Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa
File: 24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa (raw, json)
Hash identifier: I/l3QA0bXlYdDu2sDFMfgcD6bHyV6R0sNDfe6jmEmt8=
Subject key identifier: AE:F0:40:6F:81:A8:01:A4:F4:C3:7D:D1:63:E7:E0:2F:0E:11:AA:95
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5781E993B6090C8419E42363354C683BE1F95B9B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa
Signing time: Fri 31 Jan 2025 00:00:00 +0000
ROA not before: Fri 31 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:e000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:81:e9:93:b6:09:0c:84:19:e4:23:63:35:4c:68:3b:e1:f9:5b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 31 00:00:00 2025 GMT
Not After : Mar 7 23:59:59 2025 GMT
Subject: serialNumber=5d01feda90981ac314bb29745b8edf88b8fe6d3f4c88d9f1eb999298c220f336, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:81:18:9b:85:d6:32:7f:69:1e:39:6a:01:99:
dd:74:ed:97:e8:ff:74:90:b1:6d:77:2c:f9:a1:b9:
4c:21:71:94:0a:3f:9e:23:55:48:e8:84:7d:f6:d8:
37:2d:2e:78:f3:f2:db:b4:73:04:7e:16:c8:2c:f8:
f4:88:95:61:e2:11:62:8d:ad:71:7d:b6:08:f4:a6:
3c:10:cc:13:2a:77:a6:b3:17:11:ac:fd:23:32:5c:
b7:d3:db:63:eb:d2:54:ae:78:29:14:17:e8:7e:57:
02:c4:73:f4:c0:88:d7:4e:96:da:8d:ff:f1:36:67:
fe:d6:83:5a:1b:fc:c9:31:bb:55:c3:cc:f8:76:85:
11:e5:3a:cb:1a:70:6d:7d:a8:d1:5c:b9:27:fc:a9:
39:54:dc:52:98:ec:72:17:7a:da:29:e5:c5:4a:ba:
e2:8d:69:c8:96:c1:6f:9e:4e:b4:c1:e8:01:be:75:
67:cc:db:ef:f4:a2:b3:08:78:cc:a9:41:b5:22:78:
51:c1:f7:06:8d:b3:92:ae:3e:95:6b:d2:f7:78:37:
3c:89:86:79:3f:69:84:24:bf:23:ad:6d:08:85:fd:
e3:84:a0:5c:db:3a:e0:43:b3:4d:0a:8e:23:cc:71:
94:a9:69:0e:06:2d:12:7e:4c:d0:83:68:fc:46:59:
c3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F0:40:6F:81:A8:01:A4:F4:C3:7D:D1:63:E7:E0:2F:0E:11:AA:95
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:e000::/48
Signature Algorithm: sha256WithRSAEncryption
9c:2d:5c:ff:b6:d7:52:ac:ad:df:ed:6c:1f:59:a4:4f:07:f1:
5d:5b:33:af:e1:cf:34:0c:8e:d9:8b:a8:e8:08:5c:6b:c8:92:
54:99:46:a5:fd:c0:8b:4e:21:e7:0f:5e:12:e9:4f:a0:01:43:
84:97:63:68:a5:10:71:7f:04:57:59:04:12:84:4f:df:65:a7:
6e:08:34:34:e1:28:ac:5b:33:9d:fc:89:9d:23:e6:79:da:e4:
06:2e:e1:b0:c7:39:4c:88:19:4d:aa:03:4f:14:46:04:a5:38:
1b:ce:34:28:e9:82:8a:33:83:f6:5a:e8:4b:6e:14:f0:67:9d:
b4:38:ac:04:88:b3:e7:0c:66:e6:6a:36:23:9e:f4:52:cf:1c:
b1:8b:a2:04:0c:58:f4:14:12:20:14:b4:48:16:a5:d3:89:27:
09:11:85:93:42:d7:85:53:77:d1:22:67:fc:9f:b8:09:94:05:
07:9b:28:1b:52:6d:44:b1:db:66:76:ef:f8:4a:90:46:c0:1d:
3a:72:74:1e:a9:73:d2:f8:ee:42:af:bb:8c:fc:bd:6f:dc:5f:
b6:f3:7e:f1:4b:06:1e:8d:ef:b5:b9:33:53:bb:83:dd:5f:ad:
a4:97:2a:49:d4:74:e6:e0:c7:fa:a5:4e:f5:85:3b:bf:28:8c:
45:97:40:55
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUV4Hpk7YJDIQZ5CNjNUxoO+H5W5swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEzMTAwMDAwMFoX
DTI1MDMwNzIzNTk1OVowejFJMEcGA1UEBRNANWQwMWZlZGE5MDk4MWFjMzE0YmIy
OTc0NWI4ZWRmODhiOGZlNmQzZjRjODhkOWYxZWI5OTkyOThjMjIwZjMzNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYEYm4XWMn9pHjlqAZnddO2X6P90
kLFtdyz5oblMIXGUCj+eI1VI6IR99tg3LS548/LbtHMEfhbILPj0iJVh4hFija1x
fbYI9KY8EMwTKnemsxcRrP0jMly309tj69JUrngpFBfoflcCxHP0wIjXTpbajf/x
Nmf+1oNaG/zJMbtVw8z4doUR5TrLGnBtfajRXLkn/Kk5VNxSmOxyF3raKeXFSrri
jWnIlsFvnk60wegBvnVnzNvv9KKzCHjMqUG1InhRwfcGjbOSrj6Va9L3eDc8iYZ5
P2mEJL8jrW0Ihf3jhKBc2zrgQ7NNCo4jzHGUqWkOBi0SfkzQg2j8RlnDnwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFK7wQG+BqAGk9MN90WPn4C8OEaqVMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI0ZTJlMDI0LTRiZDMtNGY2Yi04NzRjLTBlZjdhNGNiZWJjMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9uAAMA0GCSqGSIb3DQEBCwUAA4IBAQCcLVz/ttdSrK3f7Wwf
WaRPB/FdWzOv4c80DI7Zi6joCFxryJJUmUal/cCLTiHnD14S6U+gAUOEl2NopRBx
fwRXWQQShE/fZaduCDQ04SisWzOd/ImdI+Z52uQGLuGwxzlMiBlNqgNPFEYEpTgb
zjQo6YKKM4P2WuhLbhTwZ520OKwEiLPnDGbmajYjnvRSzxyxi6IEDFj0FBIgFLRI
FqXTiScJEYWTQteFU3fRImf8n7gJlAUHmygbUm1Esdtmdu/4SpBGwB06cnQeqXPS
+O5Cr7uM/L1v3F+2837xSwYeje+1uTNTu4PdX62klypJ1HTm4Mf6pU71hTu/KIxF
l0BV
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:47 2025 by rpki-client