Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa
File: d1071032-5bb5-48fb-ad34-13668ce372b7.roa (raw, json)
Hash identifier: l6mUQNvd0RTHBFOenL9DiTxgmiRsMKpstCryuE3qj+E=
Subject key identifier: 1A:FB:93:73:B1:5E:99:2E:C5:D1:D4:07:27:F0:F0:42:74:EE:B7:2B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 14DB43C73F5415782EA15A974518BA0EC65FD358
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa
Signing time: Wed 19 Mar 2025 00:00:04 +0000
ROA not before: Wed 19 Mar 2025 00:00:04 +0000
ROA not after: Wed 23 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da2d::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:db:43:c7:3f:54:15:78:2e:a1:5a:97:45:18:ba:0e:c6:5f:d3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 19 00:00:04 2025 GMT
Not After : Apr 23 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:10:69:da:06:f1:b2:32:31:bb:73:d7:67:
4a:a9:a7:b7:63:31:31:a4:24:a1:51:0e:2e:d2:1e:
83:24:7c:d2:1f:2a:f0:12:67:f1:52:20:60:b5:2c:
32:5e:10:9f:7c:7b:0b:e5:d9:62:6e:e1:0f:75:e2:
ec:bb:52:dd:83:e8:9a:72:82:42:a4:2a:16:45:3a:
0c:bb:fb:9f:f1:84:6b:0c:7b:b7:26:d9:55:64:6b:
70:ea:57:14:33:b9:c7:1a:bf:61:2f:5c:c0:b6:fc:
2d:d2:c8:d0:0b:60:30:a4:81:98:91:e7:4f:97:6e:
38:bb:1e:7a:4e:0c:9b:09:08:33:11:8f:6c:87:e6:
fd:5a:9e:49:3a:45:e2:ff:9e:cb:83:fe:10:e7:86:
e3:a4:3e:ee:62:a0:3e:f3:49:65:e8:90:1a:6a:14:
92:a4:ae:03:14:2a:83:5d:c5:80:d2:b4:3a:8a:2e:
92:c0:d2:cc:3d:f3:c6:d6:f9:59:aa:8c:88:a9:0b:
2e:f8:18:7a:55:e9:5c:1c:78:b3:99:29:94:bc:18:
51:12:22:4d:73:6a:1b:8d:f7:b8:76:a9:70:d8:01:
00:7c:d1:4b:39:0a:a5:c2:51:d4:a3:f8:1f:0d:ea:
54:ea:48:11:1c:12:d8:d8:7e:35:04:bf:40:7b:41:
6d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FB:93:73:B1:5E:99:2E:C5:D1:D4:07:27:F0:F0:42:74:EE:B7:2B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1071032-5bb5-48fb-ad34-13668ce372b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da2d::/36
Signature Algorithm: sha256WithRSAEncryption
56:0b:c0:47:d9:4e:9f:0f:05:cd:34:b7:af:05:3d:8c:a4:a0:
4b:3c:fb:11:a8:08:4d:b4:2d:d1:af:2d:89:8b:3c:e1:6f:83:
4f:17:a5:a3:5a:26:c3:18:70:bb:3e:66:99:95:c0:49:23:2c:
6f:5a:23:43:df:6b:c8:16:22:73:aa:83:fd:f9:cf:ba:79:d9:
8d:17:12:99:06:32:38:e9:47:e9:0c:f6:60:0a:d1:db:16:c0:
72:33:09:56:29:93:36:71:14:08:ae:42:35:e6:55:2e:c5:1b:
c3:da:ae:17:2c:88:42:29:1e:8c:69:1a:de:9b:96:9f:bc:b6:
f1:a2:22:3e:6e:8f:fe:a2:5f:32:77:a5:6b:52:ba:6a:d3:73:
87:6b:b9:3a:70:6d:64:c9:94:4e:26:2f:49:e3:fb:24:0a:da:
07:f1:09:24:fe:c9:b8:29:cc:14:ef:87:c7:50:d1:29:b0:56:
2f:08:ef:51:5e:cd:89:a2:55:82:dd:1b:6d:a1:7e:18:e0:1b:
c8:da:ca:c6:b4:26:10:4f:48:d1:02:34:a0:98:01:d8:9c:11:
a7:01:a5:a2:42:26:1d:dd:0e:d0:9c:36:de:b7:f3:d6:de:35:
07:e8:ae:90:f8:93:5f:48:11:6d:8f:80:cb:fe:eb:e7:1d:bb:
b4:cd:70:b1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFNtDxz9UFXguoVqXRRi6DsZf01gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxOTAwMDAwNFoX
DTI1MDQyMzIzNTk1OVowejFJMEcGA1UEBRNANTlhY2E0ZDQ4MTNjNGE4N2U4ODFl
OTJlY2YxMzMzN2Q3N2JkNGZhMjc2NzVmYmNmMzc4ZDEyYmY3ZDk0YTQ1ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PEQadoG8bIyMbtz12dKqae3YzEx
pCShUQ4u0h6DJHzSHyrwEmfxUiBgtSwyXhCffHsL5dlibuEPdeLsu1Ldg+iacoJC
pCoWRToMu/uf8YRrDHu3JtlVZGtw6lcUM7nHGr9hL1zAtvwt0sjQC2AwpIGYkedP
l244ux56TgybCQgzEY9sh+b9Wp5JOkXi/57Lg/4Q54bjpD7uYqA+80ll6JAaahSS
pK4DFCqDXcWA0rQ6ii6SwNLMPfPG1vlZqoyIqQsu+Bh6VelcHHizmSmUvBhREiJN
c2objfe4dqlw2AEAfNFLOQqlwlHUo/gfDepU6kgRHBLY2H41BL9Ae0FtxQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBr7k3OxXpkuxdHUByfw8EJ07rcrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QxMDcxMDMyLTViYjUtNDhmYi1hZDM0LTEzNjY4Y2UzNzJiNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaLQAwDQYJKoZIhvcNAQELBQADggEBAFYLwEfZTp8PBc00t68F
PYykoEs8+xGoCE20LdGvLYmLPOFvg08XpaNaJsMYcLs+ZpmVwEkjLG9aI0Pfa8gW
InOqg/35z7p52Y0XEpkGMjjpR+kM9mAK0dsWwHIzCVYpkzZxFAiuQjXmVS7FG8Pa
rhcsiEIpHoxpGt6blp+8tvGiIj5uj/6iXzJ3pWtSumrTc4druTpwbWTJlE4mL0nj
+yQK2gfxCST+ybgpzBTvh8dQ0SmwVi8I71FezYmiVYLdG22hfhjgG8jaysa0JhBP
SNECNKCYAdicEacBpaJCJh3dDtCcNt6389beNQforpD4k19IEW2PgMv+6+cdu7TN
cLE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:58:47 2025 by rpki-client