Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa
File: 71870024-8ed4-4150-a104-52f4b8c56809.roa (raw, json)
Hash identifier: d1NxepIX9ALULGcOW5NFHUF9PgBHwCtQI/a+xxXwMpM=
Subject key identifier: 62:DE:EA:37:50:18:88:26:87:DA:13:9F:34:7A:F5:A3:41:20:B9:C8
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0C36F92BB47CB1E058BF920F8646D46ABC411AC8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa
Signing time: Mon 17 Mar 2025 15:00:10 +0000
ROA not before: Mon 17 Mar 2025 15:00:10 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:36:f9:2b:b4:7c:b1:e0:58:bf:92:0f:86:46:d4:6a:bc:41:1a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 17 15:00:10 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:04:57:4c:bd:f3:8f:91:fe:4a:0c:01:c9:42:
25:09:1a:2f:85:8c:08:1e:ab:dc:21:bf:15:6a:a0:
9a:09:e3:a7:8e:28:b1:b3:38:d6:86:02:00:93:53:
39:01:ce:67:10:34:6f:e8:72:23:8c:4a:f2:c3:d6:
dd:98:b9:fb:73:fa:b0:b2:ef:ad:49:fc:07:6f:42:
ef:58:6f:e3:20:d2:a3:5b:4f:7d:d2:81:07:b0:ba:
8c:e3:fb:83:92:2f:bc:4f:b5:a0:ab:9d:ac:24:b1:
e3:eb:c2:d8:49:47:90:20:96:3b:12:e0:1e:03:2d:
c2:e8:08:8a:eb:69:55:c8:31:41:f2:18:42:34:be:
75:b7:f4:7e:65:18:16:c0:45:6c:62:2b:6c:4a:94:
76:00:21:59:69:d5:6f:64:78:88:0c:f4:1b:81:37:
d8:9f:92:84:c4:93:33:3a:d4:33:34:91:84:22:1f:
3b:f9:83:7a:c2:fa:39:bb:aa:2a:27:23:a0:e1:4f:
b3:02:1e:3a:bd:6f:a0:1f:b0:76:c0:56:a7:61:e5:
8b:f9:3a:c1:67:fa:60:04:7c:05:79:e3:d3:4b:46:
46:41:d2:8e:98:ff:ae:6b:a2:ec:35:3c:6a:4d:f5:
09:2e:34:5b:c1:e0:ce:1c:c1:d7:7e:67:59:a7:cc:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DE:EA:37:50:18:88:26:87:DA:13:9F:34:7A:F5:A3:41:20:B9:C8
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8:2000::/40
Signature Algorithm: sha256WithRSAEncryption
90:83:69:7d:94:2b:c8:7e:9d:7e:c8:1e:87:fd:c6:c8:64:e3:
1b:ae:65:9b:a0:ac:28:2b:8a:0a:01:db:ec:6c:66:01:65:27:
5d:66:8b:c9:98:e1:28:64:6e:ba:92:f4:e5:14:e6:9e:30:71:
1a:d6:62:bf:e1:25:5e:b9:f3:ca:c8:63:71:7f:8b:c5:6c:03:
56:17:4d:ee:47:27:2a:ff:c4:bb:f4:2c:13:c7:a2:d6:9b:50:
48:66:29:62:45:95:e7:36:e3:77:c6:35:4f:92:b3:0b:4e:5d:
4c:77:45:84:f9:13:f5:9f:a1:34:fa:84:6b:c0:18:d0:50:4e:
76:72:a3:61:22:a7:48:39:20:13:83:b1:ba:3b:0f:b2:26:9d:
ee:f4:fd:20:53:11:59:b4:a9:11:6d:85:94:fd:67:c4:fc:b9:
0d:4b:7a:b5:aa:34:60:2d:e3:08:8b:c3:93:b4:37:1a:47:6e:
84:49:5b:32:75:38:77:2f:ce:08:8d:ac:7b:7e:76:f1:71:8a:
ea:cd:66:05:d8:65:55:fc:c7:27:5c:93:d1:2b:df:5b:9a:0d:
77:00:30:09:bc:3a:28:83:e6:d0:ef:e1:43:59:1f:8d:99:84:
d5:53:f3:41:3a:e5:90:e3:9a:da:03:55:5f:5d:96:8e:cd:e2:
e5:c3:d0:01
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUDDb5K7R8seBYv5IPhkbUarxBGsgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxNzE1MDAxMFoX
DTI1MDQyMTIzNTk1OVowejFJMEcGA1UEBRNANmU2ZDcxNjRiMDVlN2IyYWJkM2E0
ZWNlNjRiY2M4ODhmNWYwOTFmYTQyZjg3YzEyNzBlMmNmOWYzODgyNDkxMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugRXTL3zj5H+SgwByUIlCRovhYwI
HqvcIb8VaqCaCeOnjiixszjWhgIAk1M5Ac5nEDRv6HIjjEryw9bdmLn7c/qwsu+t
SfwHb0LvWG/jINKjW0990oEHsLqM4/uDki+8T7Wgq52sJLHj68LYSUeQIJY7EuAe
Ay3C6AiK62lVyDFB8hhCNL51t/R+ZRgWwEVsYitsSpR2ACFZadVvZHiIDPQbgTfY
n5KExJMzOtQzNJGEIh87+YN6wvo5u6oqJyOg4U+zAh46vW+gH7B2wFanYeWL+TrB
Z/pgBHwFeePTS0ZGQdKOmP+ua6LsNTxqTfUJLjRbweDOHMHXfmdZp8yWpwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGLe6jdQGIgmh9oTnzR69aNBILnIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcxODcwMDI0LThlZDQtNDE1MC1hMTA0LTUyZjRiOGM1NjgwOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauCAwDQYJKoZIhvcNAQELBQADggEBAJCDaX2UK8h+nX7IHof9
xshk4xuuZZugrCgrigoB2+xsZgFlJ11mi8mY4ShkbrqS9OUU5p4wcRrWYr/hJV65
88rIY3F/i8VsA1YXTe5HJyr/xLv0LBPHotabUEhmKWJFlec243fGNU+SswtOXUx3
RYT5E/WfoTT6hGvAGNBQTnZyo2Eip0g5IBODsbo7D7Imne70/SBTEVm0qRFthZT9
Z8T8uQ1LerWqNGAt4wiLw5O0NxpHboRJWzJ1OHcvzgiNrHt+dvFxiurNZgXYZVX8
xydck9Er31uaDXcAMAm8OiiD5tDv4UNZH42ZhNVT80E65ZDjmtoDVV9dlo7N4uXD
0AE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:11:56 2025 by rpki-client