Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa
File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json)
Hash identifier: XMZLSiYgPA8NA7veqwjCRAQcYnw2BJJV5hS77kzSJfI=
Subject key identifier: 9D:A0:C9:D2:2E:27:D1:A2:D3:CF:05:28:FA:77:D3:5D:73:A9:AA:4B
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 5071AE9C48627C0BFC11CD265671BAE8BFEE7CBA
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6500:2000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:71:ae:9c:48:62:7c:0b:fc:11:cd:26:56:71:ba:e8:bf:ee:7c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=17c474266e55876dbafbea7f9d44d48dc1207f4a13c6d7853345e42a57879783, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:d4:6c:74:70:c0:d1:35:2b:5a:5d:34:e5:66:
af:fb:d8:7c:05:70:a0:c7:2d:3c:73:65:47:71:61:
6b:7d:44:a6:de:da:eb:ae:30:34:e2:b0:6d:0a:4b:
e2:99:8f:35:c9:a8:8f:47:e5:02:17:0f:6f:41:df:
fd:7e:b9:36:5f:a5:d0:1a:0d:8a:9c:1b:f2:4a:36:
ff:05:8a:f3:b5:69:1e:f4:ce:fb:44:9f:5f:c9:1e:
c7:a6:d0:65:2b:b5:65:d7:f1:3c:e8:39:9b:8b:29:
fc:6e:c0:7a:6e:75:41:68:6e:c7:53:b0:a9:4b:8c:
56:78:03:41:93:17:97:26:56:0d:10:3e:a2:2d:3b:
1c:a9:41:22:80:94:81:34:60:57:24:af:9c:0c:23:
7b:e3:23:1d:f2:0e:79:4e:fe:5a:27:06:c7:58:42:
26:5c:7f:fb:b0:f8:a6:b9:b6:03:b5:c7:91:4f:45:
41:2f:46:82:09:b1:1d:00:7f:03:89:c8:8a:9d:94:
f0:1e:cb:c9:07:66:b4:1e:34:4c:8d:3a:c0:12:73:
7e:3e:41:9a:97:68:db:7f:63:08:e2:97:0b:d7:71:
e1:4a:4c:61:d1:8c:9a:89:f8:ec:df:d7:54:76:0c:
a9:6b:9c:98:7b:8c:b2:61:ed:aa:a7:a7:52:87:19:
d4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A0:C9:D2:2E:27:D1:A2:D3:CF:05:28:FA:77:D3:5D:73:A9:AA:4B
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6500:2000::/36
Signature Algorithm: sha256WithRSAEncryption
d3:87:2d:03:5b:32:0a:3d:58:8c:74:73:24:40:4a:be:de:e4:
bb:95:3d:0f:11:33:2e:b5:10:a3:51:61:16:10:86:f4:f9:cf:
38:e5:b8:58:8b:be:b4:7d:3d:11:30:34:9d:54:bc:e7:f0:f6:
c2:b9:f7:6f:12:c7:0b:8f:57:c1:5e:c7:8c:15:e9:d8:83:4a:
bd:ce:ff:42:c3:2a:6a:19:5a:d1:13:56:e9:d0:f9:84:d2:df:
77:35:12:25:e9:dd:30:e4:1c:f4:c7:be:c9:e9:48:fc:e4:f6:
a1:b4:ef:29:52:f0:6f:75:1c:9e:ba:11:a1:5f:95:0a:a5:1a:
6d:85:c6:59:8a:1f:95:43:f8:3a:62:17:50:f3:37:dd:de:71:
ad:12:f3:37:b8:f1:04:b0:23:16:ad:b0:01:e4:16:47:57:a5:
8c:da:58:15:44:62:3b:4d:b1:2e:be:79:66:f9:e1:27:8d:d0:
7f:64:e6:94:3b:0f:f3:fc:46:3a:cb:9b:93:56:3e:d5:37:bd:
f2:50:7a:f5:5d:21:9e:bd:74:4f:b3:73:95:c0:54:68:2f:f0:
56:1b:28:22:cc:7c:65:c1:e4:be:81:a9:c4:a2:03:c6:c5:fb:
7e:61:8f:06:7f:97:b3:42:9a:16:10:6c:36:9c:d7:6f:ca:48:
cb:df:cb:ad
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUHGunEhifAv8Ec0mVnG66L/ufLowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAMTdjNDc0MjY2ZTU1ODc2ZGJhZmJl
YTdmOWQ0NGQ0OGRjMTIwN2Y0YTEzYzZkNzg1MzM0NWU0MmE1Nzg3OTc4MzEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+dRsdHDA0TUrWl005Wav+9h8BXCg
xy08c2VHcWFrfUSm3trrrjA04rBtCkvimY81yaiPR+UCFw9vQd/9frk2X6XQGg2K
nBvySjb/BYrztWke9M77RJ9fyR7HptBlK7Vl1/E86Dmbiyn8bsB6bnVBaG7HU7Cp
S4xWeANBkxeXJlYNED6iLTscqUEigJSBNGBXJK+cDCN74yMd8g55Tv5aJwbHWEIm
XH/7sPimubYDtceRT0VBL0aCCbEdAH8DiciKnZTwHsvJB2a0HjRMjTrAEnN+PkGa
l2jbf2MI4pcL13HhSkxh0Yyaifjs39dUdgypa5yYe4yyYe2qp6dShxnU0wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJ2gydIuJ9Gi088FKPp3011zqapLMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBANOHLQNbMgo9WIx0cyRA
Sr7e5LuVPQ8RMy61EKNRYRYQhvT5zzjluFiLvrR9PREwNJ1UvOfw9sK5928SxwuP
V8Fex4wV6diDSr3O/0LDKmoZWtETVunQ+YTS33c1EiXp3TDkHPTHvsnpSPzk9qG0
7ylS8G91HJ66EaFflQqlGm2FxlmKH5VD+DpiF1DzN93eca0S8ze48QSwIxatsAHk
FkdXpYzaWBVEYjtNsS6+eWb54SeN0H9k5pQ7D/P8RjrLm5NWPtU3vfJQevVdIZ69
dE+zc5XAVGgv8FYbKCLMfGXB5L6BqcSiA8bF+35hjwZ/l7NCmhYQbDac12/KSMvf
y60=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:39 2025 by rpki-client