Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa
File: c017ae6c-65e9-495c-a109-f29969b4159f.roa (raw, json)
Hash identifier: 5+X/Reb9HbEHb74vGaFw+TTd+5b3YIDpkz5d8ZNf0PY=
Subject key identifier: BC:8E:CD:8D:DC:FB:1E:8D:0C:1F:67:B5:95:FF:02:DF:53:DE:5E:81
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5F4282DBD44571CBBD62218F03EBFC38EF03370F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa
Signing time: Wed 26 Mar 2025 00:02:11 +0000
ROA not before: Wed 26 Mar 2025 00:02:11 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafa:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:42:82:db:d4:45:71:cb:bd:62:21:8f:03:eb:fc:38:ef:03:37:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:02:11 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:78:c1:86:29:55:3d:aa:45:68:a5:72:dc:
5f:35:ee:68:a6:e2:68:28:10:83:b8:a9:62:8c:8d:
ee:d1:58:7d:a3:bf:22:ff:7d:c9:e4:21:26:19:57:
4c:10:e2:3f:90:35:0a:83:88:a4:a1:a2:7b:8a:40:
39:92:09:cd:ff:b9:81:08:c0:5c:ba:4f:f6:72:65:
a2:0f:4d:37:75:03:0b:9c:b9:ba:fd:6b:a5:c5:01:
c3:8a:67:51:12:99:48:b1:23:9d:fa:92:18:33:d5:
e4:ac:9a:d4:e6:8f:a2:e9:a0:60:5d:c4:36:4d:ba:
52:46:1f:ef:44:c3:ca:85:67:b6:01:eb:13:ef:42:
5e:21:c8:e8:37:ec:67:1b:64:8d:61:cb:4a:a0:22:
a8:63:2b:13:db:e0:2e:03:5c:a4:7e:be:c4:b5:af:
6e:87:89:d6:a8:d0:d5:ce:6f:06:50:54:57:3c:78:
5a:62:df:fc:16:4e:59:9b:64:ad:1d:24:21:87:70:
08:f7:15:aa:ec:fb:4c:b7:13:73:06:d8:41:72:76:
e0:e0:ff:c2:7b:6f:ea:d8:7a:19:1e:a3:11:37:8f:
86:f6:0d:50:b0:47:5e:9d:86:9d:90:5b:06:d0:6e:
26:88:6a:86:0d:7c:95:d5:bb:b3:bf:1a:fe:93:f7:
07:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8E:CD:8D:DC:FB:1E:8D:0C:1F:67:B5:95:FF:02:DF:53:DE:5E:81
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c017ae6c-65e9-495c-a109-f29969b4159f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafa:2000::/40
Signature Algorithm: sha256WithRSAEncryption
90:4a:66:82:59:93:78:ad:68:3d:ba:7c:2c:52:87:4d:71:3b:
01:26:c2:6f:06:d0:10:14:0f:29:a6:a6:3f:5d:01:9e:79:0e:
55:50:84:01:89:74:bf:5b:5c:7e:f7:2c:0c:4d:bc:d0:36:56:
68:c8:5f:77:17:82:3c:2a:84:2e:97:cb:d7:44:fd:69:c0:ac:
ab:3b:e1:e3:90:17:4d:b8:69:3b:8c:6f:82:f6:76:3c:8e:d4:
96:a6:ca:66:40:87:a0:df:50:fc:3e:58:58:2b:8f:1d:1f:06:
19:64:24:35:c7:56:8c:ec:1d:21:d0:fa:b7:ee:6e:1e:a9:c3:
4f:66:fe:97:6b:fb:71:6f:73:b3:15:c5:ad:3f:50:a8:85:bd:
f6:98:47:2a:29:80:9e:12:73:96:c3:8b:be:c6:f5:08:2d:d7:
09:bd:c6:d2:a5:a4:f3:29:b9:a2:e7:2e:4d:c0:3d:dd:39:73:
e1:b2:1f:c4:5f:cb:70:e4:e6:7e:f0:c6:be:46:41:1d:66:b4:
36:9f:5e:77:c5:81:e4:4f:f5:a0:82:1c:d5:ac:0d:b3:49:ab:
23:45:c8:2c:28:3c:12:91:a9:1c:05:98:9b:ea:88:d7:18:07:
20:d0:9b:53:cf:f7:24:b8:73:0e:47:3e:f7:05:a8:61:52:b7:
d9:65:80:db
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUX0KC29RFccu9YiGPA+v8OO8DNw8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDIxMVoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAMTY2YjJlODU4YzQ1MDcxMjA2YzZi
YWE2MTljOTljNzhmZmQ1NWRjMTE3NTIyNjQ0NTc5MThlMDgwMTE1ZjA2NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBl4wYYpVT2qRWilctxfNe5opuJo
KBCDuKlijI3u0Vh9o78i/33J5CEmGVdMEOI/kDUKg4ikoaJ7ikA5kgnN/7mBCMBc
uk/2cmWiD003dQMLnLm6/WulxQHDimdREplIsSOd+pIYM9XkrJrU5o+i6aBgXcQ2
TbpSRh/vRMPKhWe2AesT70JeIcjoN+xnG2SNYctKoCKoYysT2+AuA1ykfr7Eta9u
h4nWqNDVzm8GUFRXPHhaYt/8Fk5Zm2StHSQhh3AI9xWq7PtMtxNzBthBcnbg4P/C
e2/q2HoZHqMRN4+G9g1QsEdenYadkFsG0G4miGqGDXyV1buzvxr+k/cHfQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLyOzY3c+x6NDB9ntZX/At9T3l6BMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MwMTdhZTZjLTY1ZTktNDk1Yy1hMTA5LWYyOTk2OWI0MTU5Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+iAwDQYJKoZIhvcNAQELBQADggEBAJBKZoJZk3itaD26fCxS
h01xOwEmwm8G0BAUDymmpj9dAZ55DlVQhAGJdL9bXH73LAxNvNA2VmjIX3cXgjwq
hC6Xy9dE/WnArKs74eOQF024aTuMb4L2djyO1JamymZAh6DfUPw+WFgrjx0fBhlk
JDXHVozsHSHQ+rfubh6pw09m/pdr+3Fvc7MVxa0/UKiFvfaYRyopgJ4Sc5bDi77G
9Qgt1wm9xtKlpPMpuaLnLk3APd05c+GyH8Rfy3Dk5n7wxr5GQR1mtDafXnfFgeRP
9aCCHNWsDbNJqyNFyCwoPBKRqRwFmJvqiNcYByDQm1PP9yS4cw5HPvcFqGFSt9ll
gNs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:12 2025 by rpki-client