Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710800d0-a544-4fe9-abd4-369c82fabbb3.roa
File: 710800d0-a544-4fe9-abd4-369c82fabbb3.roa (raw, json)
Hash identifier: oV28oQ9JHrwh0+3SMXoRGIosmznZK8ctxng6QA97Ydk=
Subject key identifier: B6:EA:15:94:00:83:A9:97:7C:44:33:CD:DC:4C:4A:67:57:E7:FF:FE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 16411D74C5521109F7CBDACB025A7AC78C48654D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710800d0-a544-4fe9-abd4-369c82fabbb3.roa
Signing time: Sat 29 Mar 2025 00:01:18 +0000
ROA not before: Sat 29 Mar 2025 00:01:18 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafe:800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:41:1d:74:c5:52:11:09:f7:cb:da:cb:02:5a:7a:c7:8c:48:65:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 29 00:01:18 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ec:07:e0:ca:93:99:cc:93:42:f0:e5:0d:1e:
e2:02:77:b9:e8:0c:a9:4a:d0:d9:95:5f:68:14:3b:
9e:05:62:e0:f0:4c:99:b0:b7:d5:8a:20:f3:ae:06:
da:1d:ae:c3:dc:85:b3:94:45:08:53:0d:16:6a:f9:
3d:06:c2:e6:54:10:e0:1a:03:e3:85:29:35:3e:f9:
90:33:4d:a6:69:8b:70:4c:00:76:0a:f3:30:5e:38:
16:94:03:b7:54:d7:97:63:72:3d:63:77:d2:55:b3:
9f:ea:d8:57:c5:48:a0:3b:5e:8d:35:57:e7:61:2a:
f0:40:3a:26:9a:2e:00:c0:90:51:08:30:14:75:b0:
09:17:f4:73:fe:21:68:9c:47:f6:5d:2c:83:e4:68:
b7:61:2a:3c:47:9b:7a:92:c5:c0:a8:15:a5:eb:6e:
16:49:f0:45:16:50:84:c6:89:15:e4:4e:e0:74:6c:
da:43:b3:aa:43:ca:f8:8d:c6:93:23:39:1e:1c:70:
e5:01:e5:ec:3b:a3:34:7c:fc:21:d1:5e:7f:87:57:
bd:d0:b0:e7:d3:6d:b2:c1:0f:c9:72:7f:a4:ad:39:
29:33:16:6a:bd:3b:da:e8:3d:53:2b:ba:4b:70:62:
d1:ec:71:c7:a2:ad:01:61:06:9d:70:69:00:55:7e:
64:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EA:15:94:00:83:A9:97:7C:44:33:CD:DC:4C:4A:67:57:E7:FF:FE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710800d0-a544-4fe9-abd4-369c82fabbb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafe:800::/40
Signature Algorithm: sha256WithRSAEncryption
5f:cb:ab:1b:03:c3:fa:42:ff:67:42:e1:1d:ba:22:65:e4:3d:
16:72:5f:58:54:d3:4a:f3:b6:50:78:d3:a0:27:f9:aa:d1:fe:
f8:84:27:f4:40:8d:02:be:45:94:ce:cb:26:a2:01:84:e2:4e:
06:57:91:35:92:02:c7:72:91:0f:a3:c6:91:5d:f4:38:58:67:
b6:a5:89:ad:86:6c:41:7c:f6:e2:9b:5b:da:a7:e4:9e:86:be:
c3:49:0a:77:d3:04:37:cf:42:4f:41:cd:43:66:27:dc:3f:6b:
a2:bc:10:91:c9:f6:96:48:4d:4b:0a:2d:06:61:09:59:5e:65:
83:e8:68:02:1a:3d:26:42:a2:5e:03:20:ea:1f:51:97:65:22:
35:7f:88:d6:90:0a:ce:25:fe:ff:25:c2:83:ce:21:85:22:6d:
97:d6:c7:34:ba:cb:81:0e:d4:1f:18:82:c1:11:8c:bd:0c:11:
4e:e6:fc:33:f7:41:03:3a:eb:c7:7a:2e:27:63:53:13:75:8e:
8b:8a:ec:68:98:f9:e9:7d:40:04:97:b8:14:be:d4:5e:4e:60:
98:12:9f:df:13:48:b0:fb:1c:23:e9:97:2c:68:3a:85:96:2b:
a4:05:36:3e:3d:2a:43:17:90:ff:81:2e:ae:4f:1c:b4:82:ea:
52:21:f1:f2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFkEddMVSEQn3y9rLAlp6x4xIZU0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDExOFoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAMGYxZGVhNjNmNTFhMjE3MmI3ODE1
NTE0OTFhMDI3ZmVkYzI3YTI4NmRlM2E4NzYyMDY3NzRjM2Q4NjA3NGE2MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+wH4MqTmcyTQvDlDR7iAne56Ayp
StDZlV9oFDueBWLg8EyZsLfViiDzrgbaHa7D3IWzlEUIUw0Wavk9BsLmVBDgGgPj
hSk1PvmQM02maYtwTAB2CvMwXjgWlAO3VNeXY3I9Y3fSVbOf6thXxUigO16NNVfn
YSrwQDommi4AwJBRCDAUdbAJF/Rz/iFonEf2XSyD5Gi3YSo8R5t6ksXAqBWl624W
SfBFFlCExokV5E7gdGzaQ7OqQ8r4jcaTIzkeHHDlAeXsO6M0fPwh0V5/h1e90LDn
022ywQ/Jcn+krTkpMxZqvTva6D1TK7pLcGLR7HHHoq0BYQadcGkAVX5kLQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLbqFZQAg6mXfEQzzdxMSmdX5//+MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcxMDgwMGQwLWE1NDQtNGZlOS1hYmQ0LTM2OWM4MmZhYmJiMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/ggwDQYJKoZIhvcNAQELBQADggEBAF/LqxsDw/pC/2dC4R26
ImXkPRZyX1hU00rztlB406An+arR/viEJ/RAjQK+RZTOyyaiAYTiTgZXkTWSAsdy
kQ+jxpFd9DhYZ7alia2GbEF89uKbW9qn5J6GvsNJCnfTBDfPQk9BzUNmJ9w/a6K8
EJHJ9pZITUsKLQZhCVleZYPoaAIaPSZCol4DIOofUZdlIjV/iNaQCs4l/v8lwoPO
IYUibZfWxzS6y4EO1B8YgsERjL0MEU7m/DP3QQM668d6LidjUxN1jouK7GiY+el9
QASXuBS+1F5OYJgSn98TSLD7HCPplyxoOoWWK6QFNj49KkMXkP+BLq5PHLSC6lIh
8fI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:07:16 2025 by rpki-client