Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa
File: f87e20f6-9969-496b-826b-93811df4045b.roa (raw, json)
Hash identifier: rYs8cT2iyIxetps6bCWgidFSswPj8c5a9OfLgkXW2aA=
Subject key identifier: 3B:59:06:C6:9E:24:17:A2:E1:C3:60:99:67:66:8A:1E:D3:69:A6:DA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 276180BDB85384E0801E297135B2D6E7327A591A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa
Signing time: Sat 22 Mar 2025 00:00:56 +0000
ROA not before: Sat 22 Mar 2025 00:00:56 +0000
ROA not after: Sat 26 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:2880::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:61:80:bd:b8:53:84:e0:80:1e:29:71:35:b2:d6:e7:32:7a:59:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 22 00:00:56 2025 GMT
Not After : Apr 26 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fb:d2:ee:f0:fc:b4:58:45:f8:40:bf:6d:5b:
5a:eb:88:83:d5:3e:81:79:da:0a:6d:2f:00:b8:e4:
a8:68:5e:f8:bd:0f:f6:aa:b6:56:ca:fe:9e:81:4e:
4c:36:89:3c:8e:90:3e:aa:69:06:0b:83:50:8a:e0:
be:21:0b:15:8e:b0:45:cd:68:dd:59:47:42:d0:55:
3e:12:14:ce:f7:dc:5a:12:b8:97:a1:60:81:c2:61:
58:73:ba:87:ca:d0:e9:87:05:3a:fd:43:a7:96:04:
ae:24:69:d8:cc:73:55:f9:e5:b2:4f:e8:03:34:f2:
13:72:a7:d7:dc:3a:00:16:22:af:0c:fb:5c:d3:6a:
2c:4c:3a:26:52:9f:67:c8:1a:0e:2a:28:da:71:64:
c6:7a:9c:2f:f7:79:b3:f0:51:0c:75:02:12:47:87:
2a:00:e8:59:a7:65:eb:37:8b:16:78:e0:7c:6f:b9:
f0:25:e3:ec:53:8e:ef:7a:78:bf:be:27:2f:74:da:
26:69:8b:79:ca:cb:56:8f:a3:4c:8d:34:f1:2f:fb:
69:06:a5:e6:02:49:ca:9b:ed:89:68:3a:9d:a6:0a:
54:e7:64:86:34:b9:70:c0:30:f5:f9:c5:5b:f4:d2:
fd:1e:5f:a8:c2:cc:3b:a0:97:5b:67:20:8f:c5:e9:
07:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:59:06:C6:9E:24:17:A2:E1:C3:60:99:67:66:8A:1E:D3:69:A6:DA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:2880::/48
Signature Algorithm: sha256WithRSAEncryption
01:a4:fc:cc:a2:a1:e9:68:79:a9:94:8a:79:6c:d7:43:1e:d1:
25:f4:27:0b:96:a4:ad:2e:7f:ff:ba:6c:0b:80:e4:48:65:e1:
36:ea:33:23:2a:26:4e:f4:df:51:b5:f5:a0:05:6d:57:96:d5:
4a:a0:14:06:b9:45:72:1b:77:a4:b9:80:2c:90:fd:20:72:99:
cd:e6:b9:b7:0c:d2:90:41:69:10:d3:98:77:36:58:1b:c4:1d:
5d:9b:c1:da:f6:73:4f:46:11:d6:11:39:6e:8a:44:b5:4e:fc:
4f:3b:ba:96:2d:02:82:47:19:48:75:e4:9b:b3:83:3d:fd:75:
81:03:41:0d:c8:ff:b2:ed:a6:aa:93:b1:75:ad:d1:db:87:7a:
f6:aa:4d:1c:41:5a:fd:95:15:1e:b2:15:83:43:5b:a6:8d:fa:
fb:31:76:05:06:17:d6:6f:2a:dc:8c:00:ac:b6:59:b9:21:59:
a0:b2:6e:0f:49:09:08:73:bc:ec:61:17:15:3a:bf:c8:74:18:
b3:f5:2e:cd:96:0e:6c:f8:27:b6:a0:ac:76:89:a4:82:1a:b7:
84:25:9e:41:0d:70:d2:a4:25:1d:eb:e0:c8:23:5d:98:ec:81:
b7:7a:bc:35:f7:56:35:c0:54:28:7e:c8:97:fd:e2:d6:23:8c:
69:f1:53:e0
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJ2GAvbhThOCAHilxNbLW5zJ6WRowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMjAwMDA1NloX
DTI1MDQyNjIzNTk1OVowejFJMEcGA1UEBRNAODFiODY5MjI5MTEyMmE2NjVkM2Q2
NmJiMTQwYjQ3ZDE1NTVmZmJlMzRiM2MzZTRmYmI0NmVjZWI3Y2U2Y2JjODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vvS7vD8tFhF+EC/bVta64iD1T6B
edoKbS8AuOSoaF74vQ/2qrZWyv6egU5MNok8jpA+qmkGC4NQiuC+IQsVjrBFzWjd
WUdC0FU+EhTO99xaEriXoWCBwmFYc7qHytDphwU6/UOnlgSuJGnYzHNV+eWyT+gD
NPITcqfX3DoAFiKvDPtc02osTDomUp9nyBoOKijacWTGepwv93mz8FEMdQISR4cq
AOhZp2XrN4sWeOB8b7nwJePsU47veni/vicvdNomaYt5ystWj6NMjTTxL/tpBqXm
AknKm+2JaDqdpgpU52SGNLlwwDD1+cVb9NL9Hl+owsw7oJdbZyCPxekHZwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDtZBsaeJBei4cNgmWdmih7TaabaMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y4N2UyMGY2LTk5NjktNDk2Yi04MjZiLTkzODExZGY0MDQ1Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaACiAMA0GCSqGSIb3DQEBCwUAA4IBAQABpPzMoqHpaHmplIp5
bNdDHtEl9CcLlqStLn//umwLgORIZeE26jMjKiZO9N9RtfWgBW1XltVKoBQGuUVy
G3ekuYAskP0gcpnN5rm3DNKQQWkQ05h3NlgbxB1dm8Ha9nNPRhHWETluikS1TvxP
O7qWLQKCRxlIdeSbs4M9/XWBA0ENyP+y7aaqk7F1rdHbh3r2qk0cQVr9lRUeshWD
Q1umjfr7MXYFBhfWbyrcjACstlm5IVmgsm4PSQkIc7zsYRcVOr/IdBiz9S7Nlg5s
+Ce2oKx2iaSCGreEJZ5BDXDSpCUd6+DII12Y7IG3erw191Y1wFQofsiX/eLWI4xp
8VPg
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:13:01 2025 by rpki-client