Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa
File: a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa (raw, json)
Hash identifier: DF2SWUxnlzEit9saGDW3cEUPfP/auWPcQiKE+KHCIdY=
Subject key identifier: F8:66:60:1E:FB:7A:9A:0B:55:71:5A:3D:EC:E1:87:EB:EB:AB:E6:28
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 415C3F3BAA037CDCBCD5671E090494B601544AAA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa
Signing time: Tue 25 Mar 2025 16:21:32 +0000
ROA not before: Tue 25 Mar 2025 16:21:32 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf8:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:5c:3f:3b:aa:03:7c:dc:bc:d5:67:1e:09:04:94:b6:01:54:4a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 25 16:21:32 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:88:d9:d5:c6:72:97:14:47:b4:2c:44:5b:d3:
51:e0:29:b9:13:62:97:52:de:09:b1:23:a7:53:db:
96:65:f2:12:f0:c6:cd:90:a4:a3:74:97:5b:39:26:
f7:e8:01:ed:94:95:47:8c:93:10:cb:67:ff:f7:72:
6b:47:87:bb:58:47:a5:dd:3e:ba:1d:4e:d8:b7:a4:
12:85:ae:c4:63:ee:fc:6b:06:d9:c6:19:f5:28:28:
6b:0a:2d:61:c3:64:d5:3c:67:69:f2:51:6f:b5:55:
cc:e4:7c:62:67:7f:21:94:44:c4:5e:72:98:44:10:
33:ae:27:21:27:7b:f5:56:51:aa:73:42:3b:6d:2c:
55:c9:04:5e:86:3c:c7:1f:f1:3f:9a:90:e1:d0:68:
78:27:f8:49:32:7a:fd:44:28:bb:6b:e5:d3:f8:54:
18:b8:4f:f9:ec:b3:04:45:80:29:b0:7c:60:94:22:
9a:09:eb:e2:3e:93:9b:34:74:ea:d2:56:a5:c2:63:
1e:11:ea:0c:07:4c:c3:65:b7:6b:b6:b5:b4:40:f2:
19:55:a1:da:85:6e:83:1d:5e:4d:cd:a4:e2:00:f9:
d3:2a:6a:46:0b:30:c0:18:61:04:ae:e0:8a:81:8e:
03:ed:59:af:a9:6a:f8:d0:cb:fe:a3:33:f3:64:f0:
70:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:66:60:1E:FB:7A:9A:0B:55:71:5A:3D:EC:E1:87:EB:EB:AB:E6:28
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf8:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:58:61:c9:41:c8:1a:13:e0:39:78:b1:31:2a:48:41:1e:a5:
4d:9a:01:5e:d4:06:ae:01:1d:1e:d2:73:c1:17:33:e2:3c:41:
fa:1d:e1:03:24:c9:4c:9d:9f:bb:da:4b:10:0a:08:90:48:4f:
fd:0b:c3:af:1f:91:03:5a:ab:67:c1:37:e1:5c:ca:f4:8c:7c:
f9:fe:38:c2:8f:a9:a9:e3:9c:7f:bb:0b:3a:7d:e3:53:76:b5:
ef:d0:e3:c8:f9:ce:5f:59:f9:f8:3f:08:47:ec:77:96:99:49:
10:4c:65:e6:86:4e:f1:74:45:50:3e:c1:93:02:3f:62:ff:ff:
97:03:23:43:8b:80:4f:64:7d:24:bf:8a:59:65:f7:e1:86:1e:
46:4d:23:8e:56:92:58:28:0d:32:53:19:ca:33:41:85:24:65:
64:25:92:31:38:c9:b8:f4:32:27:b0:ce:35:a6:20:24:91:57:
26:09:7d:fe:98:e4:b4:e3:84:67:e6:b2:31:f3:38:09:b1:07:
fc:c3:54:4e:45:e1:62:9b:98:b1:0b:fe:cd:81:75:66:fb:ce:
72:4e:30:2d:35:11:43:49:92:9f:72:c0:f8:28:d2:5d:cb:31:
7b:9c:89:7b:2b:94:8c:9c:3f:7e:be:f6:3d:fa:51:ec:02:df:
fe:96:3e:72
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQVw/O6oDfNy81WceCQSUtgFUSqowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjEzMloX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOTdjNmY2MDNjNzg1ODJkNzc4MmNl
YjY0ZWFjOWZmNzM1NTg2NDU1MTRlZWUwODM1YTRhMTE5ZTJhN2I5NjM0NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYjZ1cZylxRHtCxEW9NR4Cm5E2KX
Ut4JsSOnU9uWZfIS8MbNkKSjdJdbOSb36AHtlJVHjJMQy2f/93JrR4e7WEel3T66
HU7Yt6QSha7EY+78awbZxhn1KChrCi1hw2TVPGdp8lFvtVXM5HxiZ38hlETEXnKY
RBAzrichJ3v1VlGqc0I7bSxVyQRehjzHH/E/mpDh0Gh4J/hJMnr9RCi7a+XT+FQY
uE/57LMERYApsHxglCKaCeviPpObNHTq0lalwmMeEeoMB0zDZbdrtrW0QPIZVaHa
hW6DHV5NzaTiAPnTKmpGCzDAGGEEruCKgY4D7VmvqWr40Mv+ozPzZPBwLwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPhmYB77epoLVXFaPezhh+vrq+YoMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E5MTYwNmFmLWYyM2ItNDFmMS1hNWUwLTljOTQ2ZmZhM2NlMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+IAwDQYJKoZIhvcNAQELBQADggEBAC9YYclByBoT4Dl4sTEq
SEEepU2aAV7UBq4BHR7Sc8EXM+I8Qfod4QMkyUydn7vaSxAKCJBIT/0Lw68fkQNa
q2fBN+FcyvSMfPn+OMKPqanjnH+7Czp941N2te/Q48j5zl9Z+fg/CEfsd5aZSRBM
ZeaGTvF0RVA+wZMCP2L//5cDI0OLgE9kfSS/illl9+GGHkZNI45WklgoDTJTGcoz
QYUkZWQlkjE4ybj0MiewzjWmICSRVyYJff6Y5LTjhGfmsjHzOAmxB/zDVE5F4WKb
mLEL/s2BdWb7znJOMC01EUNJkp9ywPgo0l3LMXuciXsrlIycP36+9j36UewC3/6W
PnI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:12 2025 by rpki-client