Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/6982f3ac-c7ae-423c-a028-517d7541d973.roa
File: 6982f3ac-c7ae-423c-a028-517d7541d973.roa (raw, json)
Hash identifier: Qr2A82VwQRcnl4OkguNroU0dq60vDHPA4zP2FQBQM7k=
Subject key identifier: 33:2B:7A:63:62:58:D4:90:A9:99:6E:A0:38:36:57:6E:D2:65:73:B3
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 220AE88C54FBCD4F45FE7CFE84D0B0F5AF6C31AD
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/6982f3ac-c7ae-423c-a028-517d7541d973.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0a:e8:8c:54:fb:cd:4f:45:fe:7c:fe:84:d0:b0:f5:af:6c:31:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=aaf10ca44eeaad58444c17ebfb862723727089f7a4ad94c1fe759ed399961455, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:d0:3c:4f:44:ce:55:d1:a1:6f:22:3a:6a:
f6:9c:fe:2d:42:cb:64:e5:4a:16:a0:ad:2c:15:70:
9f:6d:2b:50:6c:24:88:6f:78:0d:57:a0:43:bc:11:
b3:3d:13:52:e7:3b:d1:47:0a:02:f8:b3:47:ef:e4:
cb:fe:15:6d:66:1c:c8:e2:18:55:78:bd:30:b9:8c:
fd:c8:69:53:f0:01:0b:96:6b:30:a8:5e:ea:b7:2a:
8c:2e:3a:ed:bb:0c:f6:a9:69:61:9d:7b:ab:1c:74:
e8:8f:35:c8:a2:00:17:bb:d5:e9:5f:7a:eb:cc:3f:
7f:49:07:fc:c7:c7:f8:db:b5:a6:64:bd:43:5c:07:
f1:6e:0e:43:0f:86:c2:18:31:c4:e9:7f:26:82:9a:
2b:af:5d:f7:00:79:cf:af:2b:b0:de:dd:ea:4e:fd:
b4:cc:32:47:ca:8d:4b:0b:1a:5a:17:40:87:ae:63:
4f:df:ae:0f:2b:a3:9c:23:a7:a0:68:99:ea:05:ef:
5c:21:10:eb:b4:93:03:6b:ed:ae:4a:a3:78:cc:7a:
7e:0f:82:c7:4c:6e:e5:2b:b9:7e:99:29:7e:95:1f:
92:7f:df:f9:c9:b3:9b:23:9a:25:55:68:a0:ef:32:
dd:43:84:f1:62:ec:1d:cc:29:d8:2b:1f:53:36:88:
c3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2B:7A:63:62:58:D4:90:A9:99:6E:A0:38:36:57:6E:D2:65:73:B3
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/6982f3ac-c7ae-423c-a028-517d7541d973.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:78:7d:30:7e:76:ff:df:d2:f5:3f:8c:27:53:a9:7f:ac:09:
c0:5c:f6:3b:4f:64:66:12:5a:c5:58:a7:92:dd:e4:59:75:ff:
c5:c8:0e:ca:81:82:c1:20:47:f4:30:15:72:ca:7d:4c:f9:2a:
ad:39:62:e9:65:e2:c0:15:1b:bc:9c:5f:34:68:bf:8c:d1:44:
06:a3:07:53:7b:06:8f:e9:51:b1:8e:0a:81:8f:b8:fa:83:e8:
19:07:b8:2b:7e:2f:c6:f5:38:7e:a7:c3:60:b4:2f:4e:01:33:
19:03:d1:e4:72:10:8e:91:3c:f0:ea:a0:06:7d:96:a8:ca:2c:
ff:ac:09:d4:45:75:2a:5f:a5:98:cc:2c:9d:5d:ad:ef:9a:30:
0a:2d:3c:85:9a:a5:76:53:34:4c:4f:5b:10:e8:a9:e7:d1:7c:
2e:9e:9d:1b:93:26:08:e1:b8:04:24:f9:a0:89:de:fa:95:22:
dd:d4:9a:6b:0c:7c:a0:ee:6b:9f:f9:35:fe:23:a3:99:73:90:
82:d1:ee:8e:cc:a0:0f:1f:af:65:e7:1d:1d:54:cb:14:d8:a7:
38:21:a7:81:47:f5:3b:54:46:de:b0:74:1c:1a:b9:00:f3:a2:
ae:87:ba:12:ba:65:20:5f:0a:df:f4:c9:9d:97:a9:51:ee:98:
30:36:fe:de
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUIgrojFT7zU9F/nz+hNCw9a9sMa0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYWFmMTBjYTQ0ZWVhYWQ1ODQ0NGMx
N2ViZmI4NjI3MjM3MjcwODlmN2E0YWQ5NGMxZmU3NTllZDM5OTk2MTQ1NTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUHQPE9EzlXRoW8iOmr2nP4tQstk
5UoWoK0sFXCfbStQbCSIb3gNV6BDvBGzPRNS5zvRRwoC+LNH7+TL/hVtZhzI4hhV
eL0wuYz9yGlT8AELlmswqF7qtyqMLjrtuwz2qWlhnXurHHTojzXIogAXu9XpX3rr
zD9/SQf8x8f427WmZL1DXAfxbg5DD4bCGDHE6X8mgporr133AHnPryuw3t3qTv20
zDJHyo1LCxpaF0CHrmNP364PK6OcI6egaJnqBe9cIRDrtJMDa+2uSqN4zHp+D4LH
TG7lK7l+mSl+lR+Sf9/5ybObI5olVWig7zLdQ4TxYuwdzCnYKx9TNojD8QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDMremNiWNSQqZluoDg2V27SZXOzMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzY5ODJmM2FjLWM3YWUtNDIzYy1hMDI4LTUxN2Q3NTQxZDk3My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAOzABAwDQYJKoZIhvcNAQELBQADggEBAB94fTB+dv/f0vU/jCdT
qX+sCcBc9jtPZGYSWsVYp5Ld5Fl1/8XIDsqBgsEgR/QwFXLKfUz5Kq05Yull4sAV
G7ycXzRov4zRRAajB1N7Bo/pUbGOCoGPuPqD6BkHuCt+L8b1OH6nw2C0L04BMxkD
0eRyEI6RPPDqoAZ9lqjKLP+sCdRFdSpfpZjMLJ1dre+aMAotPIWapXZTNExPWxDo
qefRfC6enRuTJgjhuAQk+aCJ3vqVIt3UmmsMfKDua5/5Nf4jo5lzkILR7o7MoA8f
r2XnHR1UyxTYpzghp4FH9TtURt6wdBwauQDzoq6HuhK6ZSBfCt/0yZ2XqVHumDA2
/t4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:40:22 2025 by rpki-client