Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/17fabf22-42c2-40f2-a722-0048c9eebd2c.roa
File: 17fabf22-42c2-40f2-a722-0048c9eebd2c.roa (raw, json)
Hash identifier: eQ5rHahcg37GdYgYZ5X1BJLsqArcrhoHlHFBLnAlPt8=
Subject key identifier: 2C:B1:4B:2F:A6:6B:3C:F3:FB:DC:ED:05:CE:75:10:F5:5E:0A:DF:57
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 11548DFCE0E65948C5ED233EB10DC5B4D61DC891
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/17fabf22-42c2-40f2-a722-0048c9eebd2c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:54:8d:fc:e0:e6:59:48:c5:ed:23:3e:b1:0d:c5:b4:d6:1d:c8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=b34bda15b272e172205d49b6ce9120f497110ace3eff7eb7fcf44e3e1003faa4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1c:2f:4d:16:21:4f:9c:86:21:c9:13:77:fd:
b5:18:d8:a8:9d:81:ba:95:1c:32:d3:5e:09:23:cf:
3d:f6:9c:07:8b:b0:fb:7e:d3:f5:ca:33:8e:be:79:
1a:b3:cc:47:6a:b1:64:75:db:70:96:54:28:11:51:
74:a3:d3:b6:62:54:2e:61:e8:9f:4d:d4:88:07:31:
f0:b7:2c:13:82:f9:d7:ea:b1:95:02:bc:4e:db:19:
e0:3a:a0:24:d8:2b:44:d6:d7:23:52:d5:54:12:ad:
a5:e8:8c:c1:bd:54:de:89:c5:03:95:c0:d9:ff:df:
0e:a9:f1:1e:af:fa:15:8b:20:2a:6d:8d:ec:fc:1b:
40:0b:0d:51:5b:33:4b:4a:57:ed:3a:97:61:25:c7:
40:f4:67:22:de:4c:ec:4a:10:90:0e:b1:4b:ee:32:
40:34:de:98:66:b2:09:84:75:8d:c7:10:35:fa:4a:
1c:80:e0:26:37:1a:68:9e:2e:1d:63:e2:33:41:0b:
7e:98:17:9c:c3:d8:55:92:d8:08:1a:a4:49:d4:56:
4e:6a:e3:fa:a6:c5:f6:fb:83:21:b1:f4:56:94:a8:
6a:3b:9d:f8:a8:67:79:48:da:34:f2:92:ff:05:8c:
11:5c:b4:13:01:53:c1:94:31:8c:e1:c6:cb:a4:9e:
2b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B1:4B:2F:A6:6B:3C:F3:FB:DC:ED:05:CE:75:10:F5:5E:0A:DF:57
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/17fabf22-42c2-40f2-a722-0048c9eebd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0::/32
Signature Algorithm: sha256WithRSAEncryption
31:8c:5f:5d:bd:40:7d:0a:bb:00:e2:69:3e:94:7d:76:bd:cf:
65:d5:a7:c8:4d:cd:92:c1:53:83:22:ef:df:43:0b:43:df:52:
48:a4:bb:fc:68:72:2e:8c:3c:3d:49:77:61:9e:1f:bf:be:37:
a6:98:7a:8a:c5:39:b0:41:9b:38:95:3c:0d:66:94:d0:b1:de:
de:72:e7:93:8b:74:8a:10:ee:af:aa:a3:53:e1:80:38:93:17:
d2:9a:70:5f:fd:32:70:90:dc:65:8a:75:2f:48:a4:73:87:37:
e1:f8:09:1f:d8:d2:c0:26:33:3a:42:2c:f6:07:cc:77:30:13:
9e:1d:21:c1:fa:92:96:3f:de:86:41:00:36:cf:f7:1c:7b:fe:
cd:69:75:5d:71:91:df:78:f4:45:d4:c0:52:4b:c6:41:35:ce:
d0:c2:48:4a:ae:02:04:7e:a9:52:23:3a:84:3e:3a:41:d5:30:
58:72:74:74:30:3d:5d:a1:6b:91:8a:cb:5f:25:c0:ee:17:0a:
cd:4f:48:ca:8e:81:3e:42:7b:d2:d6:ca:ae:7e:28:52:31:98:
69:79:af:82:a5:c3:68:4b:e4:e4:39:60:18:85:55:87:ad:ef:
0f:32:61:33:12:fd:53:28:f5:2f:d5:5f:e9:19:9f:59:e3:d1:
e5:19:ec:d2
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUEVSN/ODmWUjF7SM+sQ3FtNYdyJEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYjM0YmRhMTViMjcyZTE3MjIwNWQ0
OWI2Y2U5MTIwZjQ5NzExMGFjZTNlZmY3ZWI3ZmNmNDRlM2UxMDAzZmFhNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBwvTRYhT5yGIckTd/21GNionYG6
lRwy014JI8899pwHi7D7ftP1yjOOvnkas8xHarFkddtwllQoEVF0o9O2YlQuYeif
TdSIBzHwtywTgvnX6rGVArxO2xngOqAk2CtE1tcjUtVUEq2l6IzBvVTeicUDlcDZ
/98OqfEer/oViyAqbY3s/BtACw1RWzNLSlftOpdhJcdA9Gci3kzsShCQDrFL7jJA
NN6YZrIJhHWNxxA1+kocgOAmNxponi4dY+IzQQt+mBecw9hVktgIGqRJ1FZOauP6
psX2+4MhsfRWlKhqO534qGd5SNo08pL/BYwRXLQTAVPBlDGM4cbLpJ4r3QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCyxSy+mazzz+9ztBc51EPVeCt9XMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE3ZmFiZjIyLTQyYzItNDBmMi1hNzIyLTAwNDhjOWVlYmQyYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAba8DANBgkqhkiG9w0BAQsFAAOCAQEAMYxfXb1AfQq7AOJpPpR9
dr3PZdWnyE3NksFTgyLv30MLQ99SSKS7/GhyLow8PUl3YZ4fv743pph6isU5sEGb
OJU8DWaU0LHe3nLnk4t0ihDur6qjU+GAOJMX0ppwX/0ycJDcZYp1L0ikc4c34fgJ
H9jSwCYzOkIs9gfMdzATnh0hwfqSlj/ehkEANs/3HHv+zWl1XXGR33j0RdTAUkvG
QTXO0MJISq4CBH6pUiM6hD46QdUwWHJ0dDA9XaFrkYrLXyXA7hcKzU9Iyo6BPkJ7
0tbKrn4oUjGYaXmvgqXDaEvk5DlgGIVVh63vDzJhMxL9Uyj1L9Vf6RmfWePR5Rns
0g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:07:23 2025 by rpki-client