Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa
File: 743b890a-7e61-4b72-82d0-b83a580809c5.roa (raw, json)
Hash identifier: 9olokdDcZx14UrcTyX9rNPD6VMK1k51Gvl1gGPD2CVw=
Subject key identifier: 94:EC:65:5E:9C:0B:D1:FB:A7:6A:13:30:FF:CD:38:34:FA:ED:75:BF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 41B4C355F24B79941E39484063C045422FB8DFBE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa
Signing time: Sat 08 Mar 2025 00:00:12 +0000
ROA not before: Sat 08 Mar 2025 00:00:12 +0000
ROA not after: Sat 12 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2406:daef:8800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:b4:c3:55:f2:4b:79:94:1e:39:48:40:63:c0:45:42:2f:b8:df:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 8 00:00:12 2025 GMT
Not After : Apr 12 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:75:bf:ef:4a:ee:5d:b6:fe:ec:26:f8:e3:
b8:82:96:47:c5:5d:13:00:27:66:76:21:72:b7:bf:
2e:13:4d:64:03:37:57:51:7a:f8:ca:e6:35:62:56:
f5:ac:97:13:84:9b:12:a0:0c:a0:c1:f8:fb:a1:9a:
cf:0a:23:f1:db:05:f2:2b:ee:9f:6f:54:06:e4:69:
b0:d1:a9:8a:9a:c0:a4:7a:7a:b7:ed:95:e0:8f:fd:
dd:6d:65:4d:2f:08:1a:bc:38:fa:dd:6d:af:43:37:
3f:55:e7:20:78:07:04:aa:0a:5c:98:cf:66:fb:e7:
54:09:fe:c7:58:cb:e3:01:d9:48:cf:80:6b:0d:55:
e1:6a:75:94:ba:4c:bf:d3:16:ce:3c:c1:88:f7:4e:
23:93:95:02:8f:49:be:0f:c9:b4:8b:24:16:a8:ed:
14:d7:51:f9:dd:dc:b2:32:f3:cf:73:1b:8b:a0:7e:
4a:d8:8b:c5:ac:f3:09:e1:bf:cf:7a:7a:9a:36:ff:
d3:e5:7e:c0:29:c6:1c:fb:4d:0d:60:57:91:95:f5:
d1:aa:6a:56:0e:26:6e:ba:03:8d:cc:91:89:95:3f:
14:68:ed:1e:3e:5a:06:bb:73:2d:a5:df:ac:d4:4c:
75:1e:64:af:b1:db:77:93:2f:1d:ee:e5:ba:ab:8f:
76:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EC:65:5E:9C:0B:D1:FB:A7:6A:13:30:FF:CD:38:34:FA:ED:75:BF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daef:8800::/40
Signature Algorithm: sha256WithRSAEncryption
21:55:86:40:5d:2a:1c:c6:d3:70:cf:c9:b3:50:2f:b9:6f:28:
87:8e:97:fb:23:39:9e:62:25:bf:0e:2f:36:50:cd:5a:ec:3f:
83:39:00:1d:92:a6:ab:bd:b0:25:30:95:1d:bd:2b:4c:93:1b:
4b:9f:42:91:4e:64:d9:2d:30:40:fd:84:4a:55:2a:5a:87:81:
3c:64:dc:05:f2:d1:39:a1:3d:65:2a:8f:88:d3:dd:20:87:c2:
9b:09:71:e3:ef:71:ec:55:86:ec:eb:23:da:18:83:8b:c7:da:
6e:37:77:02:45:a2:6d:9b:74:b9:c8:7b:b0:6c:4d:d1:ff:d4:
fe:06:18:bb:14:7b:54:82:88:3a:e9:38:ee:eb:53:54:ac:07:
6c:66:d7:a8:97:4a:54:b1:f6:e7:50:c3:e7:55:bb:65:f3:9c:
80:4e:c2:38:fa:9a:c2:c5:f7:77:15:71:b2:bb:57:c3:01:ac:
e5:f1:80:67:ca:96:35:a7:a4:cd:26:a8:5a:cd:4f:9b:fa:b3:
0a:46:b2:e3:6a:68:94:19:06:3c:b0:4d:ca:0a:26:08:d0:48:
90:96:41:f6:2d:f0:24:9a:02:93:cd:02:ec:26:3d:6a:eb:82:
ef:a9:e1:9a:15:a1:39:b1:e2:3c:2c:89:9d:f5:da:0e:ed:f3:
e6:3a:7d:f1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQbTDVfJLeZQeOUhAY8BFQi+4374wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMwODAwMDAxMloX
DTI1MDQxMjIzNTk1OVowejFJMEcGA1UEBRNANDFkMzdiNTE5NDk5ZGQ5YzFlNTIy
YWVkOWJkZDAzYzNjOGQwNzE4NGFiY2JlNTE4OWE2NDhmMzc4MWFjYWQxZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn91v+9K7l22/uwm+OO4gpZHxV0T
ACdmdiFyt78uE01kAzdXUXr4yuY1Ylb1rJcThJsSoAygwfj7oZrPCiPx2wXyK+6f
b1QG5Gmw0amKmsCkenq37ZXgj/3dbWVNLwgavDj63W2vQzc/VecgeAcEqgpcmM9m
++dUCf7HWMvjAdlIz4BrDVXhanWUuky/0xbOPMGI904jk5UCj0m+D8m0iyQWqO0U
11H53dyyMvPPcxuLoH5K2IvFrPMJ4b/PenqaNv/T5X7AKcYc+00NYFeRlfXRqmpW
DiZuugONzJGJlT8UaO0ePloGu3Mtpd+s1Ex1HmSvsdt3ky8d7uW6q492nQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJTsZV6cC9H7p2oTMP/NODT67XW/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc0M2I4OTBhLTdlNjEtNGI3Mi04MmQwLWI4M2E1ODA4MDljNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBACFVhkBdKhzG03DPybNQ
L7lvKIeOl/sjOZ5iJb8OLzZQzVrsP4M5AB2Spqu9sCUwlR29K0yTG0ufQpFOZNkt
MED9hEpVKlqHgTxk3AXy0TmhPWUqj4jT3SCHwpsJcePvcexVhuzrI9oYg4vH2m43
dwJFom2bdLnIe7BsTdH/1P4GGLsUe1SCiDrpOO7rU1SsB2xm16iXSlSx9udQw+dV
u2XznIBOwjj6msLF93cVcbK7V8MBrOXxgGfKljWnpM0mqFrNT5v6swpGsuNqaJQZ
BjywTcoKJgjQSJCWQfYt8CSaApPNAuwmPWrrgu+p4ZoVoTmx4jwsiZ312g7t8+Y6
ffE=
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:39:13 2025 by rpki-client