Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa
File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json)
Hash identifier: tq0o7oPR7WzcfZPoIT8R1k8MOKpH4tC6bBggxjKbeFk=
Subject key identifier: C2:48:F8:F4:F3:52:1D:4A:98:5B:B8:4F:17:9A:D6:ED:8B:CD:20:95
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 455BBFA8765B0EF913F8E8D0085EF93ACBB9DE83
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa
Signing time: Mon 20 Jan 2025 00:00:00 +0000
ROA not before: Mon 20 Jan 2025 00:00:00 +0000
ROA not after: Mon 24 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6700::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:5b:bf:a8:76:5b:0e:f9:13:f8:e8:d0:08:5e:f9:3a:cb:b9:de:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 20 00:00:00 2025 GMT
Not After : Feb 24 23:59:59 2025 GMT
Subject: serialNumber=4cf42adaf2da953c1999e0d67fda4b3a8e5854c68e4e590dce52672737ee20b6, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6b:54:e2:a2:49:15:ba:56:9c:88:c5:6f:72:
18:75:ff:ab:aa:d0:c1:bb:0c:72:9c:d1:c7:22:0c:
d2:73:eb:55:9e:21:8b:80:0b:55:5e:2d:1c:1f:8e:
27:30:e0:83:83:37:fd:00:22:67:34:ac:77:18:77:
09:f3:0f:dc:e1:c0:90:39:c2:3e:d3:66:4a:09:a4:
31:02:fc:58:df:04:de:9d:97:1b:06:d3:06:10:bc:
0b:94:b7:d3:8a:be:78:ba:f6:91:ee:01:a6:93:ec:
e5:b8:85:8b:ee:27:11:6a:cb:c5:25:5f:e7:17:11:
a8:a8:94:c3:57:e7:c7:73:58:7e:e9:60:23:5a:1c:
ea:0a:fc:b5:ec:0c:43:f1:9a:bf:93:9f:00:f8:b5:
df:b2:20:e4:73:96:09:1f:41:f5:6c:65:49:20:dd:
51:39:e6:e8:77:80:92:1e:0e:d0:fd:57:30:3f:d6:
0d:81:35:eb:d5:0b:9a:82:b5:33:1e:51:e8:82:e3:
67:49:51:07:80:2e:d3:2f:95:2a:bb:a1:d4:68:61:
48:73:84:d8:ec:10:a9:ae:0f:db:c3:87:cd:cc:24:
34:5c:d7:be:ec:82:3a:8b:84:19:b6:6a:5e:0d:42:
46:6e:d7:62:fb:5c:ca:b2:9c:11:d5:5d:ca:28:e5:
60:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:48:F8:F4:F3:52:1D:4A:98:5B:B8:4F:17:9A:D6:ED:8B:CD:20:95
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/32
Signature Algorithm: sha256WithRSAEncryption
5a:8e:a6:d7:2e:fb:52:e5:15:dc:68:ef:b0:38:d2:be:be:6b:
b9:0e:04:ff:aa:9b:e8:4a:f2:fc:ba:28:a4:42:0a:69:a5:01:
8c:18:e6:d4:c0:73:cb:6e:c1:ec:63:f5:2e:cc:a3:bc:6b:53:
e0:00:ef:34:80:c3:72:f5:a5:be:3e:74:c3:c2:38:2d:6c:66:
fb:eb:b6:21:e0:87:fe:8a:10:81:2c:24:f0:8e:2c:cd:9a:e2:
dd:25:c2:07:b4:a8:71:2e:b5:4d:c0:47:c7:64:f0:da:8e:9c:
2c:87:48:d9:2b:c1:f2:0c:93:41:12:9d:5d:40:90:1c:38:51:
84:65:82:f4:be:3a:26:af:e7:34:83:80:f3:13:e6:c5:a3:38:
03:4b:ee:a2:a6:b3:42:0e:d5:0d:c5:73:d9:f1:53:02:8f:06:
d3:02:40:c9:7d:46:98:c5:7e:7a:c1:bb:54:0c:f0:7e:22:b4:
be:51:0e:82:1f:aa:9d:5d:16:de:54:84:ae:37:a0:e1:75:ab:
0a:fc:a4:9e:0f:cf:f4:31:ed:3b:80:af:46:c6:ff:8d:d5:b1:
9e:8b:4c:cd:f0:74:0b:15:b7:2c:3c:38:b7:59:39:05:9b:fd:
de:64:55:27:ee:e7:86:4e:d6:31:30:0f:20:63:4b:d6:81:f5:
7a:21:9e:01
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIURVu/qHZbDvkT+OjQCF75Osu53oMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDEyMDAwMDAwMFoX
DTI1MDIyNDIzNTk1OVowejFJMEcGA1UEBRNANGNmNDJhZGFmMmRhOTUzYzE5OTll
MGQ2N2ZkYTRiM2E4ZTU4NTRjNjhlNGU1OTBkY2U1MjY3MjczN2VlMjBiNjEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2tU4qJJFbpWnIjFb3IYdf+rqtDB
uwxynNHHIgzSc+tVniGLgAtVXi0cH44nMOCDgzf9ACJnNKx3GHcJ8w/c4cCQOcI+
02ZKCaQxAvxY3wTenZcbBtMGELwLlLfTir54uvaR7gGmk+zluIWL7icRasvFJV/n
FxGoqJTDV+fHc1h+6WAjWhzqCvy17AxD8Zq/k58A+LXfsiDkc5YJH0H1bGVJIN1R
Oebod4CSHg7Q/VcwP9YNgTXr1QuagrUzHlHoguNnSVEHgC7TL5Uqu6HUaGFIc4TY
7BCprg/bw4fNzCQ0XNe+7II6i4QZtmpeDUJGbtdi+1zKspwR1V3KKOVgOQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMJI+PTzUh1KmFu4Txea1u2LzSCVMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAWo6m1y77UuUV3GjvsDjS
vr5ruQ4E/6qb6Ery/LoopEIKaaUBjBjm1MBzy27B7GP1LsyjvGtT4ADvNIDDcvWl
vj50w8I4LWxm++u2IeCH/ooQgSwk8I4szZri3SXCB7SocS61TcBHx2Tw2o6cLIdI
2SvB8gyTQRKdXUCQHDhRhGWC9L46Jq/nNIOA8xPmxaM4A0vuoqazQg7VDcVz2fFT
Ao8G0wJAyX1GmMV+esG7VAzwfiK0vlEOgh+qnV0W3lSErjeg4XWrCvykng/P9DHt
O4CvRsb/jdWxnotMzfB0CxW3LDw4t1k5BZv93mRVJ+7nhk7WMTAPIGNL1oH1eiGe
AQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:23:11 2025 by rpki-client