Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa
File: 24d9e029-97cb-43ac-a07a-cb219c1b416c.roa (raw, json)
Hash identifier: 2F8d3GGK9t0Ku6+/JzrkgJ6LsPtq8J7+6lz6ORsIUwI=
Subject key identifier: C0:31:2F:49:CF:7B:C3:F2:29:E6:2F:A2:94:3E:9A:00:D4:E7:12:22
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2E27BF2D3F91F8B5277610E13A4902ACD2BABA8C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:27:bf:2d:3f:91:f8:b5:27:76:10:e1:3a:49:02:ac:d2:ba:ba:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=68b4a4883851bd693f71db5998aa63a06a9ce5509536b1e0ffc0f63929d2d9b3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e2:36:3a:b0:6a:5e:48:ea:94:16:68:a7:74:
1b:86:5a:af:d0:89:b6:80:a1:34:8a:fd:d0:8c:93:
92:dc:7b:c3:e5:f4:5d:3e:81:a7:07:70:dc:bd:b9:
83:d8:09:e2:2d:0c:e3:e1:6e:56:64:ce:62:72:1c:
9c:4a:f3:5e:73:2b:08:f3:44:5b:c2:89:20:4b:d7:
02:43:8c:00:5b:2d:60:02:bb:bf:e7:07:6f:6b:21:
41:54:23:da:cb:9a:fc:d7:a0:11:19:40:d5:b1:4c:
31:0c:05:80:7c:11:64:a4:47:45:4f:7a:ce:3b:92:
e1:19:37:a8:13:7b:ad:8d:a4:10:24:ed:e2:15:f7:
aa:48:77:ea:c0:25:f8:c0:b0:bd:59:fc:62:a1:f1:
0e:db:73:14:99:3a:70:32:03:1c:6a:3e:9b:d6:e7:
6f:87:bd:59:5f:22:39:b1:39:ca:bc:72:86:97:9f:
24:02:2e:58:10:cd:fe:7b:74:e4:28:94:0e:3f:99:
13:4a:fb:d8:ee:de:dc:71:f8:5f:55:6c:41:ac:4b:
4b:bd:df:41:69:52:9c:d2:73:7e:38:85:dc:74:63:
35:5f:83:14:be:bf:39:4a:86:b0:a2:ed:64:5c:80:
92:7f:16:ff:6f:f1:e6:6b:f2:bc:ac:ab:ed:e6:9d:
9e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:31:2F:49:CF:7B:C3:F2:29:E6:2F:A2:94:3E:9A:00:D4:E7:12:22
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:e000::/40
Signature Algorithm: sha256WithRSAEncryption
06:cb:fa:bb:62:34:40:e1:2b:19:91:36:22:ac:fc:9d:b2:38:
69:37:4a:65:1e:ce:4f:93:c9:a5:16:cc:cb:16:bf:31:0e:b0:
c2:0e:23:ee:a4:79:2a:98:41:30:57:87:06:2a:a7:55:4f:4e:
65:2e:c1:28:d7:ca:78:f4:de:03:5d:2e:5a:c4:1e:14:59:d2:
36:de:21:43:a3:d2:83:37:1c:ba:8c:b3:fd:cb:50:d3:6c:ba:
dc:5b:80:19:d7:be:2b:d3:50:07:df:bd:5f:ae:82:d6:e2:22:
44:be:67:21:e3:43:a4:a8:48:88:12:cc:2f:75:ea:a6:5c:ad:
36:c1:98:06:ab:0f:9a:c3:31:63:e7:6a:7d:9b:e8:26:9b:d5:
0b:83:dd:d8:1a:a1:34:31:95:7d:32:96:13:99:5f:c3:03:ad:
2f:69:86:b7:b4:c6:a7:62:49:92:b6:39:55:cb:f9:26:68:34:
28:17:80:60:12:8f:c2:83:45:be:8b:86:aa:36:83:38:96:77:
17:30:a2:e8:d2:90:2b:23:dd:d6:67:af:5b:50:35:d6:89:08:
db:01:9b:b8:b2:16:ae:ba:38:47:80:28:fe:93:57:1d:d9:a1:
15:c0:09:83:f9:2b:95:0b:0f:c7:bd:d4:67:d0:6a:db:a3:b6:
ab:c2:0f:14
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULie/LT+R+LUndhDhOkkCrNK6uowwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANjhiNGE0ODgzODUxYmQ2OTNmNzFk
YjU5OThhYTYzYTA2YTljZTU1MDk1MzZiMWUwZmZjMGY2MzkyOWQyZDliMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+I2OrBqXkjqlBZop3Qbhlqv0Im2
gKE0iv3QjJOS3HvD5fRdPoGnB3DcvbmD2AniLQzj4W5WZM5ichycSvNecysI80Rb
wokgS9cCQ4wAWy1gAru/5wdvayFBVCPay5r816ARGUDVsUwxDAWAfBFkpEdFT3rO
O5LhGTeoE3utjaQQJO3iFfeqSHfqwCX4wLC9WfxiofEO23MUmTpwMgMcaj6b1udv
h71ZXyI5sTnKvHKGl58kAi5YEM3+e3TkKJQOP5kTSvvY7t7ccfhfVWxBrEtLvd9B
aVKc0nN+OIXcdGM1X4MUvr85Soawou1kXICSfxb/b/Hma/K8rKvt5p2e/wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMAxL0nPe8PyKeYvopQ+mgDU5xIiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI0ZDllMDI5LTk3Y2ItNDNhYy1hMDdhLWNiMjE5YzFiNDE2Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYeAwDQYJKoZIhvcNAQELBQADggEBAAbL+rtiNEDhKxmRNiKs
/J2yOGk3SmUezk+TyaUWzMsWvzEOsMIOI+6keSqYQTBXhwYqp1VPTmUuwSjXynj0
3gNdLlrEHhRZ0jbeIUOj0oM3HLqMs/3LUNNsutxbgBnXvivTUAffvV+ugtbiIkS+
ZyHjQ6SoSIgSzC916qZcrTbBmAarD5rDMWPnan2b6Cab1QuD3dgaoTQxlX0ylhOZ
X8MDrS9phre0xqdiSZK2OVXL+SZoNCgXgGASj8KDRb6Lhqo2gziWdxcwoujSkCsj
3dZnr1tQNdaJCNsBm7iyFq66OEeAKP6TVx3ZoRXACYP5K5ULD8e91GfQatujtqvC
DxQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:46:38 2025 by rpki-client