Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa
File: 906d1094-02f1-42d9-b22e-24f2ee4caa70.roa (raw, json)
Hash identifier: Fdp0OIYVY4qoKd6xaerU6tbzGySQJB0FdsuNSpEbN4g=
Subject key identifier: BD:06:48:49:5D:43:CC:45:47:46:F7:E1:6B:D2:09:10:72:3D:D3:49
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0FBEF1EBF1BFB77B0B1632D2423C9B37E9C885B0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa
Signing time: Wed 26 Mar 2025 00:01:01 +0000
ROA not before: Wed 26 Mar 2025 00:01:01 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:be:f1:eb:f1:bf:b7:7b:0b:16:32:d2:42:3c:9b:37:e9:c8:85:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:01:01 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d3:f8:ad:08:a7:a4:15:3a:33:6e:61:78:54:
17:9f:4e:66:3a:6c:9c:3d:37:05:55:0c:f8:55:27:
a3:7a:99:18:cf:a9:9d:ca:73:f1:20:88:20:f7:fd:
51:42:94:ef:78:9a:2d:7b:23:5a:40:04:1f:17:c6:
6a:c7:f0:a4:ef:ad:b1:ec:69:08:b3:71:ed:91:09:
82:df:cc:f8:7a:e3:9a:d8:51:32:9f:03:34:70:fb:
73:ad:c3:a1:88:09:f9:8a:e3:97:f2:0a:99:37:22:
c8:e5:f3:c9:37:31:72:23:4f:f7:26:04:22:c6:7e:
27:11:20:5a:fa:ab:99:93:e1:dd:02:b5:7f:06:73:
9c:ee:b1:be:86:02:ba:2f:12:8f:4d:c1:62:70:b8:
42:a1:52:0e:dc:6b:84:24:7f:f9:83:1c:4e:d5:4e:
25:83:6e:9f:fa:89:2f:ee:16:70:47:c9:de:01:71:
ed:0e:c7:e6:8c:43:60:3e:90:4c:ad:d5:ec:f4:5d:
6a:b8:e4:47:73:d6:aa:99:b8:b6:50:ab:1a:23:2c:
56:0c:b5:ab:c8:56:e1:76:06:7b:58:aa:91:c9:5e:
f2:b3:da:51:ac:08:ed:6a:24:24:0d:d0:b3:a5:e4:
e8:0d:bb:f7:a9:85:5d:da:6f:83:43:42:b1:4b:87:
85:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:06:48:49:5D:43:CC:45:47:46:F7:E1:6B:D2:09:10:72:3D:D3:49
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:1000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:e1:40:55:47:24:6c:16:23:6a:5d:d7:5c:60:21:67:aa:2f:
8d:56:f1:ce:b1:d5:14:ed:70:b4:5f:44:6c:51:41:72:ab:0b:
fe:ae:b0:40:0f:85:59:9b:b1:0b:1a:d7:7e:26:2f:00:b1:47:
a4:cc:2d:d5:cb:f6:28:c8:61:a2:64:9b:4a:1a:20:e6:e9:6b:
b9:21:0a:58:33:25:e9:5f:88:9d:61:e6:5c:f3:f4:0b:aa:50:
33:32:06:f8:4e:b3:92:fb:45:01:ae:4d:c6:bd:71:79:9b:ca:
4c:0e:80:4a:87:e6:83:45:b8:e6:a7:bf:46:6b:d9:1a:6a:3a:
be:a2:fd:16:bb:21:92:21:33:52:0c:4a:4b:eb:f8:e7:c8:60:
47:45:a6:b4:36:ec:f8:bb:de:be:df:6f:f7:80:cc:e4:d1:45:
b2:57:f5:48:e1:d1:23:0e:a6:f3:e8:7c:27:be:86:d4:ea:1e:
87:5a:ee:9f:59:cb:19:94:6f:c1:8f:a5:a7:81:32:91:e9:75:
9b:f9:83:24:ab:4d:42:7f:dc:1b:e0:59:9e:c0:7b:e2:bf:ad:
03:24:45:de:a5:fa:fb:93:5c:52:d1:d9:53:fd:d2:0e:6d:4f:
f7:d2:10:0a:4b:34:4d:5c:1f:a2:24:36:5a:03:70:3c:d4:44:
4d:5d:f4:88
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUD77x6/G/t3sLFjLSQjybN+nIhbAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDEwMVoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAMzIwNTNkMDkzNWZhNzJmYjZhYzcy
OTA2OTJiMGRmYjNkNDgzZjE0ZGU4ZGY3ZjVmNjMwOWUxNTk3MzdkY2UwNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19P4rQinpBU6M25heFQXn05mOmyc
PTcFVQz4VSejepkYz6mdynPxIIgg9/1RQpTveJoteyNaQAQfF8Zqx/Ck762x7GkI
s3HtkQmC38z4euOa2FEynwM0cPtzrcOhiAn5iuOX8gqZNyLI5fPJNzFyI0/3JgQi
xn4nESBa+quZk+HdArV/BnOc7rG+hgK6LxKPTcFicLhCoVIO3GuEJH/5gxxO1U4l
g26f+okv7hZwR8neAXHtDsfmjENgPpBMrdXs9F1quORHc9aqmbi2UKsaIyxWDLWr
yFbhdgZ7WKqRyV7ys9pRrAjtaiQkDdCzpeToDbv3qYVd2m+DQ0KxS4eFbQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFL0GSEldQ8xFR0b34WvSCRByPdNJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkwNmQxMDk0LTAyZjEtNDJkOS1iMjJlLTI0ZjJlZTRjYWE3MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOBAwDQYJKoZIhvcNAQELBQADggEBAKzhQFVHJGwWI2pd11xg
IWeqL41W8c6x1RTtcLRfRGxRQXKrC/6usEAPhVmbsQsa134mLwCxR6TMLdXL9ijI
YaJkm0oaIObpa7khClgzJelfiJ1h5lzz9AuqUDMyBvhOs5L7RQGuTca9cXmbykwO
gEqH5oNFuOanv0Zr2RpqOr6i/Ra7IZIhM1IMSkvr+OfIYEdFprQ27Pi73r7fb/eA
zOTRRbJX9Ujh0SMOpvPofCe+htTqHoda7p9ZyxmUb8GPpaeBMpHpdZv5gySrTUJ/
3BvgWZ7Ae+K/rQMkRd6l+vuTXFLR2VP90g5tT/fSEApLNE1cH6IkNloDcDzURE1d
9Ig=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:39 2025 by rpki-client