Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa
File: df283100-6f05-4533-89fd-648b23de2ce4.roa (raw, json)
Hash identifier: eAKGmr2l+4r7JwZ+cQ4TM9JDCij8jkrwK/AaorYdcsw=
Subject key identifier: 3D:3C:A8:EF:46:A0:F1:81:06:69:79:67:09:A5:36:8D:9B:6B:E5:A9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 602EDFD4AD68C9CCDFE8C6F1F78DEEEC2BD8F02B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa
Signing time: Tue 18 Mar 2025 00:00:13 +0000
ROA not before: Tue 18 Mar 2025 00:00:13 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da25::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:2e:df:d4:ad:68:c9:cc:df:e8:c6:f1:f7:8d:ee:ec:2b:d8:f0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 18 00:00:13 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:09:01:ff:a4:32:c2:0f:e6:04:0f:be:01:bf:
1a:54:ac:74:3d:7d:3e:df:d5:e2:4f:aa:07:06:1d:
92:35:4a:f2:02:67:e1:b5:b9:31:18:17:79:9c:f0:
69:f1:31:22:19:a7:26:f2:f0:68:c1:9c:5c:5c:92:
eb:f8:35:a0:22:97:37:f4:00:c1:05:28:b2:dd:25:
93:90:0f:76:7b:0f:17:fe:91:2a:96:1e:bf:a3:24:
2d:72:1f:bb:5a:1a:80:1f:d6:2e:6b:71:99:6c:95:
91:ed:2f:53:a2:3a:7b:d6:9d:1e:99:70:ed:37:63:
84:80:7b:13:b1:be:04:01:33:d4:30:e3:ee:93:d1:
d3:b3:23:5c:07:ec:e3:93:be:72:e7:bc:9e:94:1c:
1f:47:f7:93:9f:23:a0:9a:e0:5f:e3:63:30:69:f5:
f6:87:b1:27:e2:3d:ba:e1:5c:1a:53:10:07:37:52:
b1:e0:37:5f:51:b7:a1:92:88:d7:ed:e3:21:fb:a5:
38:e0:37:47:a5:94:31:84:72:cb:49:e2:3b:07:a7:
e0:4b:16:ed:66:6a:e7:28:0d:09:2c:b3:a8:c7:8b:
90:e9:c2:35:20:3f:f8:6d:b1:15:a6:85:35:93:9f:
10:21:48:4d:2e:83:4e:bb:1f:3a:ec:77:80:e7:b4:
03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3C:A8:EF:46:A0:F1:81:06:69:79:67:09:A5:36:8D:9B:6B:E5:A9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da25::/36
Signature Algorithm: sha256WithRSAEncryption
9b:66:b5:4e:2f:ed:71:cf:11:c4:af:15:10:00:7e:ca:e8:87:
bf:77:f1:14:fc:2b:e0:c0:52:fd:4a:e9:05:ac:ee:52:7a:a2:
4f:e6:7a:bd:ca:47:15:21:ea:88:80:97:98:88:4a:5b:6f:63:
57:e4:e3:d6:58:71:1d:8a:85:f3:6e:e0:29:fb:7d:8b:de:01:
b0:46:7b:9f:ab:e5:28:da:45:f4:fc:b4:dd:60:cd:19:8f:07:
a9:43:97:b8:53:50:45:b9:f7:d5:b5:20:5a:62:85:8b:d9:56:
d9:4d:46:43:42:92:b9:cc:45:d7:15:de:cc:42:fe:42:d4:5d:
27:a0:1a:71:f9:b3:b7:c7:aa:be:6d:9a:cb:5a:aa:79:c6:33:
bc:96:ff:ce:b2:7a:c5:96:f0:f7:82:e6:04:9c:95:c8:c2:5d:
98:e5:39:61:8c:6f:de:94:8a:19:c5:99:2d:88:c3:6e:d6:a4:
f3:6b:e6:40:ac:28:c8:86:a1:96:c6:00:40:78:46:77:e0:95:
6b:3a:74:22:16:34:d4:b1:ec:ea:ff:bf:b0:eb:86:48:51:89:
05:9a:f6:f4:d1:f0:3b:9d:b0:62:b8:98:e4:8b:b3:7f:e9:b2:
c6:65:26:06:44:12:e8:6c:63:ef:a8:8d:aa:82:f1:01:ce:84:
15:ed:1c:af
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYC7f1K1oyczf6Mbx943u7CvY8CswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxODAwMDAxM1oX
DTI1MDQyMjIzNTk1OVowejFJMEcGA1UEBRNANDk4MWQ2YTM1NTE4Y2M0YWMyZTJk
NjFhNmRhZDdmMWIxZjkxNjg4NGRjZDEzZGViZjAzZTBiMDUwMjJhMzQ4MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gkB/6Qywg/mBA++Ab8aVKx0PX0+
39XiT6oHBh2SNUryAmfhtbkxGBd5nPBp8TEiGacm8vBowZxcXJLr+DWgIpc39ADB
BSiy3SWTkA92ew8X/pEqlh6/oyQtch+7WhqAH9Yua3GZbJWR7S9Tojp71p0emXDt
N2OEgHsTsb4EATPUMOPuk9HTsyNcB+zjk75y57yelBwfR/eTnyOgmuBf42MwafX2
h7En4j264VwaUxAHN1Kx4DdfUbehkojX7eMh+6U44DdHpZQxhHLLSeI7B6fgSxbt
ZmrnKA0JLLOox4uQ6cI1ID/4bbEVpoU1k58QIUhNLoNOux867HeA57QDLwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD08qO9GoPGBBml5ZwmlNo2ba+WpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RmMjgzMTAwLTZmMDUtNDUzMy04OWZkLTY0OGIyM2RlMmNlNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaJQAwDQYJKoZIhvcNAQELBQADggEBAJtmtU4v7XHPEcSvFRAA
fsroh7938RT8K+DAUv1K6QWs7lJ6ok/mer3KRxUh6oiAl5iISltvY1fk49ZYcR2K
hfNu4Cn7fYveAbBGe5+r5SjaRfT8tN1gzRmPB6lDl7hTUEW599W1IFpihYvZVtlN
RkNCkrnMRdcV3sxC/kLUXSegGnH5s7fHqr5tmstaqnnGM7yW/86yesWW8PeC5gSc
lcjCXZjlOWGMb96UihnFmS2Iw27WpPNr5kCsKMiGoZbGAEB4RnfglWs6dCIWNNSx
7Or/v7DrhkhRiQWa9vTR8DudsGK4mOSLs3/pssZlJgZEEuhsY++ojaqC8QHOhBXt
HK8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 10:23:20 2025 by rpki-client