Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0664f42a-f6ce-418d-8061-7cf7cf9a3637.roa
File: 0664f42a-f6ce-418d-8061-7cf7cf9a3637.roa (raw, json)
Hash identifier: U6sRopn3HIRoEvC6D0QO+KA9D4RQ9eOkJJxTUtBTUCA=
Subject key identifier: B4:B8:9F:61:6B:D1:DE:C0:35:B4:62:30:F6:40:27:9A:8A:0D:6E:94
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2B0C20E0E50701DA7D2657A1CFE33EDEF5272656
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0664f42a-f6ce-418d-8061-7cf7cf9a3637.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:0c:20:e0:e5:07:01:da:7d:26:57:a1:cf:e3:3e:de:f5:27:26:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=39501131686d590e3adfe932a2176e0d473c055403d718b956f0b1d9b9b129bc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:89:d4:8a:2a:8a:a4:ef:3e:fe:0e:34:d3:25:
c8:54:88:71:35:76:e0:25:0f:34:2a:cf:3a:12:2e:
2c:d4:c4:28:c6:1e:45:9e:72:39:ba:14:43:79:ee:
c6:7f:1b:cf:cb:ab:e0:36:4d:88:f0:ac:06:1e:d5:
9d:7e:a9:16:c9:b9:40:51:e2:36:68:b3:f8:12:88:
b4:54:d1:f3:04:d3:e4:df:be:99:93:52:93:3c:bd:
0c:c1:25:ae:d2:df:eb:14:53:db:6a:2c:03:7e:51:
43:42:98:f1:3c:8f:4e:51:be:f9:f0:9e:01:15:c5:
26:2f:c9:c7:59:40:b1:c6:53:9a:ec:d7:69:ff:7b:
55:f0:8e:96:fa:ef:08:80:7b:b0:47:e6:f4:0d:b2:
a3:d5:21:02:c9:93:d4:9a:10:96:48:a4:c2:86:39:
22:17:32:66:60:b4:8a:dd:a1:09:fb:6b:eb:60:3b:
16:8a:c2:89:13:cf:15:4e:06:5a:86:e3:9c:2f:b9:
78:9c:0d:e7:d2:2a:e2:9a:2e:7f:a4:f6:bd:02:ca:
71:30:03:f3:44:a7:36:2c:37:99:aa:14:db:5a:c4:
93:24:98:d7:8d:77:e1:a1:71:22:2e:6d:57:bb:c3:
67:df:7e:4f:a1:f1:3e:98:40:92:14:fb:60:cb:f3:
28:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B8:9F:61:6B:D1:DE:C0:35:B4:62:30:F6:40:27:9A:8A:0D:6E:94
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0664f42a-f6ce-418d-8061-7cf7cf9a3637.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:2800::/40
Signature Algorithm: sha256WithRSAEncryption
83:0e:b2:3c:2b:b4:58:79:b6:89:01:b9:05:c3:36:0b:81:a2:
62:b8:ad:a8:5d:30:d8:ae:f1:35:67:6a:7b:a6:43:43:d4:cd:
82:f6:ed:ae:1b:34:a6:b7:db:ac:d0:66:86:02:cf:6c:7b:0f:
c5:0f:2f:af:17:d3:c3:57:72:f4:87:e1:43:aa:96:5b:c7:72:
c8:82:8f:f2:d5:21:87:ae:6f:85:30:f5:0a:1c:62:54:bb:1c:
82:ef:22:d2:57:d1:79:6e:f6:b0:64:99:4c:99:88:89:bb:cb:
0d:93:3a:50:6f:64:ad:16:7e:c5:2a:6d:34:e2:27:eb:20:8d:
7d:01:05:ad:e8:5b:68:ff:25:11:1a:c1:f1:3c:3f:96:bd:30:
c3:5e:d3:0b:c4:f1:f9:f6:4b:9e:3a:a2:a1:5a:6d:40:91:64:
1b:da:db:9b:34:5e:3c:69:10:93:84:f2:50:18:95:1f:5f:61:
12:98:3e:86:02:0d:6c:30:51:52:3e:7c:04:80:73:46:9b:08:
c4:8b:54:ba:3b:53:2c:3d:49:9a:64:66:f2:9c:e7:e6:82:39:
13:dc:df:52:8d:50:53:60:b5:51:c4:6a:6c:b5:01:36:db:33:
b3:a2:3a:fa:99:ee:85:a1:ae:e0:e0:88:ae:a8:0d:a8:67:16:
5a:93:83:48
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKwwg4OUHAdp9Jlehz+M+3vUnJlYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMzk1MDExMzE2ODZkNTkwZTNhZGZl
OTMyYTIxNzZlMGQ0NzNjMDU1NDAzZDcxOGI5NTZmMGIxZDliOWIxMjliYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0InUiiqKpO8+/g400yXIVIhxNXbg
JQ80Ks86Ei4s1MQoxh5FnnI5uhRDee7GfxvPy6vgNk2I8KwGHtWdfqkWyblAUeI2
aLP4Eoi0VNHzBNPk376Zk1KTPL0MwSWu0t/rFFPbaiwDflFDQpjxPI9OUb758J4B
FcUmL8nHWUCxxlOa7Ndp/3tV8I6W+u8IgHuwR+b0DbKj1SECyZPUmhCWSKTChjki
FzJmYLSK3aEJ+2vrYDsWisKJE88VTgZahuOcL7l4nA3n0irimi5/pPa9AspxMAPz
RKc2LDeZqhTbWsSTJJjXjXfhoXEiLm1Xu8Nn335PofE+mECSFPtgy/MonQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLS4n2Fr0d7ANbRiMPZAJ5qKDW6UMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA2NjRmNDJhLWY2Y2UtNDE4ZC04MDYxLTdjZjdjZjlhMzYzNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9igwDQYJKoZIhvcNAQELBQADggEBAIMOsjwrtFh5tokBuQXD
NguBomK4rahdMNiu8TVnanumQ0PUzYL27a4bNKa326zQZoYCz2x7D8UPL68X08NX
cvSH4UOqllvHcsiCj/LVIYeub4Uw9QocYlS7HILvItJX0Xlu9rBkmUyZiIm7yw2T
OlBvZK0WfsUqbTTiJ+sgjX0BBa3oW2j/JREawfE8P5a9MMNe0wvE8fn2S546oqFa
bUCRZBva25s0XjxpEJOE8lAYlR9fYRKYPoYCDWwwUVI+fASAc0abCMSLVLo7Uyw9
SZpkZvKc5+aCORPc31KNUFNgtVHEamy1ATbbM7OiOvqZ7oWhruDgiK6oDahnFlqT
g0g=
-----END CERTIFICATE-----
Generated at Mon May 12 13:16:05 2025 by rpki-client