Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ca52d2f-1a73-4ea1-9bb5-6d983319305f.roa
File: 1ca52d2f-1a73-4ea1-9bb5-6d983319305f.roa (raw, json)
Hash identifier: axUfMXNnIVdBQ2Q1dgnheloflTw6jfu0rLb+IY4cNco=
Subject key identifier: 06:5D:5B:39:D7:0D:75:00:01:31:05:83:37:E2:11:A3:EF:83:E9:22
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7C7048121A95EE6AEE0BF5AD622C98F3B0E582D7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ca52d2f-1a73-4ea1-9bb5-6d983319305f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:c880::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:70:48:12:1a:95:ee:6a:ee:0b:f5:ad:62:2c:98:f3:b0:e5:82:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=790cfc08989d557515b6f77ee311b0ab1b46c59a9a509c3c6538a211337f80ef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b2:92:ea:59:a5:c6:55:5c:fe:90:95:f7:ee:
d7:b3:75:3d:e0:f3:38:ff:e4:69:fb:88:e6:ed:bd:
8d:51:09:58:42:e9:53:51:70:59:af:59:e9:5b:cb:
1e:03:c9:7a:46:f1:78:9c:bb:a8:3a:98:4a:89:6a:
59:a6:6d:b8:29:16:40:b4:95:83:98:53:96:fe:e5:
96:26:05:5d:7b:f0:ec:00:ca:a0:a8:31:85:2e:a6:
c2:a0:dd:34:b1:ec:3d:62:80:e9:1b:64:e6:f1:1b:
88:26:e5:ac:a9:64:ed:89:74:1f:be:54:bf:ca:b4:
c0:5a:0a:a2:8a:5d:b9:9f:de:31:91:22:ad:08:a1:
33:1a:e7:91:5a:2f:d7:68:61:88:0d:52:40:a8:d9:
57:d9:33:3e:ef:1a:77:3c:71:ca:93:d4:24:b5:a4:
e6:14:13:d0:a9:cd:1a:4c:38:0f:29:6b:80:24:68:
97:47:34:36:32:e5:93:c9:ca:c4:fe:53:ec:24:79:
15:e1:48:7d:53:fb:58:05:89:48:ba:8c:af:ed:90:
54:eb:92:c4:bb:47:29:06:25:4b:52:0e:ce:5d:d5:
c2:e7:d1:3e:ad:33:c9:8a:d4:3e:42:4d:b1:b9:3e:
50:d0:4c:e0:f5:ed:98:27:47:de:39:e3:02:18:d9:
8b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5D:5B:39:D7:0D:75:00:01:31:05:83:37:E2:11:A3:EF:83:E9:22
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ca52d2f-1a73-4ea1-9bb5-6d983319305f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:c880::/48
Signature Algorithm: sha256WithRSAEncryption
1e:32:7d:d4:af:fc:a6:66:b6:54:58:ff:4c:0f:f6:39:ce:65:
d2:b7:01:6f:12:7d:14:7b:84:19:64:6e:77:65:ac:de:5f:35:
a8:a2:0b:d3:5a:75:f5:e4:05:45:1c:8c:8a:3b:56:6d:ea:c2:
25:b8:58:84:68:11:53:c7:49:6e:34:6e:ba:59:89:0c:15:29:
2d:16:96:79:99:cb:5e:2b:1d:3c:14:8f:5d:60:6f:d9:18:52:
8d:07:ad:49:89:7e:ce:86:2e:d5:7f:82:8f:08:f4:ef:9a:2e:
4f:e7:5f:89:d6:34:47:44:91:45:a9:35:22:e9:a5:dc:34:cb:
81:6c:91:06:6f:e0:88:21:04:bd:8f:49:f4:ce:81:f2:22:9b:
df:fe:db:50:fe:d5:2b:4f:73:82:07:5c:57:db:7d:b9:ec:a8:
c3:80:b1:7d:e3:d4:ce:66:4a:09:20:8e:86:39:de:d4:46:33:
8a:06:91:f3:ec:33:ef:9b:02:3f:44:6a:dd:7d:6c:6d:47:57:
bc:20:a7:73:67:15:c0:6f:6d:84:35:a0:e3:0a:91:64:4d:5a:
ae:9d:9e:50:1f:2a:be:7d:dd:f9:3d:27:e5:d1:51:53:52:36:
e8:d1:af:74:eb:b3:cd:d6:5c:5b:10:16:4b:a3:55:02:c1:bb:
71:f4:71:6d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUfHBIEhqV7mruC/WtYiyY87DlgtcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANzkwY2ZjMDg5ODlkNTU3NTE1YjZm
NzdlZTMxMWIwYWIxYjQ2YzU5YTlhNTA5YzNjNjUzOGEyMTEzMzdmODBlZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7KS6lmlxlVc/pCV9+7Xs3U94PM4
/+Rp+4jm7b2NUQlYQulTUXBZr1npW8seA8l6RvF4nLuoOphKiWpZpm24KRZAtJWD
mFOW/uWWJgVde/DsAMqgqDGFLqbCoN00sew9YoDpG2Tm8RuIJuWsqWTtiXQfvlS/
yrTAWgqiil25n94xkSKtCKEzGueRWi/XaGGIDVJAqNlX2TM+7xp3PHHKk9QktaTm
FBPQqc0aTDgPKWuAJGiXRzQ2MuWTycrE/lPsJHkV4Uh9U/tYBYlIuoyv7ZBU65LE
u0cpBiVLUg7OXdXC59E+rTPJitQ+Qk2xuT5Q0Ezg9e2YJ0feOeMCGNmLFQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAZdWznXDXUAATEFgzfiEaPvg+kiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFjYTUyZDJmLTFhNzMtNGVhMS05YmI1LTZkOTgzMzE5MzA1Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAMiAMA0GCSqGSIb3DQEBCwUAA4IBAQAeMn3Ur/ymZrZUWP9M
D/Y5zmXStwFvEn0Ue4QZZG53ZazeXzWoogvTWnX15AVFHIyKO1Zt6sIluFiEaBFT
x0luNG66WYkMFSktFpZ5mcteKx08FI9dYG/ZGFKNB61JiX7Ohi7Vf4KPCPTvmi5P
51+J1jRHRJFFqTUi6aXcNMuBbJEGb+CIIQS9j0n0zoHyIpvf/ttQ/tUrT3OCB1xX
23257KjDgLF949TOZkoJII6GOd7URjOKBpHz7DPvmwI/RGrdfWxtR1e8IKdzZxXA
b22ENaDjCpFkTVqunZ5QHyq+fd35PSfl0VFTUjbo0a9067PN1lxbEBZLo1UCwbtx
9HFt
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:19:21 2025 by rpki-client