Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa
File: ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa (raw, json)
Hash identifier: m180qkYvPwwG4NHNa5MLWzpnbT1D0ihoQqdWaJVNZ9g=
Subject key identifier: 5A:E4:55:0D:26:45:D1:65:5A:1B:FC:FD:0D:84:39:F1:F2:28:24:91
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 27CF1FC441C91003DFB3CC65B6D6AA6C6D1AF8DD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa
Signing time: Fri 21 Mar 2025 00:01:38 +0000
ROA not before: Fri 21 Mar 2025 00:01:38 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:cf:1f:c4:41:c9:10:03:df:b3:cc:65:b6:d6:aa:6c:6d:1a:f8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 21 00:01:38 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:73:cc:70:20:54:87:24:56:c5:e1:32:54:e7:
3a:92:60:2a:c2:99:ff:df:42:b8:e3:f8:2d:21:8b:
73:af:e1:33:bb:18:1e:f7:df:da:12:fa:bb:8a:02:
9e:e5:f6:d6:71:d0:ed:4d:aa:b9:64:8a:e4:50:47:
85:b7:14:d1:7c:8b:b9:85:4a:7c:9a:16:2e:5d:06:
0e:0f:bd:ef:fd:11:9a:ae:7e:2f:e0:ea:98:a0:cf:
57:f7:59:17:f2:30:35:e9:7a:14:35:03:66:15:36:
12:e7:43:e1:9d:6b:16:08:2b:52:ad:c7:ae:35:cc:
42:21:2e:fa:0e:c8:ea:77:3d:33:fb:80:13:ef:07:
6b:13:a5:1e:d3:0b:02:7a:ba:c6:bb:70:d8:74:51:
66:fa:37:01:b7:f6:2d:09:36:8b:06:22:11:33:24:
b3:87:47:e8:4f:e8:9a:34:6c:e2:29:ac:96:3c:d9:
ad:a3:f0:80:24:3b:7c:74:6b:c0:db:9d:c2:73:d7:
f4:12:ae:ff:7d:e6:05:93:15:16:44:4b:b3:68:6f:
85:f9:50:5f:9b:94:0f:7c:b2:23:2b:38:76:ad:a3:
15:a3:6f:b0:eb:ff:62:f3:02:90:e3:25:f0:8d:0d:
22:1c:d6:3c:8c:3a:c4:c5:02:58:39:d0:f5:e1:1f:
42:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E4:55:0D:26:45:D1:65:5A:1B:FC:FD:0D:84:39:F1:F2:28:24:91
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:1000::/40
Signature Algorithm: sha256WithRSAEncryption
48:14:7a:2f:bb:cb:13:a5:1c:d2:ae:ec:cb:08:14:ed:52:d1:
8d:4c:a3:fc:bb:bc:80:97:49:35:02:9e:b8:57:58:76:f2:71:
4f:87:35:57:04:15:20:06:ed:c8:e0:2f:30:e5:17:08:cf:7f:
b5:46:83:d6:46:a8:a9:f4:8b:7d:83:f5:ea:d1:e7:9d:08:dd:
5d:9e:08:16:a7:63:be:54:30:3a:ce:fb:26:90:ed:d5:d4:27:
f4:b4:c4:78:4d:78:11:f2:d8:42:f8:27:09:cf:af:b6:8f:74:
95:90:f7:be:b4:83:1d:57:08:01:1e:d1:f5:fa:64:f8:f4:71:
f8:6d:ec:98:15:3e:4a:a9:95:94:ab:30:c0:e8:7a:5e:c0:06:
09:fa:e6:f8:bd:be:1d:3f:28:5f:47:1d:48:33:8d:2f:e5:23:
66:72:7e:10:81:89:2c:e0:53:48:d4:62:b9:80:d7:36:9f:2b:
70:9e:b2:e6:2b:73:b7:a9:ad:55:2c:6e:d5:d3:e9:b8:07:74:
61:9e:15:6d:96:60:45:a3:72:12:79:17:c4:9f:1a:6c:5d:61:
b0:22:c6:9e:7f:e8:25:27:c3:3d:5c:0c:92:e1:c6:ac:65:cd:
7d:d2:a1:71:29:9c:82:10:55:63:40:6b:4e:49:b1:e8:58:87:
e9:06:93:37
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJ88fxEHJEAPfs8xlttaqbG0a+N0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMTAwMDEzOFoX
DTI1MDQyNTIzNTk1OVowejFJMEcGA1UEBRNAMDhmMjE0Njc2NGRmNWVjYzRkMjAz
MDVkYjIzNjAwNGRlYjc4M2Y1MDFhYmZmMDk0ZWYxOWIyZGU5ZTI5YjU5MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nPMcCBUhyRWxeEyVOc6kmAqwpn/
30K44/gtIYtzr+Ezuxge99/aEvq7igKe5fbWcdDtTaq5ZIrkUEeFtxTRfIu5hUp8
mhYuXQYOD73v/RGarn4v4OqYoM9X91kX8jA16XoUNQNmFTYS50PhnWsWCCtSrceu
NcxCIS76Dsjqdz0z+4AT7wdrE6Ue0wsCerrGu3DYdFFm+jcBt/YtCTaLBiIRMySz
h0foT+iaNGziKayWPNmto/CAJDt8dGvA253Cc9f0Eq7/feYFkxUWREuzaG+F+VBf
m5QPfLIjKzh2raMVo2+w6/9i8wKQ4yXwjQ0iHNY8jDrExQJYOdD14R9CNwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFrkVQ0mRdFlWhv8/Q2EOfHyKCSRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RkYmYzYTJjLTlhODEtNDUwZi05MGJmLTFhMjE1OWU1YjQ4YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYBAwDQYJKoZIhvcNAQELBQADggEBAEgUei+7yxOlHNKu7MsI
FO1S0Y1Mo/y7vICXSTUCnrhXWHbycU+HNVcEFSAG7cjgLzDlFwjPf7VGg9ZGqKn0
i32D9erR550I3V2eCBanY75UMDrO+yaQ7dXUJ/S0xHhNeBHy2EL4JwnPr7aPdJWQ
9760gx1XCAEe0fX6ZPj0cfht7JgVPkqplZSrMMDoel7ABgn65vi9vh0/KF9HHUgz
jS/lI2ZyfhCBiSzgU0jUYrmA1zafK3CesuYrc7eprVUsbtXT6bgHdGGeFW2WYEWj
chJ5F8SfGmxdYbAixp5/6CUnwz1cDJLhxqxlzX3SoXEpnIIQVWNAa05JsehYh+kG
kzc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:34 2025 by rpki-client