Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa
File: d07df133-27a9-413c-9804-adb048f407f3.roa (raw, json)
Hash identifier: zMLoEU0jUpdkxUuQH6u+qCwrcLJY9Fjc/axSXFxE7Ek=
Subject key identifier: D9:E0:32:85:E0:BF:DF:17:2E:55:DC:52:DD:5A:3D:9B:D1:9B:98:89
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2EFFD81A9BD2F902EF4FEA046FA2CF4D89B622EE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa
Signing time: Wed 26 Mar 2025 00:00:57 +0000
ROA not before: Wed 26 Mar 2025 00:00:57 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daa0:2800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ff:d8:1a:9b:d2:f9:02:ef:4f:ea:04:6f:a2:cf:4d:89:b6:22:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:00:57 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:43:91:3d:cf:16:8f:eb:ef:13:6c:64:16:dc:
c5:dd:a8:e4:96:7c:91:f0:b6:05:5d:dd:03:ae:2c:
4d:db:dd:a6:ac:f2:07:9f:5e:68:ee:59:d6:ae:b6:
4d:c8:ed:06:43:55:ae:6a:01:30:8d:5b:b2:b0:3f:
b0:2e:fe:f7:ae:0e:52:37:3a:83:b9:82:d2:e2:55:
2b:fd:42:f2:7e:14:f5:8e:35:c1:0c:7d:c2:9d:80:
f2:d0:6a:69:a3:e9:9c:0d:74:60:d7:02:3d:dc:b6:
c1:a1:f4:12:c6:f0:a1:db:6f:34:50:a9:16:71:b0:
ba:25:7f:8b:75:35:8a:aa:29:45:27:b0:68:43:38:
13:cf:b1:30:f3:83:82:44:c1:5e:a1:72:b8:d7:44:
a3:72:91:8b:0a:db:0c:39:ae:d7:5b:28:f2:ee:8b:
65:37:d1:a9:ed:3a:b7:1e:92:ed:42:0d:3a:01:46:
de:e9:4a:59:be:c0:b6:33:e7:ef:8c:68:04:75:96:
80:98:86:20:c7:70:e4:f7:fa:f0:fe:08:a6:00:64:
3d:75:73:eb:99:9f:d7:62:a6:b9:e9:e6:c5:0e:b7:
ee:f2:91:a8:a4:d6:9f:ec:aa:7c:fe:78:36:88:14:
f6:17:f0:49:47:39:4a:d8:e3:5a:3c:aa:b1:27:e5:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E0:32:85:E0:BF:DF:17:2E:55:DC:52:DD:5A:3D:9B:D1:9B:98:89
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daa0:2800::/40
Signature Algorithm: sha256WithRSAEncryption
0e:3e:b9:fb:65:79:34:27:2c:46:77:d8:fc:64:1c:0a:b0:96:
bd:22:41:70:c9:fd:27:9b:da:99:85:04:1c:1d:10:50:e5:13:
83:29:18:11:72:ff:49:9c:4f:72:37:73:dd:d4:b3:8a:42:06:
f3:7c:15:9f:25:31:d3:fb:39:9c:c1:93:ae:84:37:78:a0:63:
5c:5b:de:c2:e7:25:93:d1:0b:55:bb:91:68:e8:ee:e9:4d:37:
2f:2e:4b:9e:bd:2d:e0:23:24:69:a1:e2:ca:e1:ce:97:62:c7:
09:2c:9a:8e:92:49:66:50:72:8a:dc:70:64:88:50:ce:cd:93:
5d:45:aa:dc:d9:e4:70:f8:a6:52:a6:be:7d:77:20:93:99:b6:
0d:5f:f0:2c:a0:ad:3e:c6:3f:b2:6f:8f:93:4a:34:5a:7e:a9:
49:84:c0:33:4b:8d:28:87:19:dd:b3:b2:55:63:17:5d:84:5d:
6b:26:ed:a9:4f:67:ce:bd:36:7a:9c:57:fa:06:f7:c7:84:c1:
9c:29:98:49:00:cf:b0:46:b4:d5:d3:bb:50:b2:0d:92:f3:c9:
b6:3f:d3:97:41:24:bf:a8:ce:82:54:ae:28:ec:fd:6d:e6:93:
ff:f4:fb:bc:7e:01:48:f2:15:66:a7:fb:40:a3:c6:7c:74:2d:
63:03:5e:4b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULv/YGpvS+QLvT+oEb6LPTYm2Iu4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDA1N1oX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAY2I4NDU3NThhM2ZiOTM1NGI4NDQ2
ODM1Yjk3MzQ0MzkzOGE3ZjBkZDNlMjFiOTRkNmEzMGU4ZDhhMmY3MTdhOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEORPc8Wj+vvE2xkFtzF3ajklnyR
8LYFXd0DrixN292mrPIHn15o7lnWrrZNyO0GQ1WuagEwjVuysD+wLv73rg5SNzqD
uYLS4lUr/ULyfhT1jjXBDH3CnYDy0Gppo+mcDXRg1wI93LbBofQSxvCh2280UKkW
cbC6JX+LdTWKqilFJ7BoQzgTz7Ew84OCRMFeoXK410SjcpGLCtsMOa7XWyjy7otl
N9Gp7Tq3HpLtQg06AUbe6UpZvsC2M+fvjGgEdZaAmIYgx3Dk9/rw/gimAGQ9dXPr
mZ/XYqa56ebFDrfu8pGopNaf7Kp8/ng2iBT2F/BJRzlK2ONaPKqxJ+XIjwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNngMoXgv98XLlXcUt1aPZvRm5iJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QwN2RmMTMzLTI3YTktNDEzYy05ODA0LWFkYjA0OGY0MDdmMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaoCgwDQYJKoZIhvcNAQELBQADggEBAA4+uftleTQnLEZ32Pxk
HAqwlr0iQXDJ/Seb2pmFBBwdEFDlE4MpGBFy/0mcT3I3c93Us4pCBvN8FZ8lMdP7
OZzBk66EN3igY1xb3sLnJZPRC1W7kWjo7ulNNy8uS569LeAjJGmh4srhzpdixwks
mo6SSWZQcorccGSIUM7Nk11FqtzZ5HD4plKmvn13IJOZtg1f8CygrT7GP7Jvj5NK
NFp+qUmEwDNLjSiHGd2zslVjF12EXWsm7alPZ869NnqcV/oG98eEwZwpmEkAz7BG
tNXTu1CyDZLzybY/05dBJL+ozoJUrijs/W3mk//0+7x+AUjyFWan+0Cjxnx0LWMD
Xks=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:55:00 2025 by rpki-client