Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa
File: 830802a5-d8f4-4fa8-945f-86772db3ed31.roa (raw, json)
Hash identifier: 66GuVPNZNgSV/eSjzNycQDbd6G4ol/NCQespkliDyv4=
Subject key identifier: B1:93:DD:AF:1F:89:6D:10:D0:CE:70:02:4B:ED:D4:F2:C5:D6:D9:17
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 51739E8F9082DFB05EDEB96835C24507E4D5B0C5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa
Signing time: Fri 21 Mar 2025 00:00:19 +0000
ROA not before: Fri 21 Mar 2025 00:00:19 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:f000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:73:9e:8f:90:82:df:b0:5e:de:b9:68:35:c2:45:07:e4:d5:b0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 21 00:00:19 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:2d:8a:75:be:7e:39:f4:dd:60:28:30:3f:
89:70:61:5b:a5:56:f5:74:cc:e9:21:73:29:24:bf:
5e:09:26:9f:59:bd:35:f4:d5:3d:78:8c:7b:5b:d1:
6c:43:d7:c7:f1:9e:55:84:d2:57:63:6a:6b:ce:55:
84:ae:77:92:3b:27:15:3d:e7:69:64:2b:1d:7e:8b:
3c:a7:60:93:67:0b:3e:97:00:8e:92:56:68:b8:ef:
cb:02:dc:7c:5d:8c:a9:c7:18:bf:f3:62:31:ba:32:
25:4c:54:7c:98:da:79:0a:59:e0:95:20:8e:4a:fa:
8d:b1:0c:bd:a7:20:72:28:9b:f9:bf:73:7d:52:ff:
0f:21:5b:9c:14:81:f6:94:05:29:99:e1:ed:d4:9a:
0e:cd:d2:b5:1f:db:b5:b2:3a:81:4b:a2:72:79:33:
cc:9a:50:85:15:ed:fc:88:3a:ca:1c:68:f2:05:80:
0f:6e:65:35:a3:39:ed:78:5b:a7:28:56:54:be:c2:
ae:06:99:d0:66:07:5a:fd:de:41:16:7c:f9:5a:57:
4e:c4:0f:87:17:79:00:95:ff:85:1e:fb:13:ea:86:
d8:ab:57:29:fb:d4:b9:3f:21:72:1b:8f:49:6a:42:
ba:60:11:b3:70:21:4f:93:60:66:2b:d0:de:48:e0:
1b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:93:DD:AF:1F:89:6D:10:D0:CE:70:02:4B:ED:D4:F2:C5:D6:D9:17
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:f000::/40
Signature Algorithm: sha256WithRSAEncryption
18:a7:30:7b:1a:91:97:dd:1d:29:e6:5c:1a:5d:e9:d3:43:e2:
71:db:fd:4d:e4:b7:38:d1:6c:8d:95:e1:85:0a:1c:18:6a:f1:
76:d0:a9:f2:a7:b1:f3:ad:fa:a2:df:9a:9a:72:b9:ce:78:5b:
9b:88:13:a2:05:66:90:95:98:20:5d:c9:62:72:2f:ec:a2:06:
50:c8:25:30:7a:9a:da:85:2a:c7:c7:25:ed:4b:be:58:96:59:
bd:21:ce:75:50:98:06:81:1f:58:29:0b:be:5f:6e:e4:bf:80:
f9:51:7a:c8:41:c0:73:a4:17:79:71:ca:52:b1:13:c1:be:8b:
9e:4b:da:05:72:d1:9a:62:d1:04:76:b6:76:d7:9c:85:25:f4:
2d:1a:07:8f:24:ee:1d:81:d9:54:58:ef:6e:47:72:c8:0c:97:
52:3a:44:2c:16:ae:30:37:de:8d:c7:f1:0b:97:6d:06:b7:12:
5c:a4:94:27:84:d1:d3:e3:97:2c:ca:8a:1c:cb:5b:03:76:84:
fc:ab:2f:9a:73:c8:20:db:57:7c:8e:de:21:f5:44:5f:7d:83:
03:48:72:a4:04:10:1f:ef:87:ad:53:7d:a2:f9:18:ac:18:e8:
52:3a:09:43:4d:fb:47:60:0c:75:15:8f:72:f9:b3:ab:81:01:
d0:03:11:1b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUXOej5CC37Be3rloNcJFB+TVsMUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMTAwMDAxOVoX
DTI1MDQyNTIzNTk1OVowejFJMEcGA1UEBRNANTAxZDk1ZTRkMjIwZDZkNjNkMTU4
Y2JjYmI0MDBhYjRiZmFhMTMyNzI5YTc0NDFkNjk1MmEzZTY0YTI4YTA1ZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/8tinW+fjn03WAoMD+JcGFbpVb1
dMzpIXMpJL9eCSafWb019NU9eIx7W9FsQ9fH8Z5VhNJXY2przlWErneSOycVPedp
ZCsdfos8p2CTZws+lwCOklZouO/LAtx8XYypxxi/82IxujIlTFR8mNp5ClnglSCO
SvqNsQy9pyByKJv5v3N9Uv8PIVucFIH2lAUpmeHt1JoOzdK1H9u1sjqBS6JyeTPM
mlCFFe38iDrKHGjyBYAPbmU1oznteFunKFZUvsKuBpnQZgda/d5BFnz5WldOxA+H
F3kAlf+FHvsT6obYq1cp+9S5PyFyG49JakK6YBGzcCFPk2BmK9DeSOAbJwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLGT3a8fiW0Q0M5wAkvt1PLF1tkXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgzMDgwMmE1LWQ4ZjQtNGZhOC05NDVmLTg2NzcyZGIzZWQzMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYPAwDQYJKoZIhvcNAQELBQADggEBABinMHsakZfdHSnmXBpd
6dND4nHb/U3ktzjRbI2V4YUKHBhq8XbQqfKnsfOt+qLfmppyuc54W5uIE6IFZpCV
mCBdyWJyL+yiBlDIJTB6mtqFKsfHJe1LvliWWb0hznVQmAaBH1gpC75fbuS/gPlR
eshBwHOkF3lxylKxE8G+i55L2gVy0Zpi0QR2tnbXnIUl9C0aB48k7h2B2VRY725H
csgMl1I6RCwWrjA33o3H8QuXbQa3ElyklCeE0dPjlyzKihzLWwN2hPyrL5pzyCDb
V3yO3iH1RF99gwNIcqQEEB/vh61TfaL5GKwY6FI6CUNN+0dgDHUVj3L5s6uBAdAD
ERs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:04:07 2025 by rpki-client