Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa
File: 2b4adb97-a33f-485c-865b-badaa1f9c897.roa (raw, json)
Hash identifier: cwQl6lvr9oRbY1xqroDjSINF9RrU6BoM8yP81FOZlJs=
Subject key identifier: EC:2D:E5:DE:95:F0:71:F9:B1:F3:AC:A0:C1:B1:90:8D:64:15:4F:65
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1126FEF6D4DE0F5E00C47C8B01DCB563A873A3B3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:26:fe:f6:d4:de:0f:5e:00:c4:7c:8b:01:dc:b5:63:a8:73:a3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5f68f6247191944d3748054601ad8656d47c08eaa678541a35e00af7394461fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:24:7b:8e:34:ed:fc:af:3e:a0:3e:4c:49:
60:23:73:f5:3c:2c:0e:fb:a9:8e:b4:f2:fe:62:31:
1d:34:a9:3c:07:40:5f:9f:0c:32:f6:e1:cb:dd:e6:
a6:aa:d4:1d:4a:90:30:7e:63:37:33:59:a2:be:26:
2c:fe:6e:65:60:59:72:c1:be:03:c9:11:e1:5c:bc:
a0:f0:76:79:8a:3d:dd:7d:ee:0a:18:63:67:55:f5:
e5:aa:e1:f5:23:14:ae:1d:6e:cd:62:e4:a7:e9:30:
47:40:2b:ff:52:05:e5:95:e4:1f:5f:e3:b3:2c:d4:
7a:33:1c:d7:5d:6b:55:bf:a1:2e:3d:10:63:0f:7a:
90:ad:2e:c8:75:2a:10:27:cc:ef:46:3d:7d:e5:2d:
1d:9e:6d:01:97:5c:62:07:88:9e:c6:5a:82:38:6d:
b4:bb:ae:26:c0:ab:ce:1e:fb:0b:bf:1f:e9:37:58:
f3:e7:2f:a4:bb:06:d5:64:a9:ed:e6:41:de:f5:be:
e4:38:cc:c5:be:56:2a:15:0a:2d:32:28:dd:ee:0e:
82:11:22:b4:0a:6b:ce:08:4c:7c:f3:bc:c7:cc:e3:
08:62:90:32:3f:06:c2:ac:80:e8:1f:5d:ed:b8:80:
f3:d5:9c:78:6c:6c:51:85:3c:1a:fe:16:c2:19:fc:
26:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2D:E5:DE:95:F0:71:F9:B1:F3:AC:A0:C1:B1:90:8D:64:15:4F:65
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:b000::/40
Signature Algorithm: sha256WithRSAEncryption
84:29:87:46:80:c7:d3:6d:66:20:70:ec:e4:86:b6:e3:a3:95:
c8:2e:9f:79:3e:e0:e5:31:97:c2:fc:e2:0f:0a:78:27:b4:6e:
23:a0:3b:41:9f:93:4c:eb:ec:8e:a0:bb:1a:85:80:ab:c2:e3:
34:b4:13:41:c5:19:12:ca:3a:62:ec:8a:f9:a4:61:f4:5a:ee:
78:32:a3:66:df:4f:76:c7:7c:d8:78:d4:38:de:23:f4:76:61:
1e:07:df:9b:9d:ec:06:25:e5:e2:44:fe:06:9d:5a:3a:03:72:
00:f7:de:02:9d:0d:68:79:ec:44:54:3a:50:c0:35:60:78:f2:
39:1b:02:21:71:d6:d3:5f:a5:a5:a6:65:b1:6c:ce:b9:a2:3d:
39:f0:98:82:47:54:91:37:e8:d6:b1:4a:4e:cb:3d:e6:ce:3a:
41:92:f9:70:aa:09:ce:a3:bf:3f:d1:b9:c3:ff:be:32:5a:3c:
41:35:e2:3d:36:23:1f:53:a1:84:cd:3b:d8:96:66:fd:d9:ff:
db:34:4f:a7:66:af:f7:11:ee:34:97:77:98:6b:b9:02:02:9e:
cf:4b:3c:a2:eb:d9:95:fa:24:08:18:1c:1f:46:8b:fa:7e:7b:
84:45:c9:d0:c7:20:fe:6b:8b:67:4b:f4:ea:41:dd:9a:8c:2a:
04:56:d8:f7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUESb+9tTeD14AxHyLAdy1Y6hzo7MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWY2OGY2MjQ3MTkxOTQ0ZDM3NDgw
NTQ2MDFhZDg2NTZkNDdjMDhlYWE2Nzg1NDFhMzVlMDBhZjczOTQ0NjFmZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbAke4407fyvPqA+TElgI3P1PCwO
+6mOtPL+YjEdNKk8B0Bfnwwy9uHL3eamqtQdSpAwfmM3M1miviYs/m5lYFlywb4D
yRHhXLyg8HZ5ij3dfe4KGGNnVfXlquH1IxSuHW7NYuSn6TBHQCv/UgXlleQfX+Oz
LNR6MxzXXWtVv6EuPRBjD3qQrS7IdSoQJ8zvRj195S0dnm0Bl1xiB4iexlqCOG20
u64mwKvOHvsLvx/pN1jz5y+kuwbVZKnt5kHe9b7kOMzFvlYqFQotMijd7g6CESK0
CmvOCEx887zHzOMIYpAyPwbCrIDoH13tuIDz1Zx4bGxRhTwa/hbCGfwmFwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOwt5d6V8HH5sfOsoMGxkI1kFU9lMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJiNGFkYjk3LWEzM2YtNDg1Yy04NjViLWJhZGFhMWY5Yzg5Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaALAwDQYJKoZIhvcNAQELBQADggEBAIQph0aAx9NtZiBw7OSG
tuOjlcgun3k+4OUxl8L84g8KeCe0biOgO0Gfk0zr7I6guxqFgKvC4zS0E0HFGRLK
OmLsivmkYfRa7ngyo2bfT3bHfNh41DjeI/R2YR4H35ud7AYl5eJE/gadWjoDcgD3
3gKdDWh57ERUOlDANWB48jkbAiFx1tNfpaWmZbFszrmiPTnwmIJHVJE36NaxSk7L
PebOOkGS+XCqCc6jvz/RucP/vjJaPEE14j02Ix9ToYTNO9iWZv3Z/9s0T6dmr/cR
7jSXd5hruQICns9LPKLr2ZX6JAgYHB9Gi/p+e4RFydDHIP5ri2dL9OpB3ZqMKgRW
2Pc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:57 2025 by rpki-client