Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa
File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json)
Hash identifier: VKgVOQShie19EFMSqDLNnrA7nNaFzWbvoVEMRJA6GsY=
Subject key identifier: DB:73:98:4E:0F:D7:30:DF:0D:0C:4F:DD:E3:21:97:C3:26:D9:69:D7
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3435D5D966B281A0CFD16B449FA6E6554E785BA3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa
Signing time: Tue 18 Mar 2025 00:00:46 +0000
ROA not before: Tue 18 Mar 2025 00:00:46 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf5:c000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:35:d5:d9:66:b2:81:a0:cf:d1:6b:44:9f:a6:e6:55:4e:78:5b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 18 00:00:46 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c9:56:e2:87:46:e6:3e:2a:9e:d5:1e:32:45:
26:70:2d:c8:f3:5a:a9:d6:78:04:64:28:16:3b:c9:
3a:cd:4d:4a:05:31:0c:8d:5b:9b:e3:67:55:f1:9d:
e7:29:0d:54:e3:f6:1e:1f:fb:c7:54:b1:cf:d5:68:
2c:9e:f3:67:b0:3d:fd:e4:88:42:cb:0f:f4:9a:02:
bf:88:93:1c:d0:df:69:61:41:36:2f:e4:2f:2f:9c:
20:c5:14:d4:72:8a:ec:a7:fe:87:2f:2a:74:47:2e:
3a:77:23:86:ef:e9:f5:0b:c5:98:6f:53:05:87:05:
43:65:a5:5c:66:8c:52:2b:9c:7c:d4:7f:39:39:8e:
f7:1e:66:51:e5:e0:13:80:58:ce:6a:d6:77:7d:99:
fd:ac:09:0c:d0:eb:a7:c1:a6:04:98:61:d6:ca:24:
63:36:2c:a5:d9:84:7f:c1:3d:fd:6d:bd:bf:cb:6d:
30:82:5d:09:55:15:a5:96:20:d9:81:8f:71:79:8f:
e7:5c:a3:26:fc:e0:60:ea:bf:ff:23:e5:17:69:d4:
e6:2d:bf:b2:d8:d2:cd:f0:f8:20:2d:0e:73:c6:63:
ef:7d:0f:b3:5d:ea:6b:3c:94:8c:9f:cf:30:c1:8b:
83:11:1b:e9:77:f4:af:0d:6e:5d:40:b6:e0:b1:4a:
a9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:73:98:4E:0F:D7:30:DF:0D:0C:4F:DD:E3:21:97:C3:26:D9:69:D7
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf5:c000::/40
Signature Algorithm: sha256WithRSAEncryption
12:a4:52:21:1d:ed:7d:7a:35:10:f6:80:7a:0e:c2:28:1d:35:
c3:06:87:cc:45:a0:68:96:c3:1f:af:6c:f5:cb:65:30:88:16:
35:49:ba:23:16:44:7e:99:a7:44:29:be:e9:81:c7:22:9b:c8:
c3:1e:29:49:66:46:1b:8a:d5:41:a7:fc:c4:87:e1:f1:4a:3e:
80:33:7e:e0:dc:32:d2:36:9e:3e:e7:0e:8c:7b:20:20:12:6b:
1a:14:91:77:d5:c6:90:f1:2f:e1:fe:85:8b:6f:49:73:37:dd:
f1:24:75:31:27:3a:be:09:c6:f2:17:8a:6d:19:a5:31:3c:f4:
62:f7:50:93:e9:ed:c0:b1:ba:f1:d4:d2:9a:64:3c:90:f3:9f:
11:4a:c6:37:3f:d5:96:67:f8:c9:a5:3a:97:c1:b1:1b:49:64:
d6:6b:63:93:13:3a:f6:f9:3b:fa:12:bf:0d:e9:5c:4f:b5:da:
a2:af:01:ef:a5:17:cf:2e:71:b4:84:33:fc:2f:91:09:53:ed:
23:1d:9d:7a:e0:8c:4e:1c:2a:f8:e4:84:5b:61:bb:8f:04:c6:
cf:5d:61:09:b8:31:b3:34:bc:c8:fb:de:d1:cb:a8:4c:db:53:
da:70:3a:be:6a:68:35:9a:e4:9a:64:f2:83:9b:5e:c1:c8:2a:
af:dd:0f:fe
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNDXV2WaygaDP0WtEn6bmVU54W6MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxODAwMDA0NloX
DTI1MDQyMjIzNTk1OVowejFJMEcGA1UEBRNANTcyOWEwZTBhN2QwZjc2MTVjNDFk
YjRlODljM2IxNWZlYWQ1NmFlYTE3MWUzM2ZmM2JlZDUwNTExMTRhNDUwMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMlW4odG5j4qntUeMkUmcC3I81qp
1ngEZCgWO8k6zU1KBTEMjVub42dV8Z3nKQ1U4/YeH/vHVLHP1WgsnvNnsD395IhC
yw/0mgK/iJMc0N9pYUE2L+QvL5wgxRTUcorsp/6HLyp0Ry46dyOG7+n1C8WYb1MF
hwVDZaVcZoxSK5x81H85OY73HmZR5eATgFjOatZ3fZn9rAkM0OunwaYEmGHWyiRj
Niyl2YR/wT39bb2/y20wgl0JVRWlliDZgY9xeY/nXKMm/OBg6r//I+UXadTmLb+y
2NLN8PggLQ5zxmPvfQ+zXeprPJSMn88wwYuDERvpd/SvDW5dQLbgsUqplwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNtzmE4P1zDfDQxP3eMhl8Mm2WnXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBABKkUiEd7X16NRD2gHoO
wigdNcMGh8xFoGiWwx+vbPXLZTCIFjVJuiMWRH6Zp0QpvumBxyKbyMMeKUlmRhuK
1UGn/MSH4fFKPoAzfuDcMtI2nj7nDox7ICASaxoUkXfVxpDxL+H+hYtvSXM33fEk
dTEnOr4JxvIXim0ZpTE89GL3UJPp7cCxuvHU0ppkPJDznxFKxjc/1ZZn+MmlOpfB
sRtJZNZrY5MTOvb5O/oSvw3pXE+12qKvAe+lF88ucbSEM/wvkQlT7SMdnXrgjE4c
KvjkhFthu48Exs9dYQm4MbM0vMj73tHLqEzbU9pwOr5qaDWa5Jpk8oObXsHIKq/d
D/4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:12:55 2025 by rpki-client