Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d157aba-693e-4328-9256-52d6fc681a3f.roa
File: 1d157aba-693e-4328-9256-52d6fc681a3f.roa (raw, json)
Hash identifier: w9JU9sUQOchuXSpPDTS3ncrvg4kYnEhHNDIp0WAHbWA=
Subject key identifier: 91:58:15:74:FF:17:19:B0:3B:54:93:02:82:29:29:E4:59:58:C3:47
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1062301EA949D3741AE966E83EF4E6B6328298AE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d157aba-693e-4328-9256-52d6fc681a3f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:e040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:62:30:1e:a9:49:d3:74:1a:e9:66:e8:3e:f4:e6:b6:32:82:98:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=1a16ed6e0b1dab07eaadfe75b0146e91a180ff3838bb64896088949e9b33e205, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c6:f6:ee:c9:0e:8a:90:f9:85:ba:ce:b7:cc:
1e:0c:95:64:f3:2a:a0:42:1c:90:3e:fb:38:70:6f:
ea:8e:ff:47:62:4e:2a:7a:34:f7:2a:d5:02:aa:85:
6f:08:26:e4:4a:0f:57:75:0a:99:76:ac:2f:55:e7:
82:05:d3:08:f2:74:de:92:71:09:93:75:89:b4:14:
1c:02:51:68:69:2b:78:31:e6:42:0f:c8:87:aa:16:
d5:94:3d:e7:df:56:ce:69:62:ae:5a:87:ab:2a:ff:
d0:f0:91:e3:2f:cc:c5:a0:da:05:09:a6:f9:a8:59:
87:4a:4f:83:1c:57:76:8a:bb:e5:31:ba:9c:03:3c:
fa:fc:db:e6:a0:54:79:73:83:fe:19:73:d9:52:56:
10:51:ea:88:7f:11:8f:4e:42:be:54:86:98:89:22:
e9:f2:fa:ff:a0:80:24:6a:f1:7d:93:e2:2c:ba:5b:
29:6f:3f:6e:be:e6:d1:92:a5:bd:0f:0b:44:95:30:
ee:64:12:68:19:ce:f5:42:54:30:cf:c0:cc:a9:89:
bb:38:45:08:84:f2:9d:a2:f7:00:47:15:64:aa:c8:
76:42:fc:50:b3:ce:05:ae:eb:99:81:28:0c:ec:63:
c8:90:32:ab:0b:81:a4:e5:8d:74:74:48:39:1e:c6:
c3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:58:15:74:FF:17:19:B0:3B:54:93:02:82:29:29:E4:59:58:C3:47
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d157aba-693e-4328-9256-52d6fc681a3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:e040::/48
Signature Algorithm: sha256WithRSAEncryption
25:44:1b:d8:fb:a5:1d:d1:29:fe:d0:ea:6f:fb:ee:15:52:3e:
d7:e7:be:50:8f:f7:3b:cb:0d:22:a8:e2:a9:0c:be:ec:93:ab:
97:5f:a7:43:53:00:65:a5:17:fc:96:34:41:68:b6:09:56:2b:
a3:ff:99:3b:46:91:ba:81:3e:1a:cb:d0:a2:ea:8d:fb:13:78:
19:42:3a:d3:26:59:e3:a7:21:f1:20:31:ef:75:dd:ab:e5:53:
cb:a7:25:ff:78:4a:be:75:cb:e7:20:45:0d:2f:f1:78:3e:39:
03:aa:bb:63:fd:aa:82:d6:85:38:06:38:c5:d3:26:3e:17:a2:
8e:10:af:38:10:21:6e:38:ab:b8:78:f9:d3:a0:a6:d0:79:4b:
f6:be:de:96:f1:c9:78:49:de:b6:b0:17:8a:98:58:eb:65:3d:
9e:48:8a:f3:b0:5d:5a:70:a1:e6:e3:a0:7a:f5:06:df:7c:be:
c9:32:97:4c:e5:66:50:16:53:9a:c1:9c:87:1e:e7:f5:d7:e8:
1e:1b:4d:72:34:81:fc:fc:7d:e8:15:3f:df:13:64:f3:27:90:
4e:c3:7b:bf:5c:8d:ec:62:05:39:ce:da:e2:01:09:1e:14:91:
96:a0:cc:b9:22:fb:06:a6:81:c8:60:6b:7b:4e:b6:99:df:00:
0f:10:25:3e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUEGIwHqlJ03Qa6WboPvTmtjKCmK4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMWExNmVkNmUwYjFkYWIwN2VhYWRm
ZTc1YjAxNDZlOTFhMTgwZmYzODM4YmI2NDg5NjA4ODk0OWU5YjMzZTIwNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMb27skOipD5hbrOt8weDJVk8yqg
QhyQPvs4cG/qjv9HYk4qejT3KtUCqoVvCCbkSg9XdQqZdqwvVeeCBdMI8nTeknEJ
k3WJtBQcAlFoaSt4MeZCD8iHqhbVlD3n31bOaWKuWoerKv/Q8JHjL8zFoNoFCab5
qFmHSk+DHFd2irvlMbqcAzz6/NvmoFR5c4P+GXPZUlYQUeqIfxGPTkK+VIaYiSLp
8vr/oIAkavF9k+Isulspbz9uvubRkqW9DwtElTDuZBJoGc71QlQwz8DMqYm7OEUI
hPKdovcARxVkqsh2QvxQs84FruuZgSgM7GPIkDKrC4Gk5Y10dEg5HsbDTwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJFYFXT/FxmwO1STAoIpKeRZWMNHMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFkMTU3YWJhLTY5M2UtNDMyOC05MjU2LTUyZDZmYzY4MWEzZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9OBAMA0GCSqGSIb3DQEBCwUAA4IBAQAlRBvY+6Ud0Sn+0Opv
++4VUj7X575Qj/c7yw0iqOKpDL7sk6uXX6dDUwBlpRf8ljRBaLYJViuj/5k7RpG6
gT4ay9Ci6o37E3gZQjrTJlnjpyHxIDHvdd2r5VPLpyX/eEq+dcvnIEUNL/F4PjkD
qrtj/aqC1oU4BjjF0yY+F6KOEK84ECFuOKu4ePnToKbQeUv2vt6W8cl4Sd62sBeK
mFjrZT2eSIrzsF1acKHm46B69QbffL7JMpdM5WZQFlOawZyHHuf11+geG01yNIH8
/H3oFT/fE2TzJ5BOw3u/XI3sYgU5ztriAQkeFJGWoMy5IvsGpoHIYGt7TraZ3wAP
ECU+
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:36:36 2025 by rpki-client