Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa
File: bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa (raw, json)
Hash identifier: X+SWFRg/Xt4qoZywwRuhGIM5EhLtHQsTgE/9w2y0E+Y=
Subject key identifier: 26:31:76:EB:0F:61:9B:FD:04:C0:0E:D1:61:BF:DF:01:0F:C4:BC:64
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6C3FBC5254D94A046D5AF4D00C88569CE4DD8A10
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa
Signing time: Mon 17 Mar 2025 15:00:54 +0000
ROA not before: Mon 17 Mar 2025 15:00:54 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daa0:c800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:3f:bc:52:54:d9:4a:04:6d:5a:f4:d0:0c:88:56:9c:e4:dd:8a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 17 15:00:54 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:04:24:0a:89:4d:d2:48:5c:2c:6f:19:51:07:
aa:bd:8c:02:bb:2d:97:6f:b1:66:b4:87:63:03:d9:
ff:f4:1b:49:67:7b:ef:7c:07:90:4a:ee:bc:3c:84:
9e:52:cc:8c:5f:da:63:43:83:73:a3:85:2e:17:4b:
dc:62:ac:1d:ff:10:1f:56:19:83:ce:0e:69:59:73:
6b:8c:cd:ee:ee:1e:1e:a3:60:de:fa:18:53:48:18:
63:36:a9:58:0f:3d:b8:0d:35:0a:9d:3e:e8:ed:5a:
e8:ec:dc:13:d5:91:88:73:0a:88:2a:ec:c5:e3:f9:
2e:84:a5:3b:a0:2c:87:51:02:c9:c5:3f:48:94:70:
35:08:1e:fb:dc:e6:28:83:81:27:53:33:23:71:ea:
ff:25:73:9b:45:83:d6:10:39:7a:4f:04:2c:a1:de:
da:7d:17:5a:92:67:75:0a:eb:4f:d1:d7:50:08:d6:
16:b5:3c:4b:75:c0:fb:95:48:1c:11:b1:e8:fa:61:
91:71:86:e2:97:d8:20:7e:a6:12:47:5a:49:26:ed:
3a:19:e7:d7:31:67:cc:57:1b:2b:28:98:2b:2d:6e:
bb:06:ff:d4:64:c1:43:2a:4a:06:96:09:62:92:a9:
fe:e6:59:09:5c:34:dc:23:5f:34:57:ad:8d:ec:c4:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:31:76:EB:0F:61:9B:FD:04:C0:0E:D1:61:BF:DF:01:0F:C4:BC:64
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daa0:c800::/40
Signature Algorithm: sha256WithRSAEncryption
a4:37:f5:c2:48:02:e8:88:cc:8a:60:0a:fb:38:53:e2:46:b1:
3e:0e:e2:92:7b:16:cf:c8:88:1e:40:8e:ec:7e:29:12:18:95:
56:39:cf:ab:97:e9:b3:88:a6:80:de:6a:80:22:ba:cf:c0:cb:
c8:44:d2:10:6b:d4:8e:6a:e0:96:da:45:c6:df:22:11:21:f2:
5d:65:0b:63:04:ae:56:99:6e:05:23:63:18:dc:7f:43:43:90:
02:97:4a:6e:57:fe:15:db:47:0b:fb:ed:97:6f:dd:7a:16:54:
9f:65:40:e2:97:09:ee:7b:b5:06:19:d3:30:ca:d0:40:2d:dd:
fe:73:58:11:f8:32:3b:f3:81:29:b1:58:84:26:7c:1b:60:ad:
5b:21:a0:66:87:a0:8c:57:0e:62:36:39:a0:15:19:8a:f6:63:
fd:b9:21:eb:79:9d:02:23:51:bd:51:0a:dd:39:d7:e6:6c:a4:
ee:10:cb:f0:07:25:d9:25:2e:cd:f8:22:ef:98:d6:f2:31:b6:
c4:f1:9e:ec:a1:34:9f:86:4e:fb:61:7d:df:3c:07:57:e7:5f:
43:08:5a:03:76:0d:32:a9:06:2c:25:90:c5:a6:c6:4d:38:a0:
6c:45:3b:5e:f9:e6:de:d0:2f:dc:3e:86:93:bc:31:1e:37:37:
3f:07:7a:fe
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbD+8UlTZSgRtWvTQDIhWnOTdihAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxNzE1MDA1NFoX
DTI1MDQyMTIzNTk1OVowejFJMEcGA1UEBRNANjhkNjQ3ZjQ5YWJlNjUyYjJlZmYw
OTFmZGJmYjg5NWE3ZWEzNmY0MDY2MzdkYTI1ZTIwNTgzMzcwMWFkMzYxYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgQkColN0khcLG8ZUQeqvYwCuy2X
b7FmtIdjA9n/9BtJZ3vvfAeQSu68PISeUsyMX9pjQ4Nzo4UuF0vcYqwd/xAfVhmD
zg5pWXNrjM3u7h4eo2De+hhTSBhjNqlYDz24DTUKnT7o7Vro7NwT1ZGIcwqIKuzF
4/kuhKU7oCyHUQLJxT9IlHA1CB773OYog4EnUzMjcer/JXObRYPWEDl6TwQsod7a
fRdakmd1CutP0ddQCNYWtTxLdcD7lUgcEbHo+mGRcYbil9ggfqYSR1pJJu06GefX
MWfMVxsrKJgrLW67Bv/UZMFDKkoGlglikqn+5lkJXDTcI180V62N7MT7OQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCYxdusPYZv9BMAO0WG/3wEPxLxkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JmN2RmY2Y4LWJhMGMtNDdlOS04ZGRiLTZhNmQ4ZWM3MDQxMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaoMgwDQYJKoZIhvcNAQELBQADggEBAKQ39cJIAuiIzIpgCvs4
U+JGsT4O4pJ7Fs/IiB5Ajux+KRIYlVY5z6uX6bOIpoDeaoAius/Ay8hE0hBr1I5q
4JbaRcbfIhEh8l1lC2MErlaZbgUjYxjcf0NDkAKXSm5X/hXbRwv77Zdv3XoWVJ9l
QOKXCe57tQYZ0zDK0EAt3f5zWBH4MjvzgSmxWIQmfBtgrVshoGaHoIxXDmI2OaAV
GYr2Y/25Iet5nQIjUb1RCt051+ZspO4Qy/AHJdklLs34Iu+Y1vIxtsTxnuyhNJ+G
Tvthfd88B1fnX0MIWgN2DTKpBiwlkMWmxk04oGxFO1755t7QL9w+hpO8MR43Nz8H
ev4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:23:23 2025 by rpki-client