Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/124c546b-d995-4fdf-978d-19217a16b0c7.roa
File: 124c546b-d995-4fdf-978d-19217a16b0c7.roa (raw, json)
Hash identifier: UeL30bjD+oy5djv7Va0lGRpsiVnJynQzpwqk5xa44ns=
Subject key identifier: 9F:F6:19:D7:1D:EE:F8:C7:64:E3:07:76:4D:1A:12:32:9C:05:81:E8
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 69C4935E548BC15AF994561FCC2EDA5958F1F5DA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/124c546b-d995-4fdf-978d-19217a16b0c7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da10:8000::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:c4:93:5e:54:8b:c1:5a:f9:94:56:1f:cc:2e:da:59:58:f1:f5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f8c92f4e9fd1a32a2b20e3096f805954057c85cf1eeadbbfd5c1698265eee809, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:bc:ec:58:67:50:1b:db:4d:d9:d6:44:95:
ff:73:98:e3:5b:1d:8e:81:d7:f6:42:ec:71:51:9b:
54:12:aa:66:da:a6:dc:a2:64:9c:45:e3:4e:82:3b:
5e:31:8c:2f:8f:cd:44:c4:81:07:b6:f1:c3:1d:c9:
35:2a:e8:66:b2:3f:cb:ed:13:05:6a:a9:58:da:11:
88:17:80:f4:6f:b4:64:c8:e8:b2:c6:bf:93:43:e2:
a6:44:b9:d7:6d:d5:35:5d:4c:fc:65:5e:32:03:bf:
bb:f5:2b:11:19:a2:4d:8b:23:20:fc:c6:4c:7f:3c:
ed:15:f9:66:f0:c1:17:aa:57:ab:86:44:f0:bd:4c:
36:95:54:05:1b:15:fd:4f:00:ef:81:fe:af:23:2b:
b8:97:5e:b7:2c:6c:89:47:ff:ec:bc:13:17:05:f9:
bb:28:a8:71:3a:da:38:9f:ef:2a:93:7f:b1:28:7b:
f0:0c:4a:ab:ce:14:8c:72:06:c5:d0:68:8b:e1:d0:
85:70:3c:c1:11:8f:40:b5:05:bb:46:fb:71:d4:08:
97:ad:61:c1:87:4d:b4:96:cd:89:78:60:87:eb:34:
ff:6d:e0:5d:ba:af:1b:86:a1:e5:13:00:dd:d5:14:
a4:f4:0c:e0:af:60:23:34:ca:4a:c0:68:5f:ba:2d:
54:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F6:19:D7:1D:EE:F8:C7:64:E3:07:76:4D:1A:12:32:9C:05:81:E8
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/124c546b-d995-4fdf-978d-19217a16b0c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da10:8000::/38
Signature Algorithm: sha256WithRSAEncryption
64:3c:5b:ee:1d:c3:ee:fd:38:a2:8b:f4:4f:fa:3f:39:00:7c:
a6:d0:19:02:dc:40:55:ec:31:ec:b3:e9:3f:a8:0d:95:7c:a6:
73:fd:78:d0:c9:37:7d:b2:25:66:44:6b:5b:1a:f6:f8:ac:7d:
62:c5:b5:cd:3f:fb:20:46:75:a9:3b:7d:1b:84:c4:0a:04:46:
d7:f6:9c:bd:76:b5:b7:c0:8e:2f:ee:ee:8e:03:05:23:87:c2:
6b:1c:85:a4:62:45:31:16:53:f3:92:20:c3:f2:7a:fd:8f:70:
c2:fb:2b:f4:2a:76:10:3e:88:40:ac:c0:23:fb:08:0d:b5:5b:
25:e8:e9:ca:27:1f:8d:0c:22:87:62:84:b4:72:92:8f:83:24:
60:a5:7b:a9:26:35:b8:92:63:93:87:2d:19:59:40:48:5b:55:
dc:64:98:f2:d0:31:a1:e1:62:e6:da:4b:05:0c:89:a2:53:b5:
93:78:3c:24:b4:f8:d6:e3:15:cf:ba:91:70:a5:63:da:db:78:
35:0e:08:f1:02:8e:09:5f:d8:fc:4e:50:27:25:3d:de:83:18:
e9:e5:0e:6e:34:86:30:e8:ce:84:f6:f3:60:a2:7e:ee:4c:ba:
7e:f4:89:01:22:66:94:ff:c2:7a:1a:0a:a1:ce:7b:7c:11:06:
28:09:35:2d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUacSTXlSLwVr5lFYfzC7aWVjx9dowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZjhjOTJmNGU5ZmQxYTMyYTJiMjBl
MzA5NmY4MDU5NTQwNTdjODVjZjFlZWFkYmJmZDVjMTY5ODI2NWVlZTgwOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusS87FhnUBvbTdnWRJX/c5jjWx2O
gdf2QuxxUZtUEqpm2qbcomScReNOgjteMYwvj81ExIEHtvHDHck1Kuhmsj/L7RMF
aqlY2hGIF4D0b7RkyOiyxr+TQ+KmRLnXbdU1XUz8ZV4yA7+79SsRGaJNiyMg/MZM
fzztFflm8MEXqlerhkTwvUw2lVQFGxX9TwDvgf6vIyu4l163LGyJR//svBMXBfm7
KKhxOto4n+8qk3+xKHvwDEqrzhSMcgbF0GiL4dCFcDzBEY9AtQW7Rvtx1AiXrWHB
h020ls2JeGCH6zT/beBduq8bhqHlEwDd1RSk9Azgr2AjNMpKwGhfui1UGwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJ/2Gdcd7vjHZOMHdk0aEjKcBYHoMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzEyNGM1NDZiLWQ5OTUtNGZkZi05NzhkLTE5MjE3YTE2YjBjNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaEIAwDQYJKoZIhvcNAQELBQADggEBAGQ8W+4dw+79OKKL9E/6
PzkAfKbQGQLcQFXsMeyz6T+oDZV8pnP9eNDJN32yJWZEa1sa9visfWLFtc0/+yBG
dak7fRuExAoERtf2nL12tbfAji/u7o4DBSOHwmschaRiRTEWU/OSIMPyev2PcML7
K/QqdhA+iECswCP7CA21WyXo6conH40MIodihLRyko+DJGCle6kmNbiSY5OHLRlZ
QEhbVdxkmPLQMaHhYubaSwUMiaJTtZN4PCS0+NbjFc+6kXClY9rbeDUOCPECjglf
2PxOUCclPd6DGOnlDm40hjDozoT282Cifu5Mun70iQEiZpT/wnoaCqHOe3wRBigJ
NS0=
-----END CERTIFICATE-----
Generated at Sat May 3 11:01:09 2025 by rpki-client