Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d3756cb-3d90-4f28-96d5-2e8b14556142.roa
File: 2d3756cb-3d90-4f28-96d5-2e8b14556142.roa (raw, json)
Hash identifier: YwGzt2lXAOPrIXDh7/iF8818QVAacqgCEM0SF15jqtY=
Subject key identifier: 3B:4F:8F:AF:4A:D8:B1:C1:0A:23:C8:FD:81:6D:30:37:10:56:E0:F6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7ADAD1DE6503874E0266B403D8DEABADC34FE06E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d3756cb-3d90-4f28-96d5-2e8b14556142.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:40e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:da:d1:de:65:03:87:4e:02:66:b4:03:d8:de:ab:ad:c3:4f:e0:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=bf7e52497a6f18cf7eb92bfe46bef675c79531e87e43d9f00c0374f4b8da80fc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:40:a6:a5:c9:68:0b:7c:ec:79:2b:73:2f:05:
82:aa:9e:02:32:60:d5:f5:9e:cf:f6:82:ba:03:07:
47:cc:ba:7e:ba:a9:78:a8:1f:22:39:52:38:48:e8:
7c:95:32:95:48:14:3a:e7:d7:b5:93:26:4f:35:ed:
d0:11:95:28:fd:80:e7:95:00:9f:02:a1:bc:ca:31:
1d:30:c5:d1:f7:8e:6b:fd:7f:89:36:24:dc:27:06:
98:ad:f5:87:2a:9d:62:f4:e9:01:d2:d2:e9:e9:eb:
76:66:c5:82:d4:c6:26:60:28:1d:63:d5:1f:eb:97:
09:ae:91:16:cc:d2:4a:21:02:c7:e3:14:61:47:4d:
db:ff:ce:f7:af:75:9b:95:ba:73:2c:69:1d:05:44:
50:6b:d2:61:61:09:7a:56:be:f1:3c:7b:1c:b7:c4:
25:d8:48:6b:3d:e5:c7:4c:55:7e:62:13:d7:1c:e0:
2d:25:17:85:40:70:f1:4a:fb:a8:77:41:93:dd:1c:
61:81:4f:ae:7e:c2:2b:90:fb:be:b2:c3:1e:47:91:
18:be:b0:ea:3b:fe:cc:60:60:69:c1:94:e2:04:92:
da:80:66:d2:a5:47:80:76:d5:20:4e:3b:41:9f:d7:
0c:10:79:58:16:86:1c:75:31:b7:a4:06:2c:1b:be:
e3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4F:8F:AF:4A:D8:B1:C1:0A:23:C8:FD:81:6D:30:37:10:56:E0:F6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d3756cb-3d90-4f28-96d5-2e8b14556142.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:40e0::/48
Signature Algorithm: sha256WithRSAEncryption
37:8b:67:f3:d5:a3:ce:47:0e:da:a7:47:55:60:d6:a1:5b:78:
1c:73:18:bd:01:cd:7d:48:33:7d:b3:11:c1:ec:e4:6f:c6:c6:
70:04:f3:3e:23:2c:d3:47:fe:e6:0b:20:8e:fc:f3:be:17:49:
d5:e5:68:3b:60:0e:0f:1a:a1:8e:69:e9:7c:6e:be:fa:0c:94:
52:60:ee:37:e5:57:f0:66:fd:62:73:76:f7:56:3e:05:bd:e9:
70:62:16:30:ce:df:a4:35:8a:34:04:13:2f:af:1e:69:c4:1e:
78:a6:fe:24:8c:ca:12:22:13:a7:19:cb:23:45:57:ec:33:46:
71:e7:28:3f:ed:6e:8a:af:eb:29:94:cc:45:f3:bc:1d:1a:ff:
51:e6:0d:06:27:0a:5d:a8:9c:e6:23:b1:b2:f4:88:5f:cd:75:
38:90:1c:93:51:98:ea:2d:11:d4:8a:95:68:b9:3c:94:3f:70:
77:13:37:1b:ef:4a:c4:73:0c:7b:3a:4a:9d:ac:e7:9e:9a:ee:
59:59:3f:9b:5c:c0:f9:c1:c9:65:7e:e1:47:91:37:31:f6:7c:
a8:41:bc:23:3d:95:23:36:91:c1:91:23:2b:8e:cb:b6:3f:58:
86:c1:2e:72:4a:c9:85:44:8f:41:44:a3:bf:fa:d2:56:db:f9:
6a:70:c6:a8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUetrR3mUDh04CZrQD2N6rrcNP4G4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYmY3ZTUyNDk3YTZmMThjZjdlYjky
YmZlNDZiZWY2NzVjNzk1MzFlODdlNDNkOWYwMGMwMzc0ZjRiOGRhODBmYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0CmpcloC3zseStzLwWCqp4CMmDV
9Z7P9oK6AwdHzLp+uql4qB8iOVI4SOh8lTKVSBQ659e1kyZPNe3QEZUo/YDnlQCf
AqG8yjEdMMXR945r/X+JNiTcJwaYrfWHKp1i9OkB0tLp6et2ZsWC1MYmYCgdY9Uf
65cJrpEWzNJKIQLH4xRhR03b/873r3WblbpzLGkdBURQa9JhYQl6Vr7xPHsct8Ql
2EhrPeXHTFV+YhPXHOAtJReFQHDxSvuod0GT3RxhgU+ufsIrkPu+ssMeR5EYvrDq
O/7MYGBpwZTiBJLagGbSpUeAdtUgTjtBn9cMEHlYFoYcdTG3pAYsG77jNwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDtPj69K2LHBCiPI/YFtMDcQVuD2MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJkMzc1NmNiLTNkOTAtNGYyOC05NmQ1LTJlOGIxNDU1NjE0Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba/0DgMA0GCSqGSIb3DQEBCwUAA4IBAQA3i2fz1aPORw7ap0dV
YNahW3gccxi9Ac19SDN9sxHB7ORvxsZwBPM+IyzTR/7mCyCO/PO+F0nV5Wg7YA4P
GqGOael8br76DJRSYO435VfwZv1ic3b3Vj4FvelwYhYwzt+kNYo0BBMvrx5pxB54
pv4kjMoSIhOnGcsjRVfsM0Zx5yg/7W6Kr+splMxF87wdGv9R5g0GJwpdqJzmI7Gy
9IhfzXU4kByTUZjqLRHUipVouTyUP3B3Ezcb70rEcwx7OkqdrOeemu5ZWT+bXMD5
wcllfuFHkTcx9nyoQbwjPZUjNpHBkSMrjsu2P1iGwS5ySsmFRI9BRKO/+tJW2/lq
cMao
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:19:17 2025 by rpki-client