Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eacfa5f2-c2f1-4598-9f48-250101b745dd.roa
File: eacfa5f2-c2f1-4598-9f48-250101b745dd.roa (raw, json)
Hash identifier: l9zJkCWu1ZgOYqpZEdqZGdtLuMT128tfubw0dndEDs0=
Subject key identifier: 50:F9:D6:B5:2A:65:7B:8C:98:CC:53:B5:CA:6A:BD:34:D0:19:24:9B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4CC992EADCF78FFD58847809B7C9DD4206BB3B77
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eacfa5f2-c2f1-4598-9f48-250101b745dd.roa
Signing time: Fri 28 Mar 2025 00:00:34 +0000
ROA not before: Fri 28 Mar 2025 00:00:34 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daee:f000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:c9:92:ea:dc:f7:8f:fd:58:84:78:09:b7:c9:dd:42:06:bb:3b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 28 00:00:34 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:11:ab:24:d8:ec:37:66:bb:82:77:60:89:0e:
cc:1d:df:09:80:99:36:87:e8:a2:fc:e7:5e:ec:d9:
10:e0:3b:c4:50:fa:8f:65:ab:12:a1:44:7a:07:7f:
0f:09:8a:02:80:cf:83:10:f1:ba:b5:bd:8e:74:62:
21:8e:89:d3:19:d6:15:a0:54:d6:45:6b:48:7e:69:
fa:ae:c8:96:35:62:a2:c1:00:d1:e4:6d:f2:bf:14:
3d:ab:6c:7c:54:cf:ff:bb:9b:04:6a:d8:4a:48:be:
41:2d:8c:42:3e:8b:12:4c:8a:3c:6a:7d:ae:f4:69:
4b:0b:94:40:ba:8d:3b:5a:9a:bc:de:a8:dc:47:f2:
6c:b3:26:01:5d:4a:cf:dd:a0:75:ac:31:6e:6e:46:
1a:fa:bb:05:fd:19:77:c8:f8:4e:cc:44:87:36:0f:
bd:80:16:b4:b1:06:dd:94:54:8c:29:4f:31:b9:d2:
8e:2f:0e:cf:a5:f2:72:69:74:9f:93:2c:72:6c:42:
47:6b:cb:23:d5:83:79:ee:c1:7f:40:a5:b3:48:e0:
a0:bf:55:ef:3f:dd:ca:33:73:24:67:32:24:3c:9f:
ae:c0:33:ed:82:e4:53:f1:63:9d:65:84:89:b4:6d:
17:94:33:5e:0e:49:e5:02:fa:58:d2:7f:9d:43:bd:
85:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F9:D6:B5:2A:65:7B:8C:98:CC:53:B5:CA:6A:BD:34:D0:19:24:9B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eacfa5f2-c2f1-4598-9f48-250101b745dd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daee:f000::/40
Signature Algorithm: sha256WithRSAEncryption
34:5e:26:c5:62:11:45:e7:2d:b3:4a:2a:dd:c0:e3:56:70:dc:
4f:6e:76:4d:90:45:9c:23:29:b4:ad:78:4a:13:c8:47:77:0a:
6f:fa:b4:4b:85:74:5f:9b:d8:60:00:5f:32:62:71:68:1c:9b:
6d:d9:46:1c:a0:4c:fc:0b:8d:52:81:c5:4d:b6:fb:46:f9:6b:
1d:02:e1:73:68:ad:5e:46:87:de:f6:d8:a9:04:42:79:27:2e:
fa:53:23:01:8c:33:41:7a:88:a3:6a:d9:cf:46:08:e9:2d:d1:
dc:8f:71:b4:ec:72:cf:7f:81:c9:0d:e7:6e:a3:06:f7:c5:23:
ba:2a:50:dc:dd:ec:9d:00:ba:b8:ef:b3:ac:ca:a4:30:63:19:
37:66:4f:1a:f4:7d:26:d1:99:47:6e:f8:f0:2a:ab:35:6e:ec:
82:d9:64:70:a1:99:b3:6e:e5:30:50:ae:31:2b:be:37:36:13:
66:23:30:6d:cd:d2:72:a5:df:70:85:76:2a:d8:f3:47:17:ea:
c5:ce:63:36:dc:41:82:02:51:a6:0b:46:21:70:9f:ca:38:37:
73:e6:47:20:31:86:7e:b6:75:3a:7f:f8:4f:6c:e9:ee:9e:dd:
36:06:a9:b1:0f:2f:64:c3:82:99:b7:6a:dc:d8:92:9f:72:24:
62:1f:6c:fd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUTMmS6tz3j/1YhHgJt8ndQga7O3cwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyODAwMDAzNFoX
DTI1MDUwMjIzNTk1OVowejFJMEcGA1UEBRNAMTdlOGMxM2ZiMDg5YjE5NDBjN2Zk
MGU4MGE5OWNiNDg0ZjBiZWI3YTkzZmMzMWNhNDI2MjEzMmIzNzdmYmU4NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hGrJNjsN2a7gndgiQ7MHd8JgJk2
h+ii/Ode7NkQ4DvEUPqPZasSoUR6B38PCYoCgM+DEPG6tb2OdGIhjonTGdYVoFTW
RWtIfmn6rsiWNWKiwQDR5G3yvxQ9q2x8VM//u5sEathKSL5BLYxCPosSTIo8an2u
9GlLC5RAuo07Wpq83qjcR/JssyYBXUrP3aB1rDFubkYa+rsF/Rl3yPhOzESHNg+9
gBa0sQbdlFSMKU8xudKOLw7PpfJyaXSfkyxybEJHa8sj1YN57sF/QKWzSOCgv1Xv
P93KM3MkZzIkPJ+uwDPtguRT8WOdZYSJtG0XlDNeDknlAvpY0n+dQ72FzQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFD51rUqZXuMmMxTtcpqvTTQGSSbMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VhY2ZhNWYyLWMyZjEtNDU5OC05ZjQ4LTI1MDEwMWI3NDVkZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7vAwDQYJKoZIhvcNAQELBQADggEBADReJsViEUXnLbNKKt3A
41Zw3E9udk2QRZwjKbSteEoTyEd3Cm/6tEuFdF+b2GAAXzJicWgcm23ZRhygTPwL
jVKBxU22+0b5ax0C4XNorV5Gh9722KkEQnknLvpTIwGMM0F6iKNq2c9GCOkt0dyP
cbTscs9/gckN526jBvfFI7oqUNzd7J0Aurjvs6zKpDBjGTdmTxr0fSbRmUdu+PAq
qzVu7ILZZHChmbNu5TBQrjErvjc2E2YjMG3N0nKl33CFdirY80cX6sXOYzbcQYIC
UaYLRiFwn8o4N3PmRyAxhn62dTp/+E9s6e6e3TYGqbEPL2TDgpm3atzYkp9yJGIf
bP0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:13:54 2025 by rpki-client