Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa
File: 1bc66f2e-41cb-465a-add7-471e408dd01e.roa (raw, json)
Hash identifier: tbvre+KF3uA0fHCsuWwj+HwBWh9MwAk1nm13/hdNtrE=
Subject key identifier: 84:D6:25:EF:74:52:64:42:C6:E0:A1:83:F2:96:A9:C0:11:84:35:38
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1001832F3506F8D08C564BB62E8E790EF6B36229
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da14:8000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:01:83:2f:35:06:f8:d0:8c:56:4b:b6:2e:8e:79:0e:f6:b3:62:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=7479769d3b193fd155350a59c6b21bcda1949691d76e018cadca34246a0b1ea7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:9a:72:8e:91:02:d9:13:96:06:ba:0c:fd:
db:24:83:99:df:c5:b1:1f:cc:d3:db:ef:1a:23:ca:
b7:0a:5c:b3:3f:cb:44:f6:cf:21:33:c3:46:17:98:
f1:8a:98:f0:39:1a:27:89:d3:b9:58:80:44:8d:30:
80:c3:71:90:fd:d4:83:9e:de:67:8a:18:94:c8:d3:
f9:4d:91:c2:92:07:8b:56:20:41:d1:a1:30:6a:2b:
92:52:01:40:d6:5c:9f:36:29:44:c7:16:b0:03:63:
d9:af:d7:1e:84:3f:3e:c3:79:ec:d1:59:73:dc:15:
65:bc:ce:ed:1a:67:04:ae:ba:d4:53:e1:b7:31:ef:
00:c3:fd:12:58:b8:c1:f8:a9:35:46:a4:01:99:e3:
56:2d:7d:83:54:82:56:8b:8e:b7:61:73:5f:67:ee:
43:85:29:6a:ed:01:49:74:c4:c1:91:68:29:e7:04:
92:9b:e4:25:e4:06:f3:16:a0:24:37:04:e8:7e:6a:
86:7c:d7:8c:9b:c5:a4:ab:41:2d:f1:37:88:c3:9a:
d1:46:1b:16:07:b2:27:d2:7e:6d:93:53:f6:d5:6d:
bb:8f:be:aa:3b:21:ae:d4:03:19:b9:02:2d:95:17:
28:45:38:9f:08:3d:30:88:6e:34:d1:52:0e:a9:d3:
ad:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D6:25:EF:74:52:64:42:C6:E0:A1:83:F2:96:A9:C0:11:84:35:38
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da14:8000::/36
Signature Algorithm: sha256WithRSAEncryption
a1:9a:33:cf:b0:31:b4:38:c2:e5:c1:99:88:57:0f:b1:98:d8:
08:8b:97:25:a9:91:72:c1:ef:e5:ba:95:ca:e4:27:40:c6:44:
42:1b:3f:7c:a4:31:a8:06:23:96:eb:c1:e2:26:c5:eb:1f:85:
dd:96:43:7b:c0:3f:ef:57:5a:73:d6:3c:19:8d:11:21:a8:07:
4c:8d:da:9e:cb:dd:52:ae:f8:2b:57:35:f5:3e:92:43:6f:48:
c2:6d:fe:95:54:10:44:34:db:b0:0e:c5:93:bd:85:e1:f9:cc:
09:a7:70:e7:18:c1:fb:68:1e:50:50:54:9e:f1:1b:46:bf:9e:
47:b5:4f:bc:ff:1c:4d:4e:e2:8e:ad:91:81:73:16:80:55:53:
21:13:09:b1:10:74:38:63:1b:0a:9c:17:ee:82:32:a0:f6:bc:
e9:fb:7a:72:25:fd:13:27:4b:05:6d:b4:75:04:08:e2:53:d3:
68:d3:c7:ad:2c:74:6c:70:24:41:ea:30:38:d1:98:f8:d3:0e:
fe:4b:7a:e4:f8:4c:5c:16:42:e6:a9:ef:06:79:b1:e1:cb:3f:
f0:5e:05:a7:3f:1b:e1:28:b0:5e:ca:c9:4a:66:5d:67:3f:ee:
f3:52:f9:df:35:20:50:06:0e:63:8f:6c:de:4f:98:ec:1e:8a:
72:34:7f:60
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEAGDLzUG+NCMVku2Lo55DvazYikwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANzQ3OTc2OWQzYjE5M2ZkMTU1MzUw
YTU5YzZiMjFiY2RhMTk0OTY5MWQ3NmUwMThjYWRjYTM0MjQ2YTBiMWVhNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGSaco6RAtkTlga6DP3bJIOZ38Wx
H8zT2+8aI8q3ClyzP8tE9s8hM8NGF5jxipjwORonidO5WIBEjTCAw3GQ/dSDnt5n
ihiUyNP5TZHCkgeLViBB0aEwaiuSUgFA1lyfNilExxawA2PZr9cehD8+w3ns0Vlz
3BVlvM7tGmcErrrUU+G3Me8Aw/0SWLjB+Kk1RqQBmeNWLX2DVIJWi463YXNfZ+5D
hSlq7QFJdMTBkWgp5wSSm+Ql5AbzFqAkNwTofmqGfNeMm8Wkq0Et8TeIw5rRRhsW
B7In0n5tk1P21W27j76qOyGu1AMZuQItlRcoRTifCD0wiG400VIOqdOtVQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFITWJe90UmRCxuChg/KWqcARhDU4MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFiYzY2ZjJlLTQxY2ItNDY1YS1hZGQ3LTQ3MWU0MDhkZDAxZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaFIAwDQYJKoZIhvcNAQELBQADggEBAKGaM8+wMbQ4wuXBmYhX
D7GY2AiLlyWpkXLB7+W6lcrkJ0DGREIbP3ykMagGI5brweImxesfhd2WQ3vAP+9X
WnPWPBmNESGoB0yN2p7L3VKu+CtXNfU+kkNvSMJt/pVUEEQ027AOxZO9heH5zAmn
cOcYwftoHlBQVJ7xG0a/nke1T7z/HE1O4o6tkYFzFoBVUyETCbEQdDhjGwqcF+6C
MqD2vOn7enIl/RMnSwVttHUECOJT02jTx60sdGxwJEHqMDjRmPjTDv5LeuT4TFwW
Quap7wZ5seHLP/BeBac/G+EosF7KyUpmXWc/7vNS+d81IFAGDmOPbN5PmOweinI0
f2A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:11:24 2025 by rpki-client