Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa
File: 4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa (raw, json)
Hash identifier: ttnizs5n5O3WUsQJzLi+HePitWhNbGVfT2MMeZ+2ARk=
Subject key identifier: 1F:00:C2:4B:CD:E3:9A:98:8E:C4:72:07:09:E0:8A:10:19:3E:2E:48
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 14C749059E80393E521710C6B65DF07B7D4D319A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa
Signing time: Sat 29 Mar 2025 00:00:46 +0000
ROA not before: Sat 29 Mar 2025 00:00:46 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafa:c000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:c7:49:05:9e:80:39:3e:52:17:10:c6:b6:5d:f0:7b:7d:4d:31:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 29 00:00:46 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:75:f4:ae:f9:83:1b:03:ed:b8:0d:92:ca:e3:
cd:7e:03:4a:29:b3:f1:77:04:b7:11:e8:6c:3f:98:
de:fe:6f:a0:94:64:d5:90:0b:e3:56:75:af:2a:78:
60:e8:58:42:15:15:52:d4:33:72:a6:80:ac:1c:1e:
e9:02:0f:c5:98:32:c5:5c:be:f0:e2:dd:ad:90:83:
41:24:98:f9:00:dc:45:f8:2d:18:9b:7a:2a:a1:19:
f3:ed:10:2f:b8:dd:fb:37:57:7d:88:85:87:0f:4c:
4e:be:d2:3f:ff:b1:c2:5d:b3:ac:ac:f3:51:73:5c:
3b:ad:94:c1:60:5e:46:f0:ad:b3:7a:57:21:20:bb:
73:0b:6e:f3:a9:ac:69:69:b5:a1:f1:49:7b:d3:f9:
10:fa:37:06:c0:9b:1d:6e:04:8c:a5:25:1a:01:70:
2b:e5:0e:74:24:4f:a7:bb:ee:d6:06:92:f3:cd:e8:
84:fb:2b:86:04:3f:47:a2:e1:23:4b:a9:0e:7f:3f:
88:e6:28:3e:ac:26:ab:e0:2b:99:11:ef:31:b4:56:
b8:8f:ec:8c:4c:b6:a7:e0:44:62:2a:36:35:28:87:
a6:ee:c1:e5:85:4d:c7:b1:10:88:de:3d:e6:32:47:
cd:12:2f:e2:13:9e:bd:ba:fb:b3:13:49:04:5e:a1:
d6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:00:C2:4B:CD:E3:9A:98:8E:C4:72:07:09:E0:8A:10:19:3E:2E:48
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafa:c000::/40
Signature Algorithm: sha256WithRSAEncryption
4f:0f:64:bf:89:7c:61:6c:70:f5:99:5c:51:c7:07:6c:67:76:
e4:a6:22:cb:34:06:0c:ed:b3:e1:9f:6f:40:6b:ef:11:62:d6:
a6:2b:f0:17:ca:b4:88:b1:3d:8d:0b:2b:34:12:b0:d0:90:39:
b3:f2:e1:b4:34:7e:6b:06:3a:c7:60:8f:03:a7:33:74:f1:22:
a7:bc:9e:20:59:ee:2e:f0:16:db:25:3e:7b:4b:0a:62:17:3b:
38:7b:85:0e:3e:b1:9d:45:e5:a9:2e:22:c5:a7:3c:d8:ae:43:
7b:1c:43:9f:21:26:79:d4:86:2a:89:a6:a5:37:61:c6:65:ce:
0c:51:a2:fa:8e:4a:65:62:be:d3:cf:6f:31:93:f5:43:85:cd:
95:12:45:13:93:ee:cb:95:d7:a9:f1:53:dc:f4:a5:cc:33:d9:
a9:ff:eb:67:19:2a:a1:4b:e2:fe:02:37:bc:64:1d:ce:58:c7:
a5:e7:92:cb:7f:1b:82:ff:07:75:f8:3c:84:30:a2:7f:f5:39:
a2:5d:fe:60:f3:9e:db:79:a2:57:57:7e:44:3f:19:9b:f9:09:
72:35:62:f5:a8:d8:26:ff:cc:c0:bd:56:27:54:9b:62:05:9d:
ab:18:5a:9f:f4:62:83:16:cf:54:1d:de:9a:cd:49:e3:77:69:
20:14:44:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFMdJBZ6AOT5SFxDGtl3we31NMZowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDA0NloX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAYzI1ZGI3ZjYwMjM1NjEwNWE0Y2M5
MzQ4NDRmOWE0N2IxMmFiY2IwOTA4NmI3NWI1NGJmNGJhMTk3ZmFjYzAzODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnX0rvmDGwPtuA2SyuPNfgNKKbPx
dwS3EehsP5je/m+glGTVkAvjVnWvKnhg6FhCFRVS1DNypoCsHB7pAg/FmDLFXL7w
4t2tkINBJJj5ANxF+C0Ym3oqoRnz7RAvuN37N1d9iIWHD0xOvtI//7HCXbOsrPNR
c1w7rZTBYF5G8K2zelchILtzC27zqaxpabWh8Ul70/kQ+jcGwJsdbgSMpSUaAXAr
5Q50JE+nu+7WBpLzzeiE+yuGBD9HouEjS6kOfz+I5ig+rCar4CuZEe8xtFa4j+yM
TLan4ERiKjY1KIem7sHlhU3HsRCI3j3mMkfNEi/iE569uvuzE0kEXqHW+wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFB8AwkvN45qYjsRyBwngihAZPi5IMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRlOWJlZWMyLTRkYWItNGYzMS1iMGNiLWFkNmEzYTU3NjFiMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+sAwDQYJKoZIhvcNAQELBQADggEBAE8PZL+JfGFscPWZXFHH
B2xnduSmIss0Bgzts+Gfb0Br7xFi1qYr8BfKtIixPY0LKzQSsNCQObPy4bQ0fmsG
OsdgjwOnM3TxIqe8niBZ7i7wFtslPntLCmIXOzh7hQ4+sZ1F5akuIsWnPNiuQ3sc
Q58hJnnUhiqJpqU3YcZlzgxRovqOSmVivtPPbzGT9UOFzZUSRROT7suV16nxU9z0
pcwz2an/62cZKqFL4v4CN7xkHc5Yx6Xnkst/G4L/B3X4PIQwon/1OaJd/mDzntt5
oldXfkQ/GZv5CXI1YvWo2Cb/zMC9VidUm2IFnasYWp/0YoMWz1Qd3prNSeN3aSAU
RIQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:31 2025 by rpki-client