Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa
File: feddcef0-1c49-4db6-b667-d3a813db2a74.roa (raw, json)
Hash identifier: odwdNK7c36nPv+J6xpca0gZKkAFGYZa8XzcKHqVxdmY=
Subject key identifier: A6:3B:B0:B3:D2:6F:32:23:A0:09:83:2E:B0:DE:AF:6F:D9:8F:11:05
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7E9CCE2AC40B4AEB53E4B2BB5D3D20B7E554D367
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa
Signing time: Tue 25 Mar 2025 16:21:27 +0000
ROA not before: Tue 25 Mar 2025 16:21:27 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da68:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:9c:ce:2a:c4:0b:4a:eb:53:e4:b2:bb:5d:3d:20:b7:e5:54:d3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 25 16:21:27 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:bd:65:90:6e:43:ba:3e:40:76:92:74:48:
80:6f:4c:6b:72:4e:61:d6:65:02:75:11:ec:c8:19:
b2:b9:dc:6f:db:b4:f4:de:c3:63:4c:7f:c0:76:27:
60:ab:85:5d:86:83:4a:b4:cb:ce:8c:5b:ac:83:9b:
d2:51:fd:e9:37:f6:a2:4b:cc:13:56:73:a3:8f:2b:
ec:9b:eb:95:53:4d:f8:f1:9e:4e:c5:3d:ad:4a:02:
eb:ea:f4:4c:e4:4f:2c:0c:de:b1:69:21:02:3b:8b:
83:12:68:de:47:13:6a:4a:38:dc:cf:09:47:c6:a7:
32:50:81:98:88:bf:29:0c:69:af:9b:98:98:55:61:
99:78:b7:9c:e2:28:c9:77:dc:65:7e:23:de:aa:0f:
82:98:b4:a9:b1:2d:50:c7:42:64:58:3e:a0:87:f0:
f3:57:df:c4:d9:08:3e:3b:e8:11:6c:93:94:a3:b2:
ce:55:dd:8c:32:f0:fb:89:91:9d:1f:c4:49:75:ad:
03:a6:fb:91:2c:44:71:ff:8b:3e:e2:af:b9:33:0b:
c4:cb:ce:66:59:3d:23:34:5d:07:9c:46:70:1e:07:
8d:1a:a2:af:9a:0a:39:81:c0:be:10:6d:23:ac:2b:
88:f3:a9:56:cd:7a:7a:9d:c0:2e:16:33:88:d1:8c:
ef:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3B:B0:B3:D2:6F:32:23:A0:09:83:2E:B0:DE:AF:6F:D9:8F:11:05
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da68:1000::/40
Signature Algorithm: sha256WithRSAEncryption
23:3e:65:5d:ea:2f:0e:e2:87:b0:7c:85:cb:dd:26:dd:c6:49:
97:2f:06:b3:f2:72:4d:73:d2:67:76:ba:e3:2a:41:ef:75:eb:
e6:a0:83:a0:bb:55:86:ed:3f:7c:8c:47:79:80:4c:d8:4c:b4:
43:5d:8b:ef:d0:30:ad:f8:66:3c:4a:4c:f2:af:96:d2:43:a2:
13:18:c1:c4:d7:5d:b9:90:17:cc:a1:a4:8c:8e:d9:09:3f:6f:
8d:5a:ad:02:02:c3:bb:3e:a5:4e:91:32:f0:48:89:d2:b9:0f:
51:0b:85:e7:12:1c:21:fc:1c:23:15:8c:91:04:04:bc:e6:8f:
19:10:3e:3d:5d:ae:0c:64:3e:10:ee:d4:06:10:ec:8e:b8:85:
0b:dc:75:b7:48:f1:f9:a2:a9:d5:6c:4e:3c:28:cd:7b:3c:7e:
27:4e:3d:a7:db:af:81:0e:73:93:ec:47:a9:78:62:3c:20:e3:
09:f8:44:8a:05:5f:23:45:f2:1a:a2:63:5b:05:6a:52:84:d1:
c3:a3:0f:ac:79:d3:82:1c:55:95:94:31:73:10:b2:af:2a:06:
ab:90:b5:38:5b:44:ec:8b:d3:45:09:ee:40:3f:33:2e:c8:da:
f8:2f:0e:63:b3:73:89:08:e5:74:64:4d:2b:57:4e:1d:a2:0f:
09:06:27:e1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfpzOKsQLSutT5LK7XT0gt+VU02cwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2MjEyN1oX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAN2FiZDc4MzdkMDQyM2NkMjA2NGU4
NTFmZDY4NGYwZDhlYjVhZTZhMTQ0YWY0MzgyZjdmOTQwYWRlYjMxMzEzMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRy9ZZBuQ7o+QHaSdEiAb0xrck5h
1mUCdRHsyBmyudxv27T03sNjTH/Adidgq4VdhoNKtMvOjFusg5vSUf3pN/aiS8wT
VnOjjyvsm+uVU0348Z5OxT2tSgLr6vRM5E8sDN6xaSECO4uDEmjeRxNqSjjczwlH
xqcyUIGYiL8pDGmvm5iYVWGZeLec4ijJd9xlfiPeqg+CmLSpsS1Qx0JkWD6gh/Dz
V9/E2Qg+O+gRbJOUo7LOVd2MMvD7iZGdH8RJda0DpvuRLERx/4s+4q+5MwvEy85m
WT0jNF0HnEZwHgeNGqKvmgo5gcC+EG0jrCuI86lWzXp6ncAuFjOI0Yzv5QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKY7sLPSbzIjoAmDLrDer2/ZjxEFMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZlZGRjZWYwLTFjNDktNGRiNi1iNjY3LWQzYTgxM2RiMmE3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaBAwDQYJKoZIhvcNAQELBQADggEBACM+ZV3qLw7ih7B8hcvd
Jt3GSZcvBrPyck1z0md2uuMqQe916+agg6C7VYbtP3yMR3mATNhMtENdi+/QMK34
ZjxKTPKvltJDohMYwcTXXbmQF8yhpIyO2Qk/b41arQICw7s+pU6RMvBIidK5D1EL
hecSHCH8HCMVjJEEBLzmjxkQPj1drgxkPhDu1AYQ7I64hQvcdbdI8fmiqdVsTjwo
zXs8fidOPafbr4EOc5PsR6l4Yjwg4wn4RIoFXyNF8hqiY1sFalKE0cOjD6x504Ic
VZWUMXMQsq8qBquQtThbROyL00UJ7kA/My7I2vgvDmOzc4kI5XRkTStXTh2iDwkG
J+E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:54:57 2025 by rpki-client