iY2EwLWY3NjkzZjE0NWVkZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8bAwDQYJKoZIhvcNAQELBQADggEBAJlxLNCAOO7L041KBP2e
yh/7Uqfj35BxN5LtL7RtH1Ee46JL1ly7xrfto9zb2EvNRR3DvZsLeHJymnm+60SE
EvBMMZelQ+PPdN1sLTe9ULS/broZRgQ1t24IbiVR65kddwkxAROSYNfSNMjt5dT+
C8DwlmBafJodkXEf82yA7SIPZAT3P2tSRSfYBOQbWA61Km8AfZgXVj1e+Gqi3ehJ
XyMtmVV6ehzlGBtefSSs33X2vle3xofxILpc/6bBolH0/Pn59/FL81KQCUGZlMw3
nSW1yUg2UV6KrsFJaa1rlHF+eC045PmbCYH1ukoJMa+4pd6Z9zeEcAjAgJQT+Zqk
2hU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:09:27 2025 by rpki-client