Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f872164c-416d-44ed-81ce-172f02efdfbf.roa
File: f872164c-416d-44ed-81ce-172f02efdfbf.roa (raw, json)
Hash identifier: nubkXcaZK0bmqxk9KclbHk6u658e0HT3pCIIN33UgdM=
Subject key identifier: 92:13:3E:CE:AE:8C:3A:28:B1:80:B2:AA:EE:DB:8E:FD:B8:3F:CD:2A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5DCDF65E453A55612606657148D7021939ECBA33
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f872164c-416d-44ed-81ce-172f02efdfbf.roa
Signing time: Tue 18 Mar 2025 00:01:02 +0000
ROA not before: Tue 18 Mar 2025 00:01:02 +0000
ROA not after: Tue 22 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da26::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:cd:f6:5e:45:3a:55:61:26:06:65:71:48:d7:02:19:39:ec:ba:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 18 00:01:02 2025 GMT
Not After : Apr 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c4:ab:aa:66:b9:da:bb:75:7c:13:84:72:49:
da:b8:5a:b2:63:6c:37:7e:2c:28:15:02:6c:b8:d0:
9b:e8:d9:df:1c:ae:16:ec:d4:15:5d:86:eb:87:9d:
b1:f8:a3:4b:5e:b3:ba:70:ad:5d:f6:5f:57:40:72:
a1:7b:32:23:2d:27:56:4a:88:66:54:32:51:07:42:
da:8b:ff:41:0c:2c:1e:70:3e:fe:21:8b:f9:2d:5d:
ff:b6:46:72:e3:57:27:07:a6:40:f3:1c:02:2d:38:
23:9f:05:73:1e:53:20:b1:27:8d:fb:2b:9a:6d:fb:
5c:8c:02:47:62:00:bf:1f:ae:a9:08:8b:39:96:ba:
d5:0e:df:43:ef:4a:3e:47:23:e8:26:bd:57:83:6b:
bd:a8:6b:d2:31:c9:8f:f1:62:e0:7a:23:fd:68:8f:
bb:b1:62:b3:f4:d5:57:91:35:6d:a5:2b:95:86:d5:
93:d8:b6:dd:f6:23:ad:30:6c:8e:7b:71:21:39:55:
b9:d8:cb:02:48:f9:b8:47:7d:f9:7c:59:36:13:24:
b7:fc:20:2c:bf:15:c1:d1:a3:75:e4:8e:a2:a4:d6:
20:3d:b1:3d:28:c5:be:45:59:af:19:81:db:9f:9f:
b0:8f:41:70:38:d7:53:ee:31:be:55:49:30:88:58:
ea:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:13:3E:CE:AE:8C:3A:28:B1:80:B2:AA:EE:DB:8E:FD:B8:3F:CD:2A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f872164c-416d-44ed-81ce-172f02efdfbf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da26::/36
Signature Algorithm: sha256WithRSAEncryption
4e:3b:4c:98:90:cc:63:89:ed:51:ed:32:8d:03:ed:4a:60:fb:
50:25:d8:80:44:49:4f:9d:89:d5:8c:d0:48:52:12:d0:36:44:
de:be:da:1e:c3:8a:da:ed:d9:14:f7:f0:6e:48:b3:dc:1e:8f:
ad:90:da:d0:9a:a9:b9:26:0c:25:8b:b4:ad:7e:52:9a:b8:d0:
80:31:62:b4:b8:fc:5b:02:f7:28:ef:41:c8:ab:54:b2:76:31:
59:d5:36:4b:29:1a:73:a4:02:e2:c7:5d:ee:05:c4:a6:a8:6a:
6f:e0:6d:39:d0:c3:07:3d:00:e9:15:62:ac:06:e5:6d:48:fa:
10:0d:b3:e0:ee:d8:d4:61:dc:c2:4a:de:2e:22:b1:56:3c:45:
29:92:ed:fa:4b:a0:f1:9b:48:8d:bc:fd:28:a5:21:61:bc:08:
d1:31:10:5f:a2:b5:ec:d5:6b:da:db:68:f6:26:4b:09:84:42:
df:c1:59:7a:cf:ad:7f:79:f6:e8:a6:f2:ac:cc:f4:79:87:13:
ef:63:85:4c:8d:84:b1:a9:1f:63:dd:7a:9a:fc:18:95:28:2d:
29:57:9b:6b:78:42:53:d6:09:0d:fa:bd:f3:b8:1e:ed:ad:bb:
77:1b:27:c8:d6:15:17:f9:13:1b:73:8f:7a:d4:52:04:9b:7b:
97:f0:6e:5f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXc32XkU6VWEmBmVxSNcCGTnsujMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMxODAwMDEwMloX
DTI1MDQyMjIzNTk1OVowejFJMEcGA1UEBRNANWE3ZTRjYjY2NDY3ZDdhOTg4MzJj
NTk2Y2E3ODNkYjY2YmU2Y2YyN2FiYmNhNzBkMTdkMmNmYWY2ZjhhOWZmODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMSrqma52rt1fBOEcknauFqyY2w3
fiwoFQJsuNCb6NnfHK4W7NQVXYbrh52x+KNLXrO6cK1d9l9XQHKhezIjLSdWSohm
VDJRB0Lai/9BDCwecD7+IYv5LV3/tkZy41cnB6ZA8xwCLTgjnwVzHlMgsSeN+yua
bftcjAJHYgC/H66pCIs5lrrVDt9D70o+RyPoJr1Xg2u9qGvSMcmP8WLgeiP9aI+7
sWKz9NVXkTVtpSuVhtWT2Lbd9iOtMGyOe3EhOVW52MsCSPm4R335fFk2EyS3/CAs
vxXB0aN15I6ipNYgPbE9KMW+RVmvGYHbn5+wj0FwONdT7jG+VUkwiFjqWQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJITPs6ujDoosYCyqu7bjv24P80qMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y4NzIxNjRjLTQxNmQtNDRlZC04MWNlLTE3MmYwMmVmZGZiZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaJgAwDQYJKoZIhvcNAQELBQADggEBAE47TJiQzGOJ7VHtMo0D
7Upg+1Al2IBESU+didWM0EhSEtA2RN6+2h7Ditrt2RT38G5Is9wej62Q2tCaqbkm
DCWLtK1+Upq40IAxYrS4/FsC9yjvQcirVLJ2MVnVNkspGnOkAuLHXe4FxKaoam/g
bTnQwwc9AOkVYqwG5W1I+hANs+Du2NRh3MJK3i4isVY8RSmS7fpLoPGbSI28/Sil
IWG8CNExEF+itezVa9rbaPYmSwmEQt/BWXrPrX959uim8qzM9HmHE+9jhUyNhLGp
H2Pdepr8GJUoLSlXm2t4QlPWCQ36vfO4Hu2tu3cbJ8jWFRf5Extzj3rUUgSbe5fw
bl8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:04:08 2025 by rpki-client