Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa
File: bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa (raw, json)
Hash identifier: I91ydYPKup44scFFx6WEP7rSt+/vt7OM9WhQ/lgSXS8=
Subject key identifier: 39:03:54:78:BF:E1:85:EF:3A:71:E0:2F:C8:B9:1C:4C:4C:95:90:D0
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 612DD09CF314D11A7C29A9E66DB1431DF2B79F00
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa
Signing time: Sat 22 Mar 2025 00:00:54 +0000
ROA not before: Sat 22 Mar 2025 00:00:54 +0000
ROA not after: Sat 26 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:2d:d0:9c:f3:14:d1:1a:7c:29:a9:e6:6d:b1:43:1d:f2:b7:9f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 22 00:00:54 2025 GMT
Not After : Apr 26 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0a:29:b0:e3:2d:2a:95:d0:dd:54:c3:e4:c5:
29:a3:c8:b1:ac:53:b5:11:8e:ac:70:f8:6c:eb:54:
1c:e7:dc:51:b1:9e:e1:f8:31:95:35:49:ab:81:79:
e2:8b:f9:0f:1b:1f:a6:95:73:82:9b:9b:b7:a8:e8:
f9:2e:84:52:83:e2:65:a6:09:24:34:21:7e:a9:c0:
93:a4:80:54:4a:d3:2f:18:4d:f4:82:61:48:ed:df:
97:af:73:20:3c:ae:5a:fe:41:fa:63:de:65:41:4f:
0d:74:f4:bb:6c:da:c3:36:42:85:7d:46:4b:eb:98:
93:32:01:2f:a3:a1:1d:62:2c:af:37:5a:c3:fd:06:
53:24:e7:8c:c9:21:1c:22:41:08:c8:33:08:14:79:
4f:17:e5:cd:7c:27:e7:68:2c:f3:36:5d:d4:4f:af:
b4:43:65:35:ac:51:0e:62:c4:33:30:bb:37:9f:c1:
d3:a7:79:6f:68:56:42:9f:a4:ab:22:84:5f:8f:10:
d1:1e:f9:61:34:11:7b:17:27:cb:c4:61:fa:25:2d:
76:7e:89:b5:92:e0:75:13:ae:be:bd:8f:50:ac:eb:
e6:29:e6:77:d6:5f:35:fa:64:8b:4b:0a:a1:32:13:
63:80:b3:ac:6c:99:37:42:80:8f:aa:6d:d9:6c:2f:
5d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:03:54:78:BF:E1:85:EF:3A:71:E0:2F:C8:B9:1C:4C:4C:95:90:D0
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:2800::/40
Signature Algorithm: sha256WithRSAEncryption
36:8b:87:4f:05:13:29:5d:a3:67:36:cd:41:7e:ba:f4:75:1b:
1c:3c:4c:db:69:28:c7:82:0a:75:81:56:25:e5:21:f3:40:e8:
0c:90:e0:4b:46:e8:6a:b0:78:a6:6c:d0:bd:f3:85:8d:ad:41:
08:71:6f:02:58:5e:59:de:a3:6b:45:bd:f5:20:d7:f8:44:b4:
f6:92:5a:d8:18:19:24:00:39:1f:fa:c2:ad:b3:3c:93:10:6c:
2d:41:b1:42:fd:f9:05:0c:de:a1:58:bf:eb:ec:2e:68:81:b2:
52:a3:0a:d0:48:11:ad:da:d4:a2:5b:5d:32:94:3f:ca:db:db:
64:31:a8:57:af:73:f3:65:45:dc:10:62:5a:1f:c4:3a:a0:f5:
3b:41:e1:22:96:4f:29:1a:81:f4:e0:df:4a:55:09:14:24:d5:
94:ac:b8:7a:f0:7b:2c:90:9f:b4:0c:ea:27:f6:fb:e0:26:9e:
cd:70:a0:ae:0d:1e:4b:a6:0b:fd:ce:ef:2a:5a:eb:4f:e5:95:
4b:1f:03:12:71:da:42:42:3c:b8:43:70:b4:52:45:56:7b:a0:
09:f6:bc:e7:59:22:68:79:ff:f9:7e:48:15:e3:f9:c2:37:80:
15:2f:ef:16:81:e6:ac:0d:31:bd:3d:2c:9b:27:eb:87:59:04:
47:82:a3:a7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYS3QnPMU0Rp8KanmbbFDHfK3nwAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMjAwMDA1NFoX
DTI1MDQyNjIzNTk1OVowejFJMEcGA1UEBRNAZTZlNmVmNTM1NWFjMWVhOTBhMmFk
M2NkYWM2ODc0M2IzNWIwZjE0MDNjMjhhZDAwMDcyOWEwM2ZmNjRhZTc4NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gopsOMtKpXQ3VTD5MUpo8ixrFO1
EY6scPhs61Qc59xRsZ7h+DGVNUmrgXnii/kPGx+mlXOCm5u3qOj5LoRSg+Jlpgkk
NCF+qcCTpIBUStMvGE30gmFI7d+Xr3MgPK5a/kH6Y95lQU8NdPS7bNrDNkKFfUZL
65iTMgEvo6EdYiyvN1rD/QZTJOeMySEcIkEIyDMIFHlPF+XNfCfnaCzzNl3UT6+0
Q2U1rFEOYsQzMLs3n8HTp3lvaFZCn6SrIoRfjxDRHvlhNBF7FyfLxGH6JS12fom1
kuB1E66+vY9QrOvmKeZ31l81+mSLSwqhMhNjgLOsbJk3QoCPqm3ZbC9dMwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDkDVHi/4YXvOnHgL8i5HExMlZDQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JhYzIxZTFkLTU5ZGYtNDdmZi1iZmE3LTZlYmZjNmFhNTJlZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaACgwDQYJKoZIhvcNAQELBQADggEBADaLh08FEyldo2c2zUF+
uvR1Gxw8TNtpKMeCCnWBViXlIfNA6AyQ4EtG6GqweKZs0L3zhY2tQQhxbwJYXlne
o2tFvfUg1/hEtPaSWtgYGSQAOR/6wq2zPJMQbC1BsUL9+QUM3qFYv+vsLmiBslKj
CtBIEa3a1KJbXTKUP8rb22QxqFevc/NlRdwQYlofxDqg9TtB4SKWTykagfTg30pV
CRQk1ZSsuHrweyyQn7QM6if2++Amns1woK4NHkumC/3O7ypa60/llUsfAxJx2kJC
PLhDcLRSRVZ7oAn2vOdZImh5//l+SBXj+cI3gBUv7xaB5qwNMb09LJsn64dZBEeC
o6c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:38 2025 by rpki-client