Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa
File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json)
Hash identifier: HMagwAQwCd2No9J1zc7yJCv2yq8ZaGvm9m63NYO2sTM=
Subject key identifier: 01:57:F9:A8:DF:98:44:1B:75:71:9E:51:D2:5E:09:39:38:96:7E:4E
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 59B47CF2F54DAECBEFA7648C19FE533D53133BD3
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b4:7c:f2:f5:4d:ae:cb:ef:a7:64:8c:19:fe:53:3d:53:13:3b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=0d78068c76d2dcfbc28177a690366dc1628bb3478792dfc925dd939d6b7aad6d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:45:1b:47:19:b5:da:2e:bc:f2:7f:22:76:1b:
3e:3c:c5:10:07:c6:a0:85:26:68:cb:22:04:1e:12:
c6:c5:48:90:f3:a1:52:49:10:b1:4e:d6:d2:d5:e2:
44:34:26:b4:2c:79:19:79:cc:9f:56:47:68:60:ae:
28:bf:f6:f8:26:07:27:f5:42:8b:27:39:8a:ce:35:
61:25:fd:c8:ac:72:a4:d1:01:4c:b8:e4:0e:a1:34:
c9:cf:9f:c0:5d:1b:5c:04:12:dc:d5:d7:eb:70:6d:
86:af:71:c7:c5:00:52:98:fc:74:90:5b:14:e6:b4:
d7:d2:3b:f2:09:0e:7e:15:a9:56:bd:db:35:d6:3e:
c6:ea:00:86:30:93:28:fd:82:66:13:05:c6:c9:67:
45:62:f4:ff:70:20:2d:2d:33:53:d8:63:de:b0:3e:
b4:a1:a5:c6:09:ea:23:ed:cf:c9:76:b6:cc:ec:cc:
d3:9e:14:af:43:9c:70:55:ce:74:01:1f:00:89:1b:
01:1d:a9:3b:b9:bf:2c:90:7a:89:fe:9a:84:a7:66:
9f:3e:f2:e9:9d:0d:24:66:b6:29:d5:61:95:e8:cd:
b5:df:00:c6:14:53:7a:3b:a4:09:3c:1e:af:18:85:
e2:b6:a2:86:21:72:9b:a6:12:8d:0c:37:2f:63:31:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:57:F9:A8:DF:98:44:1B:75:71:9E:51:D2:5E:09:39:38:96:7E:4E
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6500::/48
Signature Algorithm: sha256WithRSAEncryption
cf:f7:c4:2b:e5:22:3c:a4:13:64:ca:ae:76:36:60:20:5b:6d:
fe:cf:e8:34:1a:8f:a3:91:82:e2:94:72:eb:03:33:c6:12:91:
8b:fd:fe:1c:f8:ed:20:c0:e8:1f:dd:31:44:f7:d7:21:99:71:
f0:2d:fd:5b:c0:9d:7b:51:63:72:62:72:2a:4d:0c:ae:60:4f:
7d:59:0b:34:46:f0:b9:e2:f9:1f:7c:87:72:c2:ef:d1:b7:09:
84:6e:3a:4c:06:89:ba:e8:44:e9:d6:47:80:07:cd:6a:a2:f4:
6d:4e:43:2a:c0:66:77:d3:33:2c:70:a2:c3:8c:88:d9:fe:9c:
b3:1f:b0:8b:b6:37:16:d3:08:01:fb:07:66:b9:90:82:c2:01:
8a:84:8c:ad:ed:aa:05:08:d3:74:36:f3:a2:14:25:ff:68:1c:
16:8b:a6:45:73:5a:11:ea:05:b8:32:71:08:72:2f:3d:14:5d:
4d:0a:73:ca:20:eb:e9:b3:6a:7d:69:47:31:7e:bd:3c:67:6c:
6f:3a:c2:26:0b:96:34:75:0d:c7:3d:bf:1d:69:11:2c:7f:fa:
c3:61:72:5d:4d:b4:3d:3c:f9:55:56:2d:8c:62:c8:51:88:f5:
40:c2:09:ad:35:6b:23:db:97:3f:34:fd:67:3f:40:42:18:d3:
56:d9:cb:4b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWbR88vVNrsvvp2SMGf5TPVMTO9MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAMGQ3ODA2OGM3NmQyZGNmYmMyODE3
N2E2OTAzNjZkYzE2MjhiYjM0Nzg3OTJkZmM5MjVkZDkzOWQ2YjdhYWQ2ZDEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEUbRxm12i688n8idhs+PMUQB8ag
hSZoyyIEHhLGxUiQ86FSSRCxTtbS1eJENCa0LHkZecyfVkdoYK4ov/b4Jgcn9UKL
JzmKzjVhJf3IrHKk0QFMuOQOoTTJz5/AXRtcBBLc1dfrcG2Gr3HHxQBSmPx0kFsU
5rTX0jvyCQ5+FalWvds11j7G6gCGMJMo/YJmEwXGyWdFYvT/cCAtLTNT2GPesD60
oaXGCeoj7c/JdrbM7MzTnhSvQ5xwVc50AR8AiRsBHak7ub8skHqJ/pqEp2afPvLp
nQ0kZrYp1WGV6M213wDGFFN6O6QJPB6vGIXitqKGIXKbphKNDDcvYzERbQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAFX+ajfmEQbdXGeUdJeCTk4ln5OMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQDP98Qr5SI8pBNkyq52
NmAgW23+z+g0Go+jkYLilHLrAzPGEpGL/f4c+O0gwOgf3TFE99chmXHwLf1bwJ17
UWNyYnIqTQyuYE99WQs0RvC54vkffIdywu/RtwmEbjpMBom66ETp1keAB81qovRt
TkMqwGZ30zMscKLDjIjZ/pyzH7CLtjcW0wgB+wdmuZCCwgGKhIyt7aoFCNN0NvOi
FCX/aBwWi6ZFc1oR6gW4MnEIci89FF1NCnPKIOvps2p9aUcxfr08Z2xvOsImC5Y0
dQ3HPb8daREsf/rDYXJdTbQ9PPlVVi2MYshRiPVAwgmtNWsj25c/NP1nP0BCGNNW
2ctL
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:43:41 2025 by rpki-client