Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa
File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json)
Hash identifier: 1qhjpOj2CU+S29+lG0nI0ilyD4LfgIcIvN/PcX3T1tE=
Subject key identifier: 79:0B:57:C7:E3:74:3F:01:BE:50:29:D3:57:31:4D:E9:0F:9A:9D:04
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 7420E917B9DD5B5253D4E8F7B368B63C297DC6C7
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa
Signing time: Sat 11 Jan 2025 00:00:00 +0000
ROA not before: Sat 11 Jan 2025 00:00:00 +0000
ROA not after: Sat 15 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fa:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:20:e9:17:b9:dd:5b:52:53:d4:e8:f7:b3:68:b6:3c:29:7d:c6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Jan 11 00:00:00 2025 GMT
Not After : Feb 15 23:59:59 2025 GMT
Subject: serialNumber=2993544196dbb8de4f9f94e227576e89e08cfcc4de03e4538abe88bfb8642548, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:9b:85:3e:d5:25:4e:30:35:ac:01:5f:fc:
b2:2a:d1:e7:11:5e:19:d6:da:cc:57:c7:f6:db:aa:
d7:5d:38:61:a0:f0:56:59:b0:e8:3b:a2:fb:9e:50:
cc:58:7b:39:d8:11:05:c1:3c:70:0d:a1:ed:5e:c4:
9b:4d:1a:66:b1:84:91:33:1c:1a:8c:d1:a5:36:21:
24:46:4b:32:61:94:0a:3b:07:46:80:22:0b:48:45:
ca:73:23:a8:ca:8f:e9:e4:2c:da:ff:0f:f3:bc:d5:
8a:e9:16:aa:56:6c:58:c0:12:e1:9d:e5:a5:4c:3d:
c3:a7:be:0e:5b:36:8d:4f:51:99:27:1f:51:5c:1c:
29:e2:0b:6e:07:c9:8b:a2:2e:af:67:c2:76:20:53:
bd:d4:e5:83:96:99:bc:4c:8f:a5:6a:fb:ec:d4:f9:
ff:9c:dd:92:89:c1:34:ef:29:c6:5e:24:c4:68:90:
81:79:45:c5:c1:9a:4e:96:89:df:8a:aa:2a:76:db:
80:37:c0:6d:f9:16:b6:0a:d3:84:5a:2b:30:e9:52:
d3:5c:a8:0e:35:e9:14:9b:3d:88:3e:e7:29:db:b2:
6c:da:6d:d9:c1:f9:8d:9f:00:a6:dc:43:4c:86:bb:
4c:8d:6b:a3:d2:4b:9d:d8:05:c1:d1:9f:35:49:eb:
ca:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0B:57:C7:E3:74:3F:01:BE:50:29:D3:57:31:4D:E9:0F:9A:9D:04
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fa:4000::/40
Signature Algorithm: sha256WithRSAEncryption
68:6d:c7:84:0c:5c:11:45:5e:5f:ea:ed:9b:ea:b1:45:8c:ec:
4c:87:70:2c:a8:66:23:7a:ba:91:ee:91:85:76:8c:3e:4e:66:
a8:0a:13:21:84:45:35:d2:f2:73:1d:f7:51:73:3f:47:80:55:
4a:0f:f5:0e:52:ff:4e:17:dc:0b:fa:6f:2b:ba:24:77:2d:9e:
b8:f7:3c:f5:17:b7:5c:4f:36:3d:f1:aa:e6:ea:cf:25:8b:63:
65:8a:b6:52:dc:fa:66:f1:f7:49:19:1f:9d:d0:85:a0:49:a1:
69:54:27:23:79:5a:87:48:da:de:ec:54:7f:51:31:a2:ca:01:
a3:d5:69:af:f3:89:f8:c4:68:b6:cf:5f:bd:aa:81:57:aa:61:
6c:f2:8c:86:3f:63:44:43:d3:8f:f2:ac:83:50:09:9c:d9:9f:
ba:85:c0:f5:4a:5c:26:96:25:5f:3b:45:bb:d6:93:df:dc:f0:
da:c7:65:e0:13:4a:4c:c7:e2:e4:9c:c8:33:dd:f5:c1:5f:78:
20:a4:a1:a9:7b:ca:e0:54:c4:21:72:57:cf:fc:05:1d:0f:f7:
cc:ce:85:0e:b9:9a:ab:5f:af:b8:72:fa:89:5f:13:cc:16:98:
c8:f9:fc:12:65:b4:a6:63:cb:d5:0d:af:62:9f:1b:7e:a7:7e:
d9:03:68:bb
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdCDpF7ndW1JT1Oj3s2i2PCl9xscwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExMTAwMDAwMFoX
DTI1MDIxNTIzNTk1OVowejFJMEcGA1UEBRNAMjk5MzU0NDE5NmRiYjhkZTRmOWY5
NGUyMjc1NzZlODllMDhjZmNjNGRlMDNlNDUzOGFiZTg4YmZiODY0MjU0ODEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4GbhT7VJU4wNawBX/yyKtHnEV4Z
1trMV8f226rXXThhoPBWWbDoO6L7nlDMWHs52BEFwTxwDaHtXsSbTRpmsYSRMxwa
jNGlNiEkRksyYZQKOwdGgCILSEXKcyOoyo/p5Cza/w/zvNWK6RaqVmxYwBLhneWl
TD3Dp74OWzaNT1GZJx9RXBwp4gtuB8mLoi6vZ8J2IFO91OWDlpm8TI+lavvs1Pn/
nN2SicE07ynGXiTEaJCBeUXFwZpOlonfiqoqdtuAN8Bt+Ra2CtOEWisw6VLTXKgO
NekUmz2IPucp27Js2m3ZwfmNnwCm3ENMhrtMjWuj0kud2AXB0Z81SevK1wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHkLV8fjdD8BvlAp01cxTekPmp0EMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAGhtx4QMXBFFXl/q7Zvq
sUWM7EyHcCyoZiN6upHukYV2jD5OZqgKEyGERTXS8nMd91FzP0eAVUoP9Q5S/04X
3Av6byu6JHctnrj3PPUXt1xPNj3xqubqzyWLY2WKtlLc+mbx90kZH53QhaBJoWlU
JyN5WodI2t7sVH9RMaLKAaPVaa/zifjEaLbPX72qgVeqYWzyjIY/Y0RD04/yrINQ
CZzZn7qFwPVKXCaWJV87RbvWk9/c8NrHZeATSkzH4uScyDPd9cFfeCCkoal7yuBU
xCFyV8/8BR0P98zOhQ65mqtfr7hy+olfE8wWmMj5/BJltKZjy9UNr2KfG36nftkD
aLs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:26:28 2025 by rpki-client