Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c6ac1a0f-d49c-46c6-8787-267094ee9f47.roa
File: c6ac1a0f-d49c-46c6-8787-267094ee9f47.roa (raw, json)
Hash identifier: dGAa5VhuAVsTw5P2LLjS+fP2VCxocP3YPthbA5BOOvE=
Subject key identifier: 20:E7:98:A0:A0:7F:8C:AD:D7:7A:34:8C:5E:3D:6F:25:86:6C:54:26
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4A9D79B64BD6ED4C462BC9683C9BE9F19F8CCFB3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c6ac1a0f-d49c-46c6-8787-267094ee9f47.roa
Signing time: Wed 26 Mar 2025 00:02:00 +0000
ROA not before: Wed 26 Mar 2025 00:02:00 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:9d:79:b6:4b:d6:ed:4c:46:2b:c9:68:3c:9b:e9:f1:9f:8c:cf:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:02:00 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0a:d7:f5:e5:71:c3:0a:15:2c:02:d3:be:52:
66:4a:78:6d:02:41:09:f8:78:c6:7e:ba:02:d9:aa:
15:63:60:c8:31:8d:52:a5:a9:84:44:a0:3a:57:56:
ae:e6:bf:67:b0:10:2d:fa:0e:07:73:4d:d4:ae:d2:
34:ce:5a:97:76:4f:2c:37:9c:fa:b1:b1:9f:80:76:
59:02:df:69:5d:c4:23:2f:f1:b3:86:85:16:fb:67:
16:6c:b8:74:f7:14:c7:ff:67:32:4c:40:6b:cc:c0:
12:5a:c7:d5:a7:6f:da:5b:c6:03:ff:14:25:87:86:
a6:75:0e:11:46:d7:56:7d:d7:b7:de:e7:cd:6e:5c:
07:fd:58:dc:a5:aa:f5:86:db:9c:a5:2c:c6:a2:97:
94:16:2d:de:1c:43:c5:96:31:30:67:88:9c:b5:c5:
48:fc:57:3b:07:c3:5f:5c:1c:1e:f6:ca:6d:6a:e2:
8b:58:58:c2:c9:e6:45:62:d6:07:aa:01:69:7e:f5:
c0:4a:d3:86:13:f1:23:57:93:6e:67:32:44:24:dc:
90:a8:e0:31:a4:f8:90:b6:d4:95:3c:f8:2f:16:c6:
2b:a2:67:9a:af:73:95:e2:3d:cf:e5:bc:d1:85:86:
60:2d:9e:d8:34:25:bd:9c:07:ec:3b:8e:8d:22:09:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E7:98:A0:A0:7F:8C:AD:D7:7A:34:8C:5E:3D:6F:25:86:6C:54:26
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c6ac1a0f-d49c-46c6-8787-267094ee9f47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:6000::/40
Signature Algorithm: sha256WithRSAEncryption
97:8a:44:29:e8:7e:26:a7:48:ef:32:78:3b:13:7d:1d:96:97:
a9:8e:f5:5c:9e:ba:73:c5:c1:23:d0:35:6d:18:70:e5:ca:5c:
3a:3f:40:1e:37:15:76:0e:ec:44:83:86:1e:fc:40:65:42:61:
43:25:42:75:18:d7:30:8f:78:6f:82:0c:2a:71:fd:6c:a3:ac:
61:ff:8e:93:bc:0b:88:7b:9d:72:b4:bf:ba:ed:1f:0c:e2:1b:
b3:24:aa:0d:ac:95:a4:e8:46:c0:d8:65:3a:e8:d2:22:ee:bd:
52:f3:d1:b0:fc:a4:90:93:da:dc:2c:49:76:cb:0c:29:d2:6a:
db:f9:9b:b5:37:98:cd:16:e9:62:16:b3:28:ec:0e:70:53:12:
41:4c:c7:cf:8b:08:27:c0:87:a2:b5:73:2a:63:a8:28:81:0e:
b8:1e:f2:e6:a5:8c:09:5f:35:73:ef:0c:1b:b2:d0:08:1d:72:
ca:1f:2b:a8:a3:da:c2:a0:30:8d:bf:37:19:85:9b:5f:0a:df:
0c:5e:06:d3:71:4d:9b:80:c9:4e:4d:c5:20:2d:05:1d:43:09:
21:05:df:09:7e:7b:62:f7:c9:5f:a4:79:7c:6c:e2:ea:f3:53:
fa:a9:57:7b:b7:c9:47:46:b9:c6:af:ff:14:50:53:67:c6:5d:
f8:9f:ac:7b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSp15tkvW7UxGK8loPJvp8Z+Mz7MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDIwMFoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAMzg4Mjk1YzBiYWMxMDRjYzFhZDA0
MTg0YTg3MGE4MWQ4NTY4OTcyMjY1OWUwM2NlMjUxYTVhNDFjZGJlZWQxNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrX9eVxwwoVLALTvlJmSnhtAkEJ
+HjGfroC2aoVY2DIMY1SpamERKA6V1au5r9nsBAt+g4Hc03UrtI0zlqXdk8sN5z6
sbGfgHZZAt9pXcQjL/GzhoUW+2cWbLh09xTH/2cyTEBrzMASWsfVp2/aW8YD/xQl
h4amdQ4RRtdWfde33ufNblwH/Vjcpar1htucpSzGopeUFi3eHEPFljEwZ4ictcVI
/Fc7B8NfXBwe9sptauKLWFjCyeZFYtYHqgFpfvXAStOGE/EjV5NuZzJEJNyQqOAx
pPiQttSVPPgvFsYromear3OV4j3P5bzRhYZgLZ7YNCW9nAfsO46NIglMdQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCDnmKCgf4yt13o0jF49byWGbFQmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M2YWMxYTBmLWQ0OWMtNDZjNi04Nzg3LTI2NzA5NGVlOWY0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOGAwDQYJKoZIhvcNAQELBQADggEBAJeKRCnofianSO8yeDsT
fR2Wl6mO9VyeunPFwSPQNW0YcOXKXDo/QB43FXYO7ESDhh78QGVCYUMlQnUY1zCP
eG+CDCpx/WyjrGH/jpO8C4h7nXK0v7rtHwziG7Mkqg2slaToRsDYZTro0iLuvVLz
0bD8pJCT2twsSXbLDCnSatv5m7U3mM0W6WIWsyjsDnBTEkFMx8+LCCfAh6K1cypj
qCiBDrge8ualjAlfNXPvDBuy0AgdcsofK6ij2sKgMI2/NxmFm18K3wxeBtNxTZuA
yU5NxSAtBR1DCSEF3wl+e2L3yV+keXxs4urzU/qpV3u3yUdGucav/xRQU2fGXfif
rHs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:14 2025 by rpki-client