Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa
File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json)
Hash identifier: JwBjsIZmSi0ssURNf/XIY2d2U2WZFwoUpbcKdRmaPpg=
Subject key identifier: D7:87:1A:35:E1:79:F2:83:3F:B5:7A:2F:5E:8F:64:09:9E:FE:85:82
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 68DAC7A2FCF617B86EAF27F66135C446DAF544D7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa
Signing time: Tue 25 Mar 2025 16:11:36 +0000
ROA not before: Tue 25 Mar 2025 16:11:36 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da68:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:da:c7:a2:fc:f6:17:b8:6e:af:27:f6:61:35:c4:46:da:f5:44:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 25 16:11:36 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:16:9a:56:3a:32:24:54:b7:92:4e:5e:59:
10:91:52:28:c6:c6:ca:d0:a9:c7:8f:bc:e4:2a:66:
2e:dd:f3:ea:26:73:9b:c9:a8:37:8e:b3:02:cb:51:
6f:e4:ca:c4:82:05:2b:35:ee:c8:d7:17:9f:20:72:
1f:47:6c:10:56:bc:b5:a4:59:7e:db:26:52:2a:db:
4a:32:14:32:5e:9f:43:c6:6e:f6:d7:ce:d4:9c:b4:
82:87:cc:81:f6:c5:0e:62:9b:ba:26:f9:79:1f:86:
6f:15:9b:f8:9e:b0:d6:00:4f:a5:fb:65:6e:45:e5:
dd:26:74:22:cc:9c:8f:77:c7:02:74:63:6e:08:24:
7d:60:3a:83:74:99:26:ae:0d:9a:a0:76:88:73:60:
ec:10:0c:3b:23:76:20:95:3d:72:3c:3d:71:ca:ca:
1d:cb:b4:d7:dc:45:3d:2e:14:4a:37:54:99:b6:e6:
54:29:fd:a8:9b:6c:57:ce:1c:2a:96:80:84:d9:70:
ee:71:24:4f:91:99:71:54:17:6e:4c:c2:3e:30:20:
5e:62:be:d1:d7:64:4f:43:79:ac:11:2b:6d:45:55:
e1:c0:07:ec:ec:72:2c:b5:51:44:68:46:d7:9b:82:
c2:4a:5e:1c:5a:62:6b:fd:ca:e3:0b:fd:e5:fb:c5:
93:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:87:1A:35:E1:79:F2:83:3F:B5:7A:2F:5E:8F:64:09:9E:FE:85:82
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da68:6000::/40
Signature Algorithm: sha256WithRSAEncryption
49:30:6e:78:ea:67:31:fb:35:9e:7e:8d:76:bf:f8:77:a3:30:
5c:ec:66:a6:d9:70:c6:8b:98:eb:6a:38:24:f1:8d:e0:52:43:
51:98:56:07:f7:d6:3d:d4:f7:ed:8f:49:5d:fb:b5:26:ca:97:
b8:4d:5e:59:2a:bb:49:4e:3e:21:3c:d4:d9:bd:4c:11:5b:6f:
2b:c3:03:c2:c6:75:96:f2:62:35:7e:01:a7:a2:bd:db:10:a3:
f3:2c:e8:50:11:6e:7b:3d:80:b7:f6:aa:1c:d5:85:73:de:b4:
ce:f1:2d:6e:8c:62:d4:5b:4e:01:85:af:9a:c7:d6:d5:57:55:
02:8c:18:db:db:0d:b8:b5:72:aa:91:04:5e:f9:8c:08:8b:53:
fd:2e:6a:41:17:a1:91:e6:31:39:95:6a:7a:a7:c8:9b:71:41:
a8:cc:44:a4:7b:8e:e3:13:13:0a:04:b0:25:ad:cd:c4:d7:0a:
38:11:07:67:b8:2d:0c:12:98:dc:ae:57:cd:df:be:81:24:bd:
be:f1:6a:23:03:0a:da:e4:eb:b5:6b:52:6c:3e:7b:17:04:c5:
30:68:80:2e:60:a5:5b:85:71:f1:5e:6d:15:05:1b:f9:f8:2b:
52:e2:6a:d6:df:31:56:fb:cc:8c:a6:73:b2:a9:f7:30:48:46:
4c:3a:16:46
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaNrHovz2F7huryf2YTXERtr1RNcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MTEzNloX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANWRhOTExMzlhNDNiYzc3YTc3NjBi
N2Q2MDQwMzkzODQ5NmI3NTU0NmE3MmM3Y2FlOGNlYWE2YjgyN2ZkZGYzYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqQWmlY6MiRUt5JOXlkQkVIoxsbK
0KnHj7zkKmYu3fPqJnObyag3jrMCy1Fv5MrEggUrNe7I1xefIHIfR2wQVry1pFl+
2yZSKttKMhQyXp9Dxm72187UnLSCh8yB9sUOYpu6Jvl5H4ZvFZv4nrDWAE+l+2Vu
ReXdJnQizJyPd8cCdGNuCCR9YDqDdJkmrg2aoHaIc2DsEAw7I3YglT1yPD1xysod
y7TX3EU9LhRKN1SZtuZUKf2om2xXzhwqloCE2XDucSRPkZlxVBduTMI+MCBeYr7R
12RPQ3msESttRVXhwAfs7HIstVFEaEbXm4LCSl4cWmJr/crjC/3l+8WTjQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNeHGjXhefKDP7V6L16PZAme/oWCMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E4NzQ2YzUwLWIyYzYtNDM4Zi1hZDc5LTNiNjA4ZGE2OGI2MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaGAwDQYJKoZIhvcNAQELBQADggEBAEkwbnjqZzH7NZ5+jXa/
+HejMFzsZqbZcMaLmOtqOCTxjeBSQ1GYVgf31j3U9+2PSV37tSbKl7hNXlkqu0lO
PiE81Nm9TBFbbyvDA8LGdZbyYjV+AaeivdsQo/Ms6FARbns9gLf2qhzVhXPetM7x
LW6MYtRbTgGFr5rH1tVXVQKMGNvbDbi1cqqRBF75jAiLU/0uakEXoZHmMTmVanqn
yJtxQajMRKR7juMTEwoEsCWtzcTXCjgRB2e4LQwSmNyuV83fvoEkvb7xaiMDCtrk
67VrUmw+excExTBogC5gpVuFcfFebRUFG/n4K1LiatbfMVb7zIymc7Kp9zBIRkw6
FkY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:38 2025 by rpki-client