Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa
File: a5e20664-bb4b-418f-9be3-4d905265deec.roa (raw, json)
Hash identifier: otGf2q6CSEoydYd4rUF3vZt6zjlsuQx2R2hetgE/b48=
Subject key identifier: CB:B7:7C:1F:E9:71:61:34:E9:E5:79:1B:C6:EB:82:B0:EE:9A:94:43
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 28D7EDF7A7D33FC80A1A78DAB13CD99FDEC1751E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa
Signing time: Wed 26 Mar 2025 00:01:55 +0000
ROA not before: Wed 26 Mar 2025 00:01:55 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da68:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:d7:ed:f7:a7:d3:3f:c8:0a:1a:78:da:b1:3c:d9:9f:de:c1:75:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:01:55 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cf:f5:57:02:9b:72:53:b8:36:4c:15:19:bd:
49:cb:a1:ac:02:ed:7e:83:2f:aa:a2:fd:8b:d5:dd:
57:5d:58:d2:1c:b4:f4:6b:98:92:cd:7d:bf:74:64:
fc:a8:ba:8f:ef:db:8c:4c:1e:85:01:c0:4a:c7:15:
49:a3:6e:f2:84:08:12:04:54:9d:4f:cf:4e:97:90:
13:a5:10:f8:a2:d1:0f:3f:a7:cb:de:01:59:4e:86:
61:eb:df:03:50:bf:8d:ba:d4:2c:7e:fa:04:56:61:
f1:02:d5:c2:73:ca:68:63:7d:37:46:9c:03:84:86:
ed:d3:48:d6:17:12:36:4b:2a:0e:56:98:6d:ce:99:
7c:43:c4:2d:3e:df:3c:a5:fc:40:70:a9:bb:d6:a5:
29:58:3b:0f:fc:50:04:2c:d1:2c:70:1c:b6:8d:12:
5f:3f:fc:99:90:90:26:63:b7:78:b3:5c:83:90:00:
58:75:79:8d:33:1a:ee:ea:78:d9:4b:dd:61:c1:10:
01:36:c8:74:f5:29:4e:29:2e:5d:2b:89:63:02:d2:
8a:72:b2:f8:88:12:46:38:ed:a0:63:65:4c:c1:5a:
c6:57:b5:16:01:60:11:7b:80:fd:c0:bb:2d:05:1e:
42:8c:f6:32:df:af:63:cf:e2:c1:db:85:80:4d:25:
f4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B7:7C:1F:E9:71:61:34:E9:E5:79:1B:C6:EB:82:B0:EE:9A:94:43
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da68:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:a4:99:c4:94:22:5a:0b:f9:32:e0:9c:f5:a1:1f:81:a3:41:
51:55:d8:cc:a4:d0:1d:8b:2b:cd:4f:1c:d8:9f:1f:1a:ea:a6:
5b:7d:b3:20:0f:7f:81:10:5d:03:b3:44:61:1e:0d:eb:00:d0:
12:22:12:81:07:73:80:90:8d:78:79:7b:4d:59:15:5e:10:ce:
57:49:09:89:96:27:88:66:c4:e5:bd:e9:24:60:23:9b:74:bf:
a5:13:19:50:a2:b7:5d:17:e0:94:a2:e7:15:4b:ec:97:be:2d:
68:0c:22:3b:69:3d:e6:64:2f:9a:d7:cb:99:0e:e0:d5:f4:38:
05:5e:27:ad:b5:b6:94:fa:46:13:37:45:45:46:14:ac:b3:d3:
f6:9d:ca:1c:cb:45:21:3c:4b:c9:8a:ef:8b:e3:bd:18:94:42:
ab:97:3c:e6:8b:d5:1e:17:e3:39:f6:bb:cb:c5:fb:66:57:e9:
52:e7:fb:e8:42:98:06:b9:46:b4:25:c8:b8:ec:76:88:dc:2e:
f3:e6:13:27:3a:53:38:76:1e:e4:88:ee:0a:8e:39:08:0f:76:
b5:4d:d9:59:b1:2a:df:02:88:c4:65:69:ee:7f:b1:52:5c:eb:
a0:4b:80:67:d9:3f:83:dc:43:46:85:48:a2:15:e6:4e:1a:ee:
7b:8e:c2:5c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKNft96fTP8gKGnjasTzZn97BdR4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDE1NVoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAODQyYjY3ZmFkZWU3NTNlZmIwYjg1
YzE3YWM2N2Q4ZjYxNmFlNTFmYmU0YmE4YjEzZDJiMjg3NDliMTA0NTQ1YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38/1VwKbclO4NkwVGb1Jy6GsAu1+
gy+qov2L1d1XXVjSHLT0a5iSzX2/dGT8qLqP79uMTB6FAcBKxxVJo27yhAgSBFSd
T89Ol5ATpRD4otEPP6fL3gFZToZh698DUL+NutQsfvoEVmHxAtXCc8poY303RpwD
hIbt00jWFxI2SyoOVphtzpl8Q8QtPt88pfxAcKm71qUpWDsP/FAELNEscBy2jRJf
P/yZkJAmY7d4s1yDkABYdXmNMxru6njZS91hwRABNsh09SlOKS5dK4ljAtKKcrL4
iBJGOO2gY2VMwVrGV7UWAWARe4D9wLstBR5CjPYy369jz+LB24WATSX07QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMu3fB/pcWE06eV5G8brgrDumpRDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E1ZTIwNjY0LWJiNGItNDE4Zi05YmUzLTRkOTA1MjY1ZGVlYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaIAwDQYJKoZIhvcNAQELBQADggEBAH+kmcSUIloL+TLgnPWh
H4GjQVFV2Myk0B2LK81PHNifHxrqplt9syAPf4EQXQOzRGEeDesA0BIiEoEHc4CQ
jXh5e01ZFV4QzldJCYmWJ4hmxOW96SRgI5t0v6UTGVCit10X4JSi5xVL7Je+LWgM
IjtpPeZkL5rXy5kO4NX0OAVeJ621tpT6RhM3RUVGFKyz0/adyhzLRSE8S8mK74vj
vRiUQquXPOaL1R4X4zn2u8vF+2ZX6VLn++hCmAa5RrQlyLjsdojcLvPmEyc6Uzh2
HuSI7gqOOQgPdrVN2VmxKt8CiMRlae5/sVJc66BLgGfZP4PcQ0aFSKIV5k4a7nuO
wlw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:10:42 2025 by rpki-client