Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa
File: 519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa (raw, json)
Hash identifier: bN0Hjtfk//+hBPSMW/uQop1T0FNMY4IrGOgEyD73Sb0=
Subject key identifier: A2:65:23:41:88:A0:C8:62:73:7C:E4:30:C7:29:76:86:54:38:D9:4D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6E8DAC50B04B75D1E98270DBEAA83B1FA669A4DC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa
Signing time: Tue 25 Mar 2025 16:10:23 +0000
ROA not before: Tue 25 Mar 2025 16:10:23 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daa0:e000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:8d:ac:50:b0:4b:75:d1:e9:82:70:db:ea:a8:3b:1f:a6:69:a4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 25 16:10:23 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:49:a7:4d:d8:c8:18:d7:5d:07:78:f3:fb:19:
64:2c:d4:fa:1c:0d:c9:0a:33:5a:97:bc:66:ce:43:
32:76:ec:45:5f:be:00:93:10:ba:85:95:7e:df:9f:
c8:c5:34:8b:28:6a:06:7e:95:1a:ef:f9:fa:a6:1e:
d3:79:33:58:dc:a8:8c:39:fc:e5:ff:aa:32:60:e1:
cc:34:fb:4c:5a:b9:e5:5b:93:7d:6e:ee:22:68:f3:
11:0d:f4:4e:c9:ac:f1:90:75:ab:7d:58:a1:96:1b:
e0:1a:bc:da:ed:bc:fa:eb:33:bd:bb:c6:18:ec:a9:
8e:31:85:e1:6b:c8:de:12:19:fe:05:b9:1a:c4:bb:
3d:4a:12:92:a6:2f:6e:99:d3:78:ba:cf:9e:d5:d9:
a6:9e:f8:7a:78:75:1c:da:09:98:4c:11:d4:2d:d7:
97:b1:b7:07:20:e6:a1:3e:a5:5c:4a:5c:5f:ca:74:
d0:60:16:d4:5f:a6:0c:97:47:0a:99:10:62:e7:40:
8f:66:9b:cc:00:de:1c:27:80:24:c1:17:7c:07:86:
9d:9d:a8:ce:3e:d2:0b:7a:4b:96:e4:d8:d6:55:7a:
49:fb:fc:9b:d0:2c:87:83:c7:44:c5:13:81:d9:e2:
fc:06:fa:1a:19:6d:48:6f:69:02:27:af:af:2d:ad:
5f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:65:23:41:88:A0:C8:62:73:7C:E4:30:C7:29:76:86:54:38:D9:4D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daa0:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:4b:33:d5:8f:06:4a:c9:aa:97:11:87:74:2f:24:fd:d2:bd:
24:91:30:5e:b0:45:72:89:e1:4e:77:28:be:96:c6:29:c4:c7:
4b:e8:84:a7:2f:39:08:4d:1f:d4:0b:99:95:0d:ee:62:3a:69:
08:f3:1b:69:e7:e4:e1:66:62:9a:9e:d1:82:af:db:df:b4:26:
ae:68:34:b3:32:66:12:ad:9b:c0:44:d8:c3:86:cc:8e:ab:67:
03:5e:8d:75:b2:de:25:c2:81:2d:17:73:7c:a5:21:33:4e:28:
e1:8c:ff:09:c4:d7:bf:d3:f7:f1:c8:37:00:af:76:a2:92:0a:
76:f8:bd:61:2c:49:50:07:92:df:8b:2f:bd:9b:92:cb:fc:83:
f3:c7:06:19:49:5b:b3:8d:a7:65:25:6e:1b:0c:d0:5c:67:f8:
e3:ce:de:fd:6a:cb:5b:e3:9e:80:15:91:df:75:6a:7a:e9:31:
a0:16:92:f7:ac:ea:b9:17:03:35:8f:25:ed:e4:92:ef:11:b7:
45:aa:77:d8:e0:55:4b:1e:15:e9:7f:52:0a:60:5e:c2:db:18:
27:1a:d4:fe:af:e5:98:d2:e5:49:2f:c3:8a:f4:3d:0b:33:2f:
93:66:c0:93:73:a8:26:e4:e7:89:94:3b:d4:21:7b:ae:58:51:
e1:75:36:7a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbo2sULBLddHpgnDb6qg7H6ZppNwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MTAyM1oX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMTJhOGZkMTQ3NjAyODUyYmUyZjg3
ODdhYzU3MzkyZWQ1ZTBmNjJlMjNhOTljYmM3MTkyYzE4MTBlNzU3MWNmYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEmnTdjIGNddB3jz+xlkLNT6HA3J
CjNal7xmzkMyduxFX74AkxC6hZV+35/IxTSLKGoGfpUa7/n6ph7TeTNY3KiMOfzl
/6oyYOHMNPtMWrnlW5N9bu4iaPMRDfROyazxkHWrfVihlhvgGrza7bz66zO9u8YY
7KmOMYXha8jeEhn+BbkaxLs9ShKSpi9umdN4us+e1dmmnvh6eHUc2gmYTBHULdeX
sbcHIOahPqVcSlxfynTQYBbUX6YMl0cKmRBi50CPZpvMAN4cJ4AkwRd8B4adnajO
PtILekuW5NjWVXpJ+/yb0CyHg8dExROB2eL8BvoaGW1Ib2kCJ6+vLa1fLQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKJlI0GIoMhic3zkMMcpdoZUONlNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzUxOWYwZTg4LWZhOTAtNGI2MS05NTdkLTU3ZmUxY2MyZjZjMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaoOAwDQYJKoZIhvcNAQELBQADggEBALhLM9WPBkrJqpcRh3Qv
JP3SvSSRMF6wRXKJ4U53KL6WxinEx0vohKcvOQhNH9QLmZUN7mI6aQjzG2nn5OFm
Ypqe0YKv29+0Jq5oNLMyZhKtm8BE2MOGzI6rZwNejXWy3iXCgS0Xc3ylITNOKOGM
/wnE17/T9/HINwCvdqKSCnb4vWEsSVAHkt+LL72bksv8g/PHBhlJW7ONp2UlbhsM
0Fxn+OPO3v1qy1vjnoAVkd91anrpMaAWkves6rkXAzWPJe3kku8Rt0Wqd9jgVUse
Fel/UgpgXsLbGCca1P6v5ZjS5Ukvw4r0PQszL5NmwJNzqCbk54mUO9Qhe65YUeF1
Nno=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:10:50 2025 by rpki-client