Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa
File: 1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa (raw, json)
Hash identifier: EZgILTGgPgCGsqxGSke8gitd9yk/D5NcndWRJRYasLI=
Subject key identifier: 75:AC:8C:38:C4:89:25:91:DA:37:82:7A:71:99:48:76:99:06:37:F7
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 41906E3B28A888F8A1E8A77BC470F465E3FF0FD3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:90:6e:3b:28:a8:88:f8:a1:e8:a7:7b:c4:70:f4:65:e3:ff:0f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a5c376b0cdb33562be5c725602d96f9a80c2b888a3914982631366ac53cfbe7d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d6:53:4d:58:ca:a6:b8:3a:db:c8:0d:d3:10:
f1:a1:43:d5:2d:c4:40:0a:22:da:8e:67:af:27:b1:
cf:45:ea:30:8d:fb:6b:67:64:f7:dc:21:9d:a0:98:
0b:07:61:75:61:7c:03:eb:f7:a6:21:f4:bb:82:f9:
23:44:ca:6e:10:3c:69:4c:81:b2:fb:a6:64:47:9c:
6c:95:20:b7:84:92:db:d6:ef:f6:91:64:bf:e6:fe:
d7:e4:14:57:ad:74:09:ea:36:8c:1f:53:cc:1a:a1:
b6:81:52:68:0d:db:5c:65:9b:e9:49:fc:da:b0:27:
db:02:3f:98:24:85:37:4f:d9:f2:1b:de:72:86:e6:
e0:03:4e:b7:04:05:0c:17:5a:da:a2:9c:e2:27:90:
05:fb:17:76:6d:86:9f:bd:1b:80:78:fa:a2:8a:5d:
f4:df:ef:2f:09:d1:4e:84:16:c6:83:2d:13:ef:1d:
c1:e2:57:0c:fa:8f:79:bd:e4:50:2f:70:19:ed:6b:
7f:fb:0e:17:49:a9:fd:2c:b4:fc:4f:8c:7c:4f:64:
65:80:6e:d5:59:2d:cd:7e:c9:6e:a5:aa:93:07:53:
d0:4e:bc:46:48:6c:42:f9:08:bb:02:dc:f0:11:78:
94:8d:26:b2:26:d4:fe:70:db:d8:f6:8a:e7:e3:bb:
2a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AC:8C:38:C4:89:25:91:DA:37:82:7A:71:99:48:76:99:06:37:F7
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:df:e7:33:8f:41:8a:9a:e0:d0:e9:9b:51:4e:e7:0d:2e:dc:
3d:cc:6c:dc:48:9a:42:99:f6:4d:bf:f0:da:ab:0c:ac:a3:4a:
fc:e4:f7:52:b4:54:e0:07:13:2a:86:22:28:28:46:6b:2e:6a:
79:ae:27:97:78:85:ef:a9:d7:88:9f:19:ad:8d:6d:d6:be:89:
f9:4a:40:84:f7:fb:7f:e0:4e:78:5c:04:2c:5e:da:df:6b:0b:
7d:e0:0a:57:93:a9:1a:37:df:5b:15:61:a5:39:6f:7f:e0:93:
59:8c:96:a3:5f:5b:37:51:03:b7:8e:b0:c2:b8:8b:9b:61:74:
e6:7f:1a:f9:c2:ba:28:52:bf:5e:c9:b9:b5:b9:6a:ce:f0:6d:
9f:70:4a:0b:04:a5:ca:30:2a:d9:ac:d2:3e:1e:9f:98:cf:7c:
39:ea:f7:5e:46:aa:4c:f3:10:1c:49:8f:03:81:90:24:7b:99:
60:96:00:f8:87:29:72:46:07:19:50:03:95:89:03:8a:56:58:
ce:d9:e4:7d:ca:6a:42:c1:56:25:d6:e8:40:9f:55:c9:bb:b9:
26:2e:de:56:78:b1:18:c8:b8:b4:98:2a:bd:f8:9b:54:bc:39:
64:e6:86:ab:ce:d3:ad:e3:8a:05:4b:20:49:e3:40:2a:87:f3:
0b:b5:a3:12
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQZBuOyioiPih6Kd7xHD0ZeP/D9MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTVjMzc2YjBjZGIzMzU2MmJlNWM3
MjU2MDJkOTZmOWE4MGMyYjg4OGEzOTE0OTgyNjMxMzY2YWM1M2NmYmU3ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydZTTVjKprg628gN0xDxoUPVLcRA
CiLajmevJ7HPReowjftrZ2T33CGdoJgLB2F1YXwD6/emIfS7gvkjRMpuEDxpTIGy
+6ZkR5xslSC3hJLb1u/2kWS/5v7X5BRXrXQJ6jaMH1PMGqG2gVJoDdtcZZvpSfza
sCfbAj+YJIU3T9nyG95yhubgA063BAUMF1raopziJ5AF+xd2bYafvRuAePqiil30
3+8vCdFOhBbGgy0T7x3B4lcM+o95veRQL3AZ7Wt/+w4XSan9LLT8T4x8T2RlgG7V
WS3NfslupaqTB1PQTrxGSGxC+Qi7AtzwEXiUjSayJtT+cNvY9orn47sqHQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHWsjDjEiSWR2jeCenGZSHaZBjf3MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFlMGY1N2I5LTQ1Y2MtNGNlZS1hN2UzLWI1MDM1OWZlYTRiYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacIAwDQYJKoZIhvcNAQELBQADggEBAJ/f5zOPQYqa4NDpm1FO
5w0u3D3MbNxImkKZ9k2/8NqrDKyjSvzk91K0VOAHEyqGIigoRmsuanmuJ5d4he+p
14ifGa2Nbda+iflKQIT3+3/gTnhcBCxe2t9rC33gCleTqRo331sVYaU5b3/gk1mM
lqNfWzdRA7eOsMK4i5thdOZ/GvnCuihSv17JubW5as7wbZ9wSgsEpcowKtms0j4e
n5jPfDnq915GqkzzEBxJjwOBkCR7mWCWAPiHKXJGBxlQA5WJA4pWWM7Z5H3KakLB
ViXW6ECfVcm7uSYu3lZ4sRjIuLSYKr34m1S8OWTmhqvO063jigVLIEnjQCqH8wu1
oxI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:09:01 2025 by rpki-client