Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa
File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json)
Hash identifier: apTiPLzPayH49wLGL9e1/cKhbvAbDdtEzhDKzs4GSm4=
Subject key identifier: 68:6D:67:10:3C:9B:90:59:D5:5E:70:9D:3E:BB:1C:04:30:DA:F9:CD
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 2BFF9B73DEDFD04EB5722B296F61C869E9E48925
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6700::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ff:9b:73:de:df:d0:4e:b5:72:2b:29:6f:61:c8:69:e9:e4:89:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=d63891fcb1622d5232563e8cfd11f7dd62540741b9c5366bb49b0e9d4ffc37f5, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cd:a0:66:73:c7:dc:4b:e0:e1:c8:04:cb:e9:
09:8d:f8:e7:c0:20:07:9c:27:07:dc:a1:b2:72:96:
ed:88:82:93:cc:7c:f6:02:dc:16:1a:46:17:df:6a:
d2:4f:d6:5e:62:76:98:08:10:2c:27:64:bf:dd:a0:
c9:d7:26:82:ec:cc:5b:e8:17:ae:fe:40:3f:bf:ae:
cb:e6:33:72:08:f4:c5:4f:6e:f2:8c:6b:82:68:69:
d3:f8:9b:4f:13:51:11:85:bb:4f:70:23:aa:fa:5a:
db:35:08:5d:c6:9f:3e:6c:8b:e2:6b:cd:90:a1:3b:
94:25:47:6b:c9:c7:7a:45:22:18:72:5e:69:45:87:
bf:5c:88:1d:04:4e:bf:72:b6:23:8b:3f:42:16:f6:
ea:e7:1d:ef:a0:d4:33:4c:9b:ec:4b:b2:20:51:04:
14:d4:06:95:93:c1:e9:2b:81:8c:b5:d8:14:0d:82:
48:5d:11:10:b1:4e:77:eb:e1:5a:0d:ba:1d:fb:34:
03:93:1a:a3:a2:21:a0:da:ff:a8:2f:d4:e2:81:c3:
19:b8:4f:ed:54:eb:a9:8e:c3:2e:7a:b9:ac:a2:41:
ad:1f:1b:2f:0e:97:48:52:c6:d9:f1:fe:bf:88:d6:
23:fc:a3:25:cd:3c:5b:a6:e1:8e:b4:eb:2b:65:82:
98:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6D:67:10:3C:9B:90:59:D5:5E:70:9D:3E:BB:1C:04:30:DA:F9:CD
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/48
Signature Algorithm: sha256WithRSAEncryption
92:8a:48:90:5f:25:1f:7b:c9:8d:db:22:4a:cc:81:34:b6:a7:
40:cf:52:da:aa:53:6e:a6:b8:26:10:5d:b9:10:8c:19:c0:7e:
70:f7:b1:e8:89:56:06:46:cc:f5:2a:76:a7:60:bb:ef:60:26:
7d:70:b1:7f:0f:da:7c:16:5b:53:f5:45:20:95:42:fa:c9:a7:
24:87:c9:36:a7:6f:b5:f8:71:90:5a:3c:c9:db:69:f6:21:f8:
d3:99:72:52:78:37:70:4c:93:e7:b1:5e:5a:00:a5:61:fd:68:
67:2b:ca:b8:66:91:30:cb:2f:a4:30:19:3f:9e:aa:0d:5a:a3:
12:f9:3a:fd:0f:0d:6e:cb:14:a0:34:3c:a2:cf:06:8d:48:b9:
89:cf:e6:46:0b:21:bd:19:57:db:ce:3c:da:d7:6e:21:2d:e0:
56:37:42:7b:ec:94:77:3a:b5:ae:c0:6f:dd:94:1c:d6:81:49:
3b:1e:1e:47:38:2c:30:22:cc:96:25:6f:6b:75:dd:34:52:f7:
29:59:5b:d3:64:1f:44:46:91:6e:c6:e1:f7:95:2e:cd:14:1e:
ba:62:c4:93:a5:1a:15:d1:61:f5:df:a1:03:c9:ff:6e:e8:d2:
dc:70:7e:83:da:fe:6b:99:f8:17:b7:d2:08:1d:3c:be:8b:b5:
52:12:2d:6e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUK/+bc97f0E61cispb2HIaenkiSUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAZDYzODkxZmNiMTYyMmQ1MjMyNTYz
ZThjZmQxMWY3ZGQ2MjU0MDc0MWI5YzUzNjZiYjQ5YjBlOWQ0ZmZjMzdmNTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM2gZnPH3Evg4cgEy+kJjfjnwCAH
nCcH3KGycpbtiIKTzHz2AtwWGkYX32rST9ZeYnaYCBAsJ2S/3aDJ1yaC7Mxb6Beu
/kA/v67L5jNyCPTFT27yjGuCaGnT+JtPE1ERhbtPcCOq+lrbNQhdxp8+bIvia82Q
oTuUJUdrycd6RSIYcl5pRYe/XIgdBE6/crYjiz9CFvbq5x3voNQzTJvsS7IgUQQU
1AaVk8HpK4GMtdgUDYJIXREQsU536+FaDbod+zQDkxqjoiGg2v+oL9TigcMZuE/t
VOupjsMuermsokGtHxsvDpdIUsbZ8f6/iNYj/KMlzTxbpuGOtOsrZYKY8wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGhtZxA8m5BZ1V5wnT67HAQw2vnNMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCSikiQXyUfe8mN2yJK
zIE0tqdAz1LaqlNuprgmEF25EIwZwH5w97HoiVYGRsz1KnanYLvvYCZ9cLF/D9p8
FltT9UUglUL6yackh8k2p2+1+HGQWjzJ22n2IfjTmXJSeDdwTJPnsV5aAKVh/Whn
K8q4ZpEwyy+kMBk/nqoNWqMS+Tr9Dw1uyxSgNDyizwaNSLmJz+ZGCyG9GVfbzjza
124hLeBWN0J77JR3OrWuwG/dlBzWgUk7Hh5HOCwwIsyWJW9rdd00UvcpWVvTZB9E
RpFuxuH3lS7NFB66YsSTpRoV0WH136EDyf9u6NLccH6D2v5rmfgXt9IIHTy+i7VS
Ei1u
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:39:25 2025 by rpki-client