Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa
File: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (raw, json)
Hash identifier: e4oweRX7RGre1aqAxR/01hZbsJYMDQfCRwKUBFLa6Tw=
Subject key identifier: 59:44:7B:35:94:A3:4C:67:0B:2D:B5:D1:7D:A4:75:FB:98:E3:64:F7
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 407A76C6F3508951AD22F52357DA2E59CF8BA27F
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa
Signing time: Mon 20 Jan 2025 00:00:00 +0000
ROA not before: Mon 20 Jan 2025 00:00:00 +0000
ROA not after: Mon 24 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:7a:76:c6:f3:50:89:51:ad:22:f5:23:57:da:2e:59:cf:8b:a2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Jan 20 00:00:00 2025 GMT
Not After : Feb 24 23:59:59 2025 GMT
Subject: serialNumber=d51a91187b8a11e3e81f0c35a534de76108a8a1764968e18522459faa187cd81, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:93:17:71:be:84:31:32:02:53:a2:4f:3c:88:
48:9b:24:ee:96:81:22:45:17:ec:e9:5e:e6:fc:b5:
b7:08:4a:8c:2f:39:52:7f:4f:db:37:cc:5a:1b:c1:
36:08:a0:1b:64:6e:7d:44:03:3d:2c:95:78:47:f6:
23:f7:6b:2f:3f:f9:da:31:c3:c1:df:5b:42:fb:e8:
b8:87:2e:3f:e7:8b:a7:ae:92:4c:ff:bd:38:29:8e:
f1:14:08:c2:07:67:2e:ff:86:e2:88:26:86:2f:7d:
ab:79:b6:42:45:e1:a9:7f:4c:12:e8:aa:c6:8b:bc:
31:b8:2d:98:ef:5e:1f:41:fc:60:18:bc:81:48:57:
d9:a0:ce:62:d4:1d:72:de:9b:6b:b8:e2:b2:f2:60:
9e:ce:75:48:74:51:76:59:da:ee:8a:8e:4a:d6:59:
f8:42:57:10:47:22:b4:46:c7:ce:31:5c:70:10:36:
be:34:8e:6f:15:64:dc:57:94:d6:68:d9:9a:35:03:
fd:c7:c4:e8:ad:11:e7:d3:43:f1:aa:22:17:a2:ce:
29:18:e6:8a:a2:18:d2:33:67:ee:7a:4b:cf:38:ec:
2b:9d:db:a4:65:63:b3:98:1b:68:bc:9b:db:64:7f:
9f:e2:25:38:ea:c5:94:f0:3b:cc:75:f8:ef:7e:cd:
2e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:44:7B:35:94:A3:4C:67:0B:2D:B5:D1:7D:A4:75:FB:98:E3:64:F7
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300::/32
Signature Algorithm: sha256WithRSAEncryption
7d:ef:ad:af:2d:e0:b1:06:68:b6:81:47:10:56:28:d1:b1:63:
40:5c:aa:d3:ba:b0:24:ba:45:88:19:f3:83:1f:bf:90:27:ee:
ed:8b:c3:8e:7c:7e:5b:2e:78:60:54:6d:e0:93:6b:2f:d8:cd:
a2:99:be:b1:3b:4d:97:d2:7f:3a:50:7f:77:3a:d1:65:80:b5:
42:d6:cd:5a:25:bb:61:0a:1f:2e:ac:d9:c1:23:3d:18:d6:7a:
46:7d:be:93:36:ef:c6:c9:58:7e:9e:64:10:79:84:ca:02:7a:
ae:29:d7:51:81:3e:44:5d:d4:2f:03:40:ca:c8:4e:7e:f2:ee:
df:b1:7c:d8:58:90:80:9a:c1:c2:35:bd:05:ff:15:77:d1:f8:
6e:15:c4:33:4f:92:ad:9e:fe:c8:31:40:71:25:2a:be:53:5d:
84:54:cc:19:57:60:a5:89:0d:50:ec:9e:74:ae:aa:85:7e:06:
a5:32:38:05:81:f7:99:50:19:5d:cc:d5:60:4e:08:75:30:9b:
6b:58:c3:ff:8d:91:84:81:63:9b:9c:4c:0d:89:1f:e5:83:20:
bc:48:0c:9a:51:c4:1f:de:3c:3a:c2:03:9b:97:9a:95:66:b9:
96:58:a6:da:b2:90:60:f4:c9:00:5a:93:db:2c:b5:de:c4:f0:
2b:38:9e:35
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUQHp2xvNQiVGtIvUjV9ouWc+Lon8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDEyMDAwMDAwMFoX
DTI1MDIyNDIzNTk1OVowejFJMEcGA1UEBRNAZDUxYTkxMTg3YjhhMTFlM2U4MWYw
YzM1YTUzNGRlNzYxMDhhOGExNzY0OTY4ZTE4NTIyNDU5ZmFhMTg3Y2Q4MTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JMXcb6EMTICU6JPPIhImyTuloEi
RRfs6V7m/LW3CEqMLzlSf0/bN8xaG8E2CKAbZG59RAM9LJV4R/Yj92svP/naMcPB
31tC++i4hy4/54unrpJM/704KY7xFAjCB2cu/4biiCaGL32rebZCReGpf0wS6KrG
i7wxuC2Y714fQfxgGLyBSFfZoM5i1B1y3ptruOKy8mCeznVIdFF2Wdruio5K1ln4
QlcQRyK0RsfOMVxwEDa+NI5vFWTcV5TWaNmaNQP9x8TorRHn00PxqiIXos4pGOaK
ohjSM2fuekvPOOwrndukZWOzmBtovJvbZH+f4iU46sWU8DvMdfjvfs0u5wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFlEezWUo0xnCy210X2kdfuY42T3MB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
L2NjMmY3MDkzLTIxYTYtNDAwZi05ZGIxLTkzYzJmZTAyYmMxYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAfe+try3gsQZotoFHEFYo
0bFjQFyq07qwJLpFiBnzgx+/kCfu7YvDjnx+Wy54YFRt4JNrL9jNopm+sTtNl9J/
OlB/dzrRZYC1QtbNWiW7YQofLqzZwSM9GNZ6Rn2+kzbvxslYfp5kEHmEygJ6rinX
UYE+RF3ULwNAyshOfvLu37F82FiQgJrBwjW9Bf8Vd9H4bhXEM0+SrZ7+yDFAcSUq
vlNdhFTMGVdgpYkNUOyedK6qhX4GpTI4BYH3mVAZXczVYE4IdTCba1jD/42RhIFj
m5xMDYkf5YMgvEgMmlHEH948OsIDm5ealWa5llim2rKQYPTJAFqT2yy13sTwKzie
NQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:31:37 2025 by rpki-client