Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/01b54384-f309-452a-bce6-2793cf241f61.roa
File: 01b54384-f309-452a-bce6-2793cf241f61.roa (raw, json)
Hash identifier: n4FMrKgEPN1HrLWGRBEL4jJEa2TsnzIJD5t0W5F27Eg=
Subject key identifier: 3F:42:5E:73:9E:EB:E4:E8:63:82:9F:2E:21:DC:C9:A8:00:FD:0E:4B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2DA3CFB7AF54B1FEA635E765BB276815F277DB96
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/01b54384-f309-452a-bce6-2793cf241f61.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:c8c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:a3:cf:b7:af:54:b1:fe:a6:35:e7:65:bb:27:68:15:f2:77:db:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=c58ffe1c54bef0331cb29cc4ef36a5106e3a40bf3ef2d9d40c7bdf829ef66d02, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7a:ce:c2:3f:fa:2d:65:f4:9d:a6:d6:ce:97:
3a:fa:18:17:eb:56:2b:81:dc:10:a1:95:bc:a5:d3:
7f:ed:54:4d:e4:11:82:88:9b:34:c8:f4:8e:19:33:
52:97:1f:9e:7f:03:17:b6:20:96:cb:32:79:c1:09:
34:cb:ce:56:2d:da:cc:65:fa:47:80:43:0b:99:87:
6e:8e:bb:bd:69:69:5f:79:c1:82:02:b8:c9:00:b7:
dc:55:ed:1f:de:ce:df:0d:8c:98:5b:95:5a:cc:4e:
1f:1f:d0:1e:e2:8d:11:d9:6b:f4:1f:7c:da:cf:04:
ab:cd:66:05:0f:81:89:0a:08:90:df:21:da:7b:54:
df:ab:3d:eb:8a:1c:60:67:54:f7:6b:72:4f:71:b6:
6b:e4:ad:d3:13:e8:0e:5a:df:ef:c7:bb:dd:a3:3a:
e0:24:bf:68:24:ea:43:e4:ab:d3:d1:a3:ed:57:fd:
29:0f:2a:86:7a:1e:46:ee:6e:37:ef:70:00:1b:1a:
ed:94:12:ae:0d:6e:c9:3b:1f:95:19:05:0b:14:13:
27:4c:ab:fe:e6:2d:09:42:44:9d:d2:13:d2:10:01:
05:fb:c5:e4:e0:ad:6e:19:d1:7f:b1:3c:33:a4:b3:
e0:75:ac:0b:cf:7e:86:dd:de:5e:22:f5:38:bd:49:
c0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:42:5E:73:9E:EB:E4:E8:63:82:9F:2E:21:DC:C9:A8:00:FD:0E:4B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/01b54384-f309-452a-bce6-2793cf241f61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:c8c0::/46
Signature Algorithm: sha256WithRSAEncryption
71:f3:36:bd:5c:df:6d:1e:a4:ba:27:43:b0:dd:d1:a0:5b:72:
86:ee:19:00:47:b6:4c:4e:a3:48:6c:22:7d:f5:ef:e9:b5:94:
f4:9a:10:78:62:c5:32:f4:1f:83:06:74:f9:87:4f:d1:b8:33:
e5:27:e4:c2:90:ac:0d:8e:97:ae:75:bd:06:9a:84:e9:e2:ca:
06:88:ae:41:2e:4a:02:47:2a:b9:4d:7f:03:f0:6f:b4:b7:e0:
c5:e1:a3:5f:19:ac:cb:ec:15:24:d0:e6:73:07:4a:8d:4a:85:
36:07:66:cd:3d:9a:84:fc:28:0c:67:47:72:a4:01:cc:30:e7:
77:cc:ca:2f:ab:c6:24:26:7b:d8:88:1a:99:bf:a0:d5:bb:cb:
ef:15:0f:33:94:39:0c:f6:a8:d4:07:48:c3:4d:dc:ad:e7:7d:
d7:9a:7c:f1:28:98:38:8f:e9:e5:9d:22:5c:78:61:2d:a8:75:
07:bc:4c:74:00:f2:45:29:2d:38:0e:6b:91:11:f0:30:62:f6:
67:04:d6:71:49:05:7e:84:64:65:af:b8:27:08:58:77:53:3b:
2e:49:98:a0:6a:2b:a7:17:c8:3e:25:49:27:e2:65:25:a1:58:
67:03:b6:d7:e2:8b:71:21:ab:42:58:87:6b:e1:a1:35:8d:f4:
8a:cb:90:ae
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIULaPPt69Usf6mNedluydoFfJ325YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYzU4ZmZlMWM1NGJlZjAzMzFjYjI5
Y2M0ZWYzNmE1MTA2ZTNhNDBiZjNlZjJkOWQ0MGM3YmRmODI5ZWY2NmQwMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXrOwj/6LWX0nabWzpc6+hgX61Yr
gdwQoZW8pdN/7VRN5BGCiJs0yPSOGTNSlx+efwMXtiCWyzJ5wQk0y85WLdrMZfpH
gEMLmYdujru9aWlfecGCArjJALfcVe0f3s7fDYyYW5VazE4fH9Ae4o0R2Wv0H3za
zwSrzWYFD4GJCgiQ3yHae1Tfqz3rihxgZ1T3a3JPcbZr5K3TE+gOWt/vx7vdozrg
JL9oJOpD5KvT0aPtV/0pDyqGeh5G7m4373AAGxrtlBKuDW7JOx+VGQULFBMnTKv+
5i0JQkSd0hPSEAEF+8Xk4K1uGdF/sTwzpLPgdawLz36G3d5eIvU4vUnAHwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFD9CXnOe6+ToY4KfLiHcyagA/Q5LMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAxYjU0Mzg0LWYzMDktNDUyYS1iY2U2LTI3OTNjZjI0MWY2MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba98jAMA0GCSqGSIb3DQEBCwUAA4IBAQBx8za9XN9tHqS6J0Ow
3dGgW3KG7hkAR7ZMTqNIbCJ99e/ptZT0mhB4YsUy9B+DBnT5h0/RuDPlJ+TCkKwN
jpeudb0GmoTp4soGiK5BLkoCRyq5TX8D8G+0t+DF4aNfGazL7BUk0OZzB0qNSoU2
B2bNPZqE/CgMZ0dypAHMMOd3zMovq8YkJnvYiBqZv6DVu8vvFQ8zlDkM9qjUB0jD
Tdyt533XmnzxKJg4j+nlnSJceGEtqHUHvEx0APJFKS04DmuREfAwYvZnBNZxSQV+
hGRlr7gnCFh3UzsuSZigaiunF8g+JUkn4mUloVhnA7bX4otxIatCWIdr4aE1jfSK
y5Cu
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:37:42 2025 by rpki-client