Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8365874a-8942-43e0-936f-a46d8c331aa2.roa
File: 8365874a-8942-43e0-936f-a46d8c331aa2.roa (raw, json)
Hash identifier: sTunp5eCqwwCNEsoR/82jxP5/LoNQnnUpl+dUvCWiYk=
Subject key identifier: DE:B0:7C:95:15:53:DA:30:49:C0:0B:FD:8D:B5:1F:0B:1D:D7:83:F3
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2175AC0C58B2D2EBEE924A3B77E3FDEE846A1F26
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8365874a-8942-43e0-936f-a46d8c331aa2.roa
Signing time: Fri 28 Mar 2025 00:00:19 +0000
ROA not before: Fri 28 Mar 2025 00:00:19 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daee:8800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:75:ac:0c:58:b2:d2:eb:ee:92:4a:3b:77:e3:fd:ee:84:6a:1f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 28 00:00:19 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:26:08:51:05:f2:f4:65:df:29:5d:78:df:
a3:43:bb:12:f9:c8:84:fa:86:a6:54:c3:69:c8:18:
8c:cd:4e:f8:73:b4:67:38:02:12:45:ca:ad:13:9c:
73:7a:38:3a:4c:96:32:7d:26:6f:f5:98:eb:6f:fa:
50:ab:e4:27:d7:0d:c0:64:f9:48:9f:66:e5:96:e5:
45:ae:71:27:e9:f2:8e:48:73:86:07:60:c1:88:96:
d8:93:66:86:9a:fa:80:01:7c:83:34:7f:ee:eb:10:
a9:1b:0d:63:20:8d:b3:83:1a:7c:80:e0:5f:ab:7c:
fd:18:0c:08:a5:f3:0e:96:1c:ea:a7:f9:a3:0e:b1:
a0:e4:1c:c4:68:52:10:36:28:a3:5c:81:b8:3d:e7:
2b:00:bb:12:c0:f8:a7:73:f0:c3:33:aa:35:2e:8e:
28:61:5f:75:02:c2:66:cd:b3:e0:88:10:8e:bf:52:
da:6e:27:b9:e3:81:e7:07:07:c6:75:b8:18:55:27:
8b:b7:b6:7a:7a:71:b9:4d:f2:e8:71:42:31:6e:bd:
ba:c7:ed:cd:af:7a:0f:ae:ca:ae:5b:35:8f:41:24:
34:39:d0:e2:2e:e0:c6:9e:08:54:94:d6:f0:b1:63:
0c:80:ea:1c:dd:26:f3:d9:c1:9b:75:ce:10:26:69:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B0:7C:95:15:53:DA:30:49:C0:0B:FD:8D:B5:1F:0B:1D:D7:83:F3
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8365874a-8942-43e0-936f-a46d8c331aa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daee:8800::/40
Signature Algorithm: sha256WithRSAEncryption
2c:54:a7:71:c7:85:a3:db:06:b5:be:74:ff:86:38:95:93:eb:
d0:ea:31:14:d3:ab:98:a6:ad:b0:f0:21:4a:22:a3:47:b0:36:
d8:92:09:45:23:33:f2:b5:2e:14:6a:9a:b7:cd:86:fc:3e:95:
9b:48:be:5a:5d:64:16:0a:d8:d1:f4:3f:d3:b5:53:f2:f8:b1:
2c:e3:e5:16:db:c1:ad:15:6d:d4:97:cf:df:6e:f3:b5:8c:76:
27:35:a9:c2:25:b6:de:5f:d6:c9:a0:d0:9f:86:db:b7:f2:67:
5f:a7:44:af:74:29:f1:07:bf:c8:64:5e:b4:74:bc:33:26:e7:
ac:0b:c6:e2:80:06:7f:0e:c5:99:83:a8:32:ea:1d:0a:1b:00:
42:97:91:3f:28:b7:fb:7a:54:44:6d:01:3e:dc:ff:95:ac:0f:
d0:0f:5c:8d:53:ed:f3:90:af:f8:ee:5f:27:94:93:21:9a:23:
fb:8f:91:89:15:74:ab:48:c0:48:bc:60:05:09:ab:0a:af:a6:
9b:47:68:f0:02:07:85:6c:b1:69:43:32:d3:f2:56:58:80:7f:
9f:20:08:75:e5:9c:63:16:2a:aa:ac:ea:02:14:2a:22:5d:72:
e7:e1:2e:85:b4:d7:f8:1e:b2:cd:05:be:50:c7:6b:f7:15:ef:
37:91:6c:16
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUIXWsDFiy0uvukko7d+P97oRqHyYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyODAwMDAxOVoX
DTI1MDUwMjIzNTk1OVowejFJMEcGA1UEBRNAMWI2ZmM0MTk0Nzk5Yzk3NjFiNjE3
NjVlZDJkZDkxZTE1MmM2MGE2ZTFmZDY0ZjA3ZjhmNmFjNzBkN2NjNTk1NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorImCFEF8vRl3yldeN+jQ7sS+ciE
+oamVMNpyBiMzU74c7RnOAISRcqtE5xzejg6TJYyfSZv9Zjrb/pQq+Qn1w3AZPlI
n2blluVFrnEn6fKOSHOGB2DBiJbYk2aGmvqAAXyDNH/u6xCpGw1jII2zgxp8gOBf
q3z9GAwIpfMOlhzqp/mjDrGg5BzEaFIQNiijXIG4PecrALsSwPinc/DDM6o1Lo4o
YV91AsJmzbPgiBCOv1Labie544HnBwfGdbgYVSeLt7Z6enG5TfLocUIxbr26x+3N
r3oPrsquWzWPQSQ0OdDiLuDGnghUlNbwsWMMgOoc3Sbz2cGbdc4QJmkVZQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFN6wfJUVU9owScAL/Y21Hwsd14PzMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgzNjU4NzRhLTg5NDItNDNlMC05MzZmLWE0NmQ4YzMzMWFhMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7ogwDQYJKoZIhvcNAQELBQADggEBACxUp3HHhaPbBrW+dP+G
OJWT69DqMRTTq5imrbDwIUoio0ewNtiSCUUjM/K1LhRqmrfNhvw+lZtIvlpdZBYK
2NH0P9O1U/L4sSzj5Rbbwa0VbdSXz99u87WMdic1qcIltt5f1smg0J+G27fyZ1+n
RK90KfEHv8hkXrR0vDMm56wLxuKABn8OxZmDqDLqHQobAEKXkT8ot/t6VERtAT7c
/5WsD9APXI1T7fOQr/juXyeUkyGaI/uPkYkVdKtIwEi8YAUJqwqvpptHaPACB4Vs
sWlDMtPyVliAf58gCHXlnGMWKqqs6gIUKiJdcufhLoW01/gess0FvlDHa/cV7zeR
bBY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:14:48 2025 by rpki-client