Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa
File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json)
Hash identifier: FrIlviMqHADpmvniov4RMw8+CA3+VqUNLe4f3FnNsh4=
Subject key identifier: A6:83:84:87:EA:87:E3:86:88:19:60:CD:51:D4:CC:D9:E8:0F:5A:F6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 71F73B34A1D62E556CC0AF2E63E687713EC92B1B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa
Signing time: Sat 29 Mar 2025 00:01:12 +0000
ROA not before: Sat 29 Mar 2025 00:01:12 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8:800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f7:3b:34:a1:d6:2e:55:6c:c0:af:2e:63:e6:87:71:3e:c9:2b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 29 00:01:12 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:d3:95:7e:25:53:db:80:aa:f3:49:9b:40:
6d:b7:09:de:d9:81:38:b4:84:b3:9a:dd:d2:6c:b2:
04:c3:23:07:6b:4e:59:dd:4d:3a:a9:67:50:59:c2:
63:ef:c6:08:0a:f9:40:01:1f:e8:c2:ff:19:8f:8d:
dd:38:17:26:e2:30:d4:fa:e2:fd:cf:ef:9c:f9:df:
76:4e:27:7f:c2:34:47:b9:47:f6:3d:6e:0d:e8:dc:
a2:4b:18:40:e9:61:1c:db:6c:59:b5:f5:5e:32:e1:
5b:c4:c6:fd:2f:60:d5:fa:e4:bd:07:4f:7d:29:4d:
84:8d:2f:52:00:be:01:ee:e8:f8:b3:f8:f6:22:fe:
6e:af:1e:7d:d5:cb:5e:ca:1c:ab:d8:67:f9:5d:ba:
ef:34:ab:a9:fe:cf:2a:db:0c:c7:8c:42:8c:ed:c1:
0c:ad:77:27:a2:1d:39:d2:a4:32:26:d4:a5:7a:0f:
30:6b:52:da:a3:3f:27:3c:9e:4c:78:a2:de:27:ff:
ba:82:c7:ca:ad:cc:dc:ec:38:41:c2:f7:9e:d5:23:
7c:10:0e:bc:9b:10:77:b4:16:8c:b2:95:bf:cb:c2:
66:2a:1b:f7:e0:7b:bd:4e:7d:2f:bc:a4:1a:22:14:
0f:44:35:67:31:e9:11:f9:2a:67:79:c6:f0:cf:8c:
98:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:83:84:87:EA:87:E3:86:88:19:60:CD:51:D4:CC:D9:E8:0F:5A:F6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8:800::/40
Signature Algorithm: sha256WithRSAEncryption
aa:cb:d3:2a:93:51:2c:c2:b2:96:a3:16:34:4f:1f:04:87:ef:
8f:ef:6d:8f:cd:51:39:f5:79:cb:54:4f:1b:c7:53:6f:1d:8e:
ae:fa:6d:f0:cb:9f:ac:51:2a:0c:2f:fb:ed:ab:61:ac:b7:b1:
29:e6:58:2e:eb:7c:ee:0c:44:4b:37:eb:59:36:b7:d8:dc:6e:
0e:18:2f:25:6a:f9:5c:38:7f:93:a5:84:b1:d0:33:32:05:71:
03:4f:6c:02:8a:7a:b2:f6:ac:cf:ec:1c:53:49:f1:e3:6e:3e:
12:87:68:16:04:06:40:1c:f3:00:2b:e1:3c:5b:1a:a0:17:48:
52:67:c8:a7:6f:19:a9:a6:ae:37:2d:a7:be:99:9d:f6:ea:7b:
8d:ee:77:aa:28:e9:d7:cd:cc:62:d2:83:ac:c7:03:d5:36:7a:
bf:8c:27:5c:57:d6:d6:d9:5c:9d:87:39:ec:06:ae:74:11:02:
d9:45:b5:e7:70:e5:f5:67:21:e6:90:5a:25:e9:71:56:18:2e:
dc:88:74:74:4c:8e:46:73:5b:40:ff:8c:a5:5f:72:5e:97:6f:
b7:10:78:1c:76:bb:7e:48:27:90:d6:37:27:42:11:54:23:72:
4f:84:bf:df:6b:26:ed:0b:75:df:c5:0c:5a:b3:d9:ef:bf:4c:
91:a3:a7:b2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUcfc7NKHWLlVswK8uY+aHcT7JKxswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDExMloX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZTgyYWU3YTI4ODkxZTEwMTc4MDdm
Y2QxYzhkY2VmMzAyNTlkZjc0OTlkZjlmNTUwYmI0NDZmM2VkMTkwMWE5NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVzTlX4lU9uAqvNJm0Bttwne2YE4
tISzmt3SbLIEwyMHa05Z3U06qWdQWcJj78YICvlAAR/owv8Zj43dOBcm4jDU+uL9
z++c+d92Tid/wjRHuUf2PW4N6NyiSxhA6WEc22xZtfVeMuFbxMb9L2DV+uS9B099
KU2EjS9SAL4B7uj4s/j2Iv5urx591cteyhyr2Gf5XbrvNKup/s8q2wzHjEKM7cEM
rXcnoh050qQyJtSleg8wa1Laoz8nPJ5MeKLeJ/+6gsfKrczc7DhBwvee1SN8EA68
mxB3tBaMspW/y8JmKhv34Hu9Tn0vvKQaIhQPRDVnMekR+Spnecbwz4yYIwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKaDhIfqh+OGiBlgzVHUzNnoD1r2MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAKrL0yqTUSzCspajFjRP
HwSH74/vbY/NUTn1ectUTxvHU28djq76bfDLn6xRKgwv++2rYay3sSnmWC7rfO4M
REs361k2t9jcbg4YLyVq+Vw4f5OlhLHQMzIFcQNPbAKKerL2rM/sHFNJ8eNuPhKH
aBYEBkAc8wAr4TxbGqAXSFJnyKdvGammrjctp76Znfbqe43ud6oo6dfNzGLSg6zH
A9U2er+MJ1xX1tbZXJ2HOewGrnQRAtlFtedw5fVnIeaQWiXpcVYYLtyIdHRMjkZz
W0D/jKVfcl6Xb7cQeBx2u35IJ5DWNydCEVQjck+Ev99rJu0Ldd/FDFqz2e+/TJGj
p7I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:31 2025 by rpki-client