Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa
File: 27a80888-f443-40f4-b37a-77f84a697e07.roa (raw, json)
Hash identifier: UDu4kzPeHaZ4BqettttCzHQBsPUxoZf4IRHpMU12lwE=
Subject key identifier: C0:F6:7A:F0:0F:93:66:57:2E:BB:5D:C9:22:CA:4E:AC:7A:E1:7E:4B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 165791D54B8387F744C17C4A97F14D522DAE6880
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:b080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:57:91:d5:4b:83:87:f7:44:c1:7c:4a:97:f1:4d:52:2d:ae:68:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=9f81a04d013ea49dbd713f0d4d1940c4a6f87882e9c66a308ec6eb77dfb402ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:30:6f:88:a7:62:2f:a5:83:57:14:f7:07:
96:26:ed:74:b6:1e:66:29:6a:76:06:59:10:cb:fc:
78:1a:3f:62:6a:2a:91:b1:69:c9:a2:49:83:5a:e7:
e6:0f:47:a9:35:88:6e:9c:8b:f4:80:01:b5:5c:27:
ea:65:9f:2a:25:b5:80:2b:e1:22:0c:40:8a:62:39:
fc:b5:17:b3:84:00:3d:6b:fd:3e:70:49:04:da:a5:
7d:5e:3b:a4:0c:7d:46:47:b8:83:5c:98:b6:97:51:
b0:92:00:b9:74:83:1f:cd:42:9a:01:f2:4f:8f:c5:
88:b0:c6:53:20:02:ba:44:f9:87:b6:3a:4e:bc:23:
c8:83:c2:64:12:15:db:3e:bf:ad:da:39:d7:99:09:
f7:f0:46:5c:ee:6a:8d:ba:b2:9e:17:8d:3e:29:fd:
6e:20:7b:7c:9d:d5:fd:d5:9e:23:85:d7:ba:80:fd:
29:42:36:13:d0:48:a3:04:df:b1:e6:12:20:0a:4f:
33:cf:23:cc:a4:8c:0f:df:84:89:71:d4:4c:98:3b:
f7:0e:17:4c:ae:4f:36:f2:0c:4a:f0:8c:76:5a:ab:
9f:ec:be:77:91:68:81:8f:c5:b5:a5:61:d4:8a:7b:
15:0d:48:25:96:c0:8a:9b:63:44:19:e8:f8:06:12:
7d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F6:7A:F0:0F:93:66:57:2E:BB:5D:C9:22:CA:4E:AC:7A:E1:7E:4B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:b080::/46
Signature Algorithm: sha256WithRSAEncryption
47:8a:a0:81:55:74:57:58:44:e2:9e:bf:f1:7a:db:74:8a:07:
c5:d2:d6:21:76:0e:1c:59:83:76:59:48:53:4a:40:a6:5a:a6:
0a:dc:02:5d:41:20:41:11:d5:3c:81:0a:6c:db:25:ca:f8:fb:
e5:79:b1:85:5d:52:74:70:69:43:79:cb:0e:c4:c0:3a:3e:35:
80:21:a2:4c:0c:dd:60:cc:da:da:31:0e:28:c8:ca:59:6e:5d:
0b:52:bb:f2:67:1e:2b:c0:f7:43:66:5f:1e:e7:07:20:99:e3:
7c:c5:7a:0f:07:cb:83:df:3c:da:ca:fc:71:96:5d:06:8e:14:
d1:67:43:81:bf:d3:d5:81:68:35:cf:83:00:4e:c0:c0:73:29:
5c:2f:51:cd:90:62:45:50:ba:e0:b6:8e:c0:8f:30:ea:78:54:
25:ad:75:7c:eb:b6:aa:fe:10:93:7d:4c:ae:80:bc:fb:75:ca:
59:fa:61:62:26:b5:e3:81:8d:b8:dd:0e:c1:68:69:4d:be:2b:
9e:a9:95:a1:43:1f:2e:4a:d0:64:d9:43:53:5c:4e:d6:ff:b3:
73:21:62:74:80:4b:14:15:e6:20:4e:35:d8:6b:d2:63:98:5c:
71:22:bc:f1:43:9c:6c:fe:20:76:2f:a7:53:3d:1d:df:5a:d7:
6c:a6:f7:fd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUFleR1UuDh/dEwXxKl/FNUi2uaIAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOWY4MWEwNGQwMTNlYTQ5ZGJkNzEz
ZjBkNGQxOTQwYzRhNmY4Nzg4MmU5YzY2YTMwOGVjNmViNzdkZmI0MDJhYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd0wb4inYi+lg1cU9weWJu10th5m
KWp2BlkQy/x4Gj9iaiqRsWnJokmDWufmD0epNYhunIv0gAG1XCfqZZ8qJbWAK+Ei
DECKYjn8tRezhAA9a/0+cEkE2qV9XjukDH1GR7iDXJi2l1GwkgC5dIMfzUKaAfJP
j8WIsMZTIAK6RPmHtjpOvCPIg8JkEhXbPr+t2jnXmQn38EZc7mqNurKeF40+Kf1u
IHt8ndX91Z4jhde6gP0pQjYT0EijBN+x5hIgCk8zzyPMpIwP34SJcdRMmDv3DhdM
rk828gxK8Ix2Wquf7L53kWiBj8W1pWHUinsVDUgllsCKm2NEGej4BhJ9aQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMD2evAPk2ZXLrtdySLKTqx64X5LMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI3YTgwODg4LWY0NDMtNDBmNC1iMzdhLTc3Zjg0YTY5N2UwNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba97CAMA0GCSqGSIb3DQEBCwUAA4IBAQBHiqCBVXRXWETinr/x
ett0igfF0tYhdg4cWYN2WUhTSkCmWqYK3AJdQSBBEdU8gQps2yXK+PvlebGFXVJ0
cGlDecsOxMA6PjWAIaJMDN1gzNraMQ4oyMpZbl0LUrvyZx4rwPdDZl8e5wcgmeN8
xXoPB8uD3zzayvxxll0GjhTRZ0OBv9PVgWg1z4MATsDAcylcL1HNkGJFULrgto7A
jzDqeFQlrXV867aq/hCTfUyugLz7dcpZ+mFiJrXjgY243Q7BaGlNviueqZWhQx8u
StBk2UNTXE7W/7NzIWJ0gEsUFeYgTjXYa9JjmFxxIrzxQ5xs/iB2L6dTPR3fWtds
pvf9
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:53:58 2025 by rpki-client