Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa
File: 19c2d4e6-f756-4329-8ef7-563420636cfb.roa (raw, json)
Hash identifier: l6JmOcdXFxuxcts1zMsWMSE/2GrQMyXZMYNM21bwRZk=
Subject key identifier: 59:53:AA:D1:3F:BD:6F:A3:9D:90:02:D5:40:76:62:43:F5:35:E2:FD
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0AF52627B2F76FFB3F25C3B6520814A5E8A8CB7C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa
Signing time: Fri 31 Jan 2025 00:00:00 +0000
ROA not before: Fri 31 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:4000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f5:26:27:b2:f7:6f:fb:3f:25:c3:b6:52:08:14:a5:e8:a8:cb:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 31 00:00:00 2025 GMT
Not After : Mar 7 23:59:59 2025 GMT
Subject: serialNumber=5555cdfee79ac24f7ffa8dc2d088005d5baff410323f6ac6ec42bd53acfef8c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:ee:d2:b2:15:fe:51:e8:52:c2:0b:a4:53:
b6:db:5f:7f:0c:8e:7a:75:3a:ee:95:ef:57:b8:eb:
ad:78:68:0b:e4:83:f0:26:43:80:db:f5:07:cd:2d:
94:6e:2a:ba:a9:a5:f0:08:70:56:2d:6a:4b:30:fc:
04:28:c6:33:71:51:76:7f:c2:75:21:79:2f:14:25:
b8:28:45:d1:35:21:ec:e4:98:f5:d8:f3:f6:90:8f:
28:01:1a:7b:3a:ec:53:e4:3b:07:1c:53:28:5a:65:
51:9c:02:8d:44:e3:a6:72:a6:34:cb:9a:b0:34:be:
6a:3a:c4:cc:e0:29:06:78:40:b8:71:57:67:ad:f2:
25:d6:00:4b:c5:12:ea:9d:27:3f:ff:7a:c9:0d:a8:
02:7d:1b:f9:ad:99:0d:9f:5f:b7:1f:27:ce:c7:8c:
b4:20:39:b6:70:49:0e:7c:29:e5:f8:ca:be:34:b0:
e1:ad:3d:ea:67:b1:35:86:81:63:de:1b:5e:5b:c3:
4c:6f:8c:06:67:36:76:cf:23:ec:c1:b8:86:93:27:
67:01:34:ea:3f:32:0a:7b:a5:0f:86:c2:83:1f:0c:
5e:b8:bb:58:c9:3e:b8:4d:04:19:68:20:90:58:76:
e0:85:a1:92:cd:a8:ac:dc:49:8c:bc:9b:18:2c:ea:
c8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:53:AA:D1:3F:BD:6F:A3:9D:90:02:D5:40:76:62:43:F5:35:E2:FD
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:4000::/48
Signature Algorithm: sha256WithRSAEncryption
52:ee:30:85:eb:da:62:25:a8:54:b6:e6:f4:1b:2b:dd:92:7c:
b1:b1:87:f6:e8:81:3e:1c:4c:e9:fc:72:bb:17:14:ae:3d:f8:
ea:c1:cc:53:bb:28:d5:a6:36:98:81:67:26:8a:11:68:b3:f5:
22:15:5e:f8:fa:d9:90:f4:1f:84:11:25:a8:36:95:17:a8:bc:
c4:e2:47:60:73:25:f9:80:c1:9a:23:15:d7:b9:ad:a1:d9:d0:
84:37:98:8d:f6:a7:98:eb:03:16:00:5f:4c:e2:1b:d9:20:f8:
94:5e:52:94:0e:af:77:09:5b:cd:bb:3d:87:39:03:1f:f4:2a:
67:5b:ff:1c:b4:0d:a4:5d:f0:eb:e6:0a:bf:b0:d6:4a:0b:f6:
f4:c4:49:12:09:1f:9e:f8:8d:47:c4:68:7b:9d:5e:ee:6e:8a:
35:0d:02:1a:77:13:66:33:35:94:eb:47:1f:2f:70:7f:9b:8f:
5d:29:b9:15:c1:e9:5d:3f:68:83:bf:0f:44:ce:72:f7:3b:36:
8c:c2:d9:a6:97:81:a3:25:a6:ed:39:cf:2a:bb:9b:1f:c5:74:
37:cd:e3:3f:44:49:fb:b2:42:0c:1c:4d:27:9c:cb:18:a4:31:
12:e0:f2:d6:c1:0c:ab:31:0e:99:c4:01:22:0e:7d:a9:e2:fd:
cd:20:e7:3b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCvUmJ7L3b/s/JcO2UggUpeioy3wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEzMTAwMDAwMFoX
DTI1MDMwNzIzNTk1OVowejFJMEcGA1UEBRNANTU1NWNkZmVlNzlhYzI0ZjdmZmE4
ZGMyZDA4ODAwNWQ1YmFmZjQxMDMyM2Y2YWM2ZWM0MmJkNTNhY2ZlZjhjMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHnu0rIV/lHoUsILpFO2219/DI56
dTrule9XuOuteGgL5IPwJkOA2/UHzS2Ubiq6qaXwCHBWLWpLMPwEKMYzcVF2f8J1
IXkvFCW4KEXRNSHs5Jj12PP2kI8oARp7OuxT5DsHHFMoWmVRnAKNROOmcqY0y5qw
NL5qOsTM4CkGeEC4cVdnrfIl1gBLxRLqnSc//3rJDagCfRv5rZkNn1+3HyfOx4y0
IDm2cEkOfCnl+Mq+NLDhrT3qZ7E1hoFj3hteW8NMb4wGZzZ2zyPswbiGkydnATTq
PzIKe6UPhsKDHwxeuLtYyT64TQQZaCCQWHbghaGSzais3EmMvJsYLOrIWQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFlTqtE/vW+jnZAC1UB2YkP1NeL9MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE5YzJkNGU2LWY3NTYtNDMyOS04ZWY3LTU2MzQyMDYzNmNmYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9kAAMA0GCSqGSIb3DQEBCwUAA4IBAQBS7jCF69piJahUtub0
GyvdknyxsYf26IE+HEzp/HK7FxSuPfjqwcxTuyjVpjaYgWcmihFos/UiFV74+tmQ
9B+EESWoNpUXqLzE4kdgcyX5gMGaIxXXua2h2dCEN5iN9qeY6wMWAF9M4hvZIPiU
XlKUDq93CVvNuz2HOQMf9CpnW/8ctA2kXfDr5gq/sNZKC/b0xEkSCR+e+I1HxGh7
nV7uboo1DQIadxNmMzWU60cfL3B/m49dKbkVweldP2iDvw9EznL3OzaMwtmml4Gj
JabtOc8qu5sfxXQ3zeM/REn7skIMHE0nnMsYpDES4PLWwQyrMQ6ZxAEiDn2p4v3N
IOc7
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:22 2025 by rpki-client