Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa
File: f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa (raw, json)
Hash identifier: UiAIiu42etQLsL+rHI+VpSJg7B1BuDJhuPcYZ8ckgWA=
Subject key identifier: 76:0C:76:74:C8:52:5A:C9:4E:4F:A6:FA:81:A3:9E:F8:31:FB:95:38
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 31C98E435377B2516B4DC9CD54A059AE451AB749
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa
Signing time: Fri 21 Mar 2025 00:01:31 +0000
ROA not before: Fri 21 Mar 2025 00:01:31 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:6000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c9:8e:43:53:77:b2:51:6b:4d:c9:cd:54:a0:59:ae:45:1a:b7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 21 00:01:31 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:04:e6:0e:76:1b:2c:f2:a1:14:b8:4d:b5:6b:
2f:db:91:3b:ac:b9:16:88:4d:3d:b8:e2:89:76:04:
73:f9:8c:ae:54:bb:31:4a:72:69:1f:83:58:78:e9:
b1:9a:7d:40:27:8a:8b:53:27:3d:40:69:f8:28:b6:
01:97:c7:6d:aa:d9:15:4d:e6:f6:9a:8c:80:e9:c0:
16:a3:e5:c7:91:f2:41:57:71:2c:f7:0f:2e:16:c7:
a3:13:3b:01:b4:d1:08:10:77:3c:c6:33:96:17:c6:
f0:ed:80:bc:ce:30:39:3a:9b:89:1e:90:83:a9:e3:
e4:19:f9:6f:0d:37:d8:d9:87:7b:3a:03:81:af:67:
15:bc:52:ea:23:69:42:4a:ea:b3:73:b5:24:bc:ae:
93:c7:04:9e:ac:cc:38:bd:7f:e9:bb:2f:8d:8e:fe:
c6:bb:d1:2b:ed:14:b5:ef:6a:20:b6:bb:cd:de:c5:
7a:59:4c:68:b2:49:7d:97:0a:4b:2d:10:d0:8d:f1:
f5:82:8f:2b:4c:20:80:0a:59:e2:d4:02:a1:16:dd:
a3:e4:31:e3:37:36:cc:5b:6e:d7:4a:d3:2e:3f:fe:
54:43:85:05:2a:ca:1e:0d:54:04:dd:c7:5e:e7:f7:
d7:e2:a4:1d:6f:f5:25:10:6b:70:02:b0:8d:82:b3:
62:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0C:76:74:C8:52:5A:C9:4E:4F:A6:FA:81:A3:9E:F8:31:FB:95:38
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:6000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:8c:fa:59:1b:c2:03:e6:ed:8e:b3:a4:0c:59:75:cf:f8:50:
3d:ed:f6:d9:8d:4d:4c:65:9f:f9:28:d6:52:bc:2a:9c:65:72:
99:ed:ec:f7:92:72:ab:e6:cf:36:1b:5c:f7:64:a1:02:b1:c7:
4e:76:14:3b:9d:9c:5d:37:e8:4b:d3:25:e1:68:d3:0c:d9:23:
26:7e:29:52:e4:55:70:f1:a0:2f:3c:73:74:7a:62:8b:b2:5b:
43:24:8d:06:63:31:5c:12:15:43:27:e5:58:8a:12:b6:62:7e:
da:8f:5d:0a:d7:ba:ad:32:d5:07:bf:81:24:27:1f:b1:82:03:
ea:26:96:84:38:af:40:9a:12:fe:18:18:2b:ec:93:9e:2b:fb:
55:25:29:e6:d6:92:ef:93:65:13:f0:59:76:9e:5c:46:46:fe:
7d:8d:1d:48:2d:86:f8:b6:f5:36:63:19:16:fe:15:56:d7:6e:
ff:ef:63:7e:63:e4:fa:de:b9:c3:fd:53:4d:cc:2c:6c:98:c4:
f1:dc:8b:46:53:07:ae:8f:d5:9f:b0:59:5a:dc:9d:0f:36:4d:
32:af:1d:d3:5b:f7:cb:17:d7:79:f4:eb:d0:9b:a3:ee:a0:00:
f2:2b:44:ed:c2:df:9f:40:af:6e:c7:9f:e2:b1:18:fe:d0:b2:
af:6e:71:2d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMcmOQ1N3slFrTcnNVKBZrkUat0kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMTAwMDEzMVoX
DTI1MDQyNTIzNTk1OVowejFJMEcGA1UEBRNANGEwYTlhNzU4MzE5ZDQyMWI2ZDI4
OWEyZDQxNTAxN2MyNTQ1YzI1YjNkN2Y1YjUyNjAzMzVjZGNiM2E2ZTY2ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApATmDnYbLPKhFLhNtWsv25E7rLkW
iE09uOKJdgRz+YyuVLsxSnJpH4NYeOmxmn1AJ4qLUyc9QGn4KLYBl8dtqtkVTeb2
moyA6cAWo+XHkfJBV3Es9w8uFsejEzsBtNEIEHc8xjOWF8bw7YC8zjA5OpuJHpCD
qePkGflvDTfY2Yd7OgOBr2cVvFLqI2lCSuqzc7UkvK6TxwSerMw4vX/puy+Njv7G
u9Er7RS172ogtrvN3sV6WUxoskl9lwpLLRDQjfH1go8rTCCAClni1AKhFt2j5DHj
NzbMW27XStMuP/5UQ4UFKsoeDVQE3cde5/fX4qQdb/UlEGtwArCNgrNiwwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHYMdnTIUlrJTk+m+oGjnvgx+5U4MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YyZGQ2YTA3LWVmYTEtNGE2Ni05ZjA3LTE3OWMyZTZkNDU3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYGAwDQYJKoZIhvcNAQELBQADggEBABqM+lkbwgPm7Y6zpAxZ
dc/4UD3t9tmNTUxln/ko1lK8Kpxlcpnt7PeScqvmzzYbXPdkoQKxx052FDudnF03
6EvTJeFo0wzZIyZ+KVLkVXDxoC88c3R6YouyW0MkjQZjMVwSFUMn5ViKErZiftqP
XQrXuq0y1Qe/gSQnH7GCA+omloQ4r0CaEv4YGCvsk54r+1UlKebWku+TZRPwWXae
XEZG/n2NHUgthvi29TZjGRb+FVbXbv/vY35j5PreucP9U03MLGyYxPHci0ZTB66P
1Z+wWVrcnQ82TTKvHdNb98sX13n069Cbo+6gAPIrRO3C359Ar27Hn+KxGP7Qsq9u
cS0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:26:33 2025 by rpki-client