Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2866068f-61a4-4faf-a893-9d6f8777c5b7.roa
File: 2866068f-61a4-4faf-a893-9d6f8777c5b7.roa (raw, json)
Hash identifier: 1leF8WtU+QEvsUhQXlqtBCt02kdKeb8+efOIVHzzmlQ=
Subject key identifier: 91:A2:A8:1A:6E:75:25:73:11:32:79:61:E5:1F:0D:BA:F5:13:DE:1E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7C6F6FBA35650249AF8DE769B44F21148EF034
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2866068f-61a4-4faf-a893-9d6f8777c5b7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:c000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:6f:6f:ba:35:65:02:49:af:8d:e7:69:b4:4f:21:14:8e:f0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=416038cdcc1650499912c78f4f667089d05a6c835cf708c657666f33599b521f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:ec:e8:d1:cc:b3:4c:9d:31:8d:a1:a3:cb:
19:00:a1:5b:8d:ee:1c:4c:73:d9:ff:0a:4d:f9:8f:
1b:ae:89:69:1e:b3:58:35:b9:ba:64:f5:09:94:a2:
57:1b:d1:24:53:27:0f:e0:17:22:62:99:73:a7:c4:
b1:35:87:2f:cb:28:f7:fc:c7:58:21:b4:43:82:f7:
b2:6c:4a:eb:2c:fd:1e:b5:91:86:0f:39:a6:3b:e6:
21:78:d8:dc:29:68:1d:cf:77:8c:3b:16:96:69:47:
57:d3:95:c4:f1:50:bb:22:89:41:12:fe:a6:dc:a3:
ee:a0:f4:48:02:9a:db:9b:b8:c0:97:cb:9c:48:58:
e4:ea:0e:15:52:f5:41:6c:da:f3:dd:be:22:45:7b:
33:11:00:c3:db:59:3f:7f:52:b9:82:18:1b:a6:74:
aa:97:04:ab:de:a5:b3:09:0b:a1:fc:76:5e:eb:c4:
14:5e:42:08:50:dc:ad:a3:9b:8e:91:80:08:45:9a:
5a:94:49:c2:9c:53:fe:4a:8c:78:7a:35:b1:6e:45:
57:f5:a6:d1:0e:22:df:5b:86:e7:61:3a:a7:88:42:
97:86:79:4f:4a:80:ac:a6:e9:74:ca:02:37:54:b9:
a0:93:19:1a:8b:00:73:11:74:b5:9d:2c:80:7c:e7:
da:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A2:A8:1A:6E:75:25:73:11:32:79:61:E5:1F:0D:BA:F5:13:DE:1E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2866068f-61a4-4faf-a893-9d6f8777c5b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:f1:24:88:e7:f8:de:52:0d:17:14:e3:da:17:04:06:c5:73:
9e:52:87:5a:e1:01:e9:75:39:71:ff:60:b3:b8:b6:08:6f:de:
7d:ee:b7:9d:69:60:0b:1d:e8:5c:ad:6a:f2:45:48:13:16:24:
dc:18:26:5c:33:ba:0f:4d:5b:e0:97:f9:11:a7:94:18:e3:6a:
1d:a2:dc:09:d5:48:f8:2c:91:49:4b:2e:fd:ed:6f:ce:31:50:
d7:bf:91:c7:73:7d:20:87:c2:59:d7:7d:17:01:97:70:8c:ba:
3c:4b:2f:44:a3:28:72:4f:bc:b9:59:d5:8a:bc:e2:07:20:1b:
5d:9e:d8:88:1c:1b:0c:14:11:d9:e7:3e:af:bd:cd:97:ea:70:
70:b0:85:40:86:37:e5:db:99:0b:e1:bf:b4:03:07:60:9c:be:
50:28:01:32:f8:34:10:48:bd:4a:ce:fe:50:33:c3:dc:e3:01:
2b:94:78:a0:25:93:ba:60:45:65:05:cd:08:ce:85:46:27:a5:
7f:21:29:ae:64:58:ac:a8:3e:60:8d:dd:40:57:fe:87:a1:73:
6c:d7:34:2c:c9:9f:9b:96:1c:56:2b:19:0c:a4:ca:d1:19:a3:
c5:34:51:f2:5a:49:a3:03:29:47:9e:7f:d3:08:c8:a0:f2:72:
b8:a5:b8:25
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgITfG9vujVlAkmvjedptE8hFI7wNDANBgkqhkiG9w0BAQsF
ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE
MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwMTA3MDAwMDAwWhcN
MjUwMjExMjM1OTU5WjB6MUkwRwYDVQQFE0A0MTYwMzhjZGNjMTY1MDQ5OTkxMmM3
OGY0ZjY2NzA4OWQwNWE2YzgzNWNmNzA4YzY1NzY2NmYzMzU5OWI1MjFmMS0wKwYD
VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwU+zo0cyzTJ0xjaGjyxkAoVuN7hxM
c9n/Ck35jxuuiWkes1g1ubpk9QmUolcb0SRTJw/gFyJimXOnxLE1hy/LKPf8x1gh
tEOC97JsSuss/R61kYYPOaY75iF42NwpaB3Pd4w7FpZpR1fTlcTxULsiiUES/qbc
o+6g9EgCmtubuMCXy5xIWOTqDhVS9UFs2vPdviJFezMRAMPbWT9/UrmCGBumdKqX
BKvepbMJC6H8dl7rxBReQghQ3K2jm46RgAhFmlqUScKcU/5KjHh6NbFuRVf1ptEO
It9bhudhOqeIQpeGeU9KgKym6XTKAjdUuaCTGRqLAHMRdLWdLIB859pjAgMBAAGj
ggJKMIICRjAdBgNVHQ4EFgQUkaKoGm51JXMRMnlh5R8NuvUT3h4wHwYDVR0jBBgw
FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF
BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv
c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT
eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv
Mjg2NjA2OGYtNjFhNC00ZmFmLWE4OTMtOWQ2Zjg3NzdjNWI3LnJvYTCBlQYDVR0f
BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt
YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw
YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAkBtppwDANBgkqhkiG9w0BAQsFAAOCAQEAffEkiOf43lINFxTj2hcE
BsVznlKHWuEB6XU5cf9gs7i2CG/efe63nWlgCx3oXK1q8kVIExYk3BgmXDO6D01b
4Jf5EaeUGONqHaLcCdVI+CyRSUsu/e1vzjFQ17+Rx3N9IIfCWdd9FwGXcIy6PEsv
RKMock+8uVnVirziByAbXZ7YiBwbDBQR2ec+r73Nl+pwcLCFQIY35duZC+G/tAMH
YJy+UCgBMvg0EEi9Ss7+UDPD3OMBK5R4oCWTumBFZQXNCM6FRielfyEprmRYrKg+
YI3dQFf+h6FzbNc0LMmfm5YcVisZDKTK0RmjxTRR8lpJowMpR55/0wjIoPJyuKW4
JQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:03:28 2025 by rpki-client