Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1aaf6328-08de-4735-8d71-2cf6b53109d4.roa
File: 1aaf6328-08de-4735-8d71-2cf6b53109d4.roa (raw, json)
Hash identifier: aWx5hblolsFXahsV6e4UooOAmbQM/ZBmkw29neTT42U=
Subject key identifier: 04:0F:4D:A4:07:A6:21:66:6B:CC:85:09:B7:65:34:0E:A1:F7:EE:42
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7A3598D9D338EF46B3687EB5C88944E97516C78F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1aaf6328-08de-4735-8d71-2cf6b53109d4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:2080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:35:98:d9:d3:38:ef:46:b3:68:7e:b5:c8:89:44:e9:75:16:c7:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=888cfc674170f4fd7fcd1ad62eed935a0c80ded2c5479ea1741ced029cf2b22b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:fb:eb:ee:88:40:15:97:b6:c1:4c:22:3d:
77:72:e2:1e:18:36:ef:ef:1a:f3:13:35:d3:b8:b0:
0e:43:62:92:88:30:15:41:7d:8b:1d:a3:53:66:d1:
a8:1c:f1:6b:62:06:81:9e:53:7d:84:85:74:bf:d1:
d5:12:ac:87:88:03:98:62:4c:e5:b6:cc:c5:a3:ca:
36:5f:91:e8:46:d0:d3:a2:77:4b:ef:07:d3:1a:0a:
a4:1e:ad:2d:66:f7:b5:19:68:09:ca:e3:67:62:04:
5d:74:ab:d3:d2:81:b3:0c:f7:56:a0:16:ab:34:32:
b7:b0:2c:d0:ac:3e:9a:fc:10:8d:ef:c6:f4:59:3b:
0e:6b:cf:49:44:75:06:26:9d:85:0c:37:8a:cf:62:
cd:b1:37:f2:b8:13:99:d2:40:f8:81:39:20:d7:24:
78:85:6e:f7:2d:63:a7:4b:3f:ea:94:d5:99:5d:2c:
2f:33:01:f7:51:a6:0d:3f:3e:ad:1e:06:fb:cb:74:
65:3e:1f:cb:c5:6a:a8:bf:0f:37:54:95:6a:b9:bb:
9a:5c:2d:44:6a:a7:7b:45:07:e0:a2:12:72:0a:12:
1f:84:18:66:6c:ce:af:83:42:53:15:96:19:ad:20:
d8:8a:76:3e:9a:b0:22:f2:a3:86:96:79:d0:60:45:
12:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0F:4D:A4:07:A6:21:66:6B:CC:85:09:B7:65:34:0E:A1:F7:EE:42
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1aaf6328-08de-4735-8d71-2cf6b53109d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:2080::/48
Signature Algorithm: sha256WithRSAEncryption
75:9a:27:d3:56:c7:d5:48:39:f4:e7:15:03:7d:9d:d6:bc:19:
73:66:7b:71:6c:1e:2e:3e:79:4f:ad:d8:20:1a:99:f5:1f:ac:
6f:91:f4:ad:23:5e:4b:0a:b3:04:23:7a:a7:bc:ed:89:b1:f4:
09:1e:56:1e:6c:33:c9:e2:6b:d6:91:0c:0c:a6:f3:dd:1d:66:
23:4f:35:09:fd:26:ee:f2:6f:0b:d3:5b:d2:83:90:fa:ea:61:
a5:31:dc:73:36:00:cf:91:af:3b:e7:48:10:f7:d9:39:91:7c:
c0:7b:6e:d4:15:e3:8e:bb:b3:9c:2c:11:ab:3e:7c:f5:53:87:
8b:52:f8:9a:a0:66:2c:c8:58:83:8f:c2:b2:0d:a4:a8:83:37:
d9:7e:d8:6f:f7:d3:3f:e5:c2:95:ec:96:dd:37:26:96:41:5e:
91:8f:d2:3e:ce:c6:93:ad:20:95:60:0d:4f:77:76:e6:f6:ae:
94:cb:79:14:ce:07:c3:fe:aa:70:ae:73:52:fb:42:1a:bb:33:
d8:8a:ff:89:11:04:10:8e:90:04:ca:53:47:e7:59:ca:4a:1b:
7f:a2:ea:0e:5b:e1:5b:32:59:df:ee:fa:23:ee:62:48:fa:5e:
dd:6a:3d:05:8a:40:b0:4d:4a:08:c8:ca:84:01:96:2b:06:d6:
4c:45:53:55
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUejWY2dM470azaH61yIlE6XUWx48wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAODg4Y2ZjNjc0MTcwZjRmZDdmY2Qx
YWQ2MmVlZDkzNWEwYzgwZGVkMmM1NDc5ZWExNzQxY2VkMDI5Y2YyYjIyYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb/76+6IQBWXtsFMIj13cuIeGDbv
7xrzEzXTuLAOQ2KSiDAVQX2LHaNTZtGoHPFrYgaBnlN9hIV0v9HVEqyHiAOYYkzl
tszFo8o2X5HoRtDTondL7wfTGgqkHq0tZve1GWgJyuNnYgRddKvT0oGzDPdWoBar
NDK3sCzQrD6a/BCN78b0WTsOa89JRHUGJp2FDDeKz2LNsTfyuBOZ0kD4gTkg1yR4
hW73LWOnSz/qlNWZXSwvMwH3UaYNPz6tHgb7y3RlPh/LxWqovw83VJVqubuaXC1E
aqd7RQfgohJyChIfhBhmbM6vg0JTFZYZrSDYinY+mrAi8qOGlnnQYEUS4QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAQPTaQHpiFma8yFCbdlNA6h9+5CMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFhYWY2MzI4LTA4ZGUtNDczNS04ZDcxLTJjZjZiNTMxMDlkNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaACCAMA0GCSqGSIb3DQEBCwUAA4IBAQB1mifTVsfVSDn05xUD
fZ3WvBlzZntxbB4uPnlPrdggGpn1H6xvkfStI15LCrMEI3qnvO2JsfQJHlYebDPJ
4mvWkQwMpvPdHWYjTzUJ/Sbu8m8L01vSg5D66mGlMdxzNgDPka8750gQ99k5kXzA
e27UFeOOu7OcLBGrPnz1U4eLUviaoGYsyFiDj8KyDaSogzfZfthv99M/5cKV7Jbd
NyaWQV6Rj9I+zsaTrSCVYA1Pd3bm9q6Uy3kUzgfD/qpwrnNS+0IauzPYiv+JEQQQ
jpAEylNH51nKSht/ouoOW+FbMlnf7voj7mJI+l7daj0FikCwTUoIyMqEAZYrBtZM
RVNV
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:39:56 2025 by rpki-client