Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f2a4d99-6aa4-4f2b-8a7a-ee89f569501d.roa
File: 2f2a4d99-6aa4-4f2b-8a7a-ee89f569501d.roa (raw, json)
Hash identifier: h1o0Hz/E1x0IG96+nHUMCc1nGnR8HyTVoTulODcYqnY=
Subject key identifier: C0:82:5D:F6:20:C7:C0:B0:3B:44:72:83:CE:66:48:61:2B:14:D1:76
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5E94CC4A170E8E375E627E4F8D88504B6BC04475
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f2a4d99-6aa4-4f2b-8a7a-ee89f569501d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:9040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:94:cc:4a:17:0e:8e:37:5e:62:7e:4f:8d:88:50:4b:6b:c0:44:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e556f53bba4077a71945600bbb337087575c6a76e34021c6d1c8116ee5daf1ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3d:0b:60:98:bc:d5:9f:1d:ea:f1:d7:de:e0:
1c:d0:36:b3:9c:f2:63:3d:ba:e5:be:71:46:dc:2b:
cc:d1:2b:fb:f1:8c:ea:24:b4:d6:c0:60:6b:a1:79:
50:fb:be:26:35:bb:e2:cb:f1:ab:c2:be:5e:eb:d1:
29:9c:f2:93:e7:07:7a:7b:01:97:64:aa:f9:dc:9c:
d7:07:3c:60:16:ca:13:5b:29:2b:92:97:d8:d9:cf:
6e:1a:93:f1:d9:0c:cd:b1:0d:a8:3c:b7:b1:eb:56:
94:41:f9:d8:2b:1f:96:8f:e5:da:8b:ac:6e:b4:49:
49:b9:c8:0a:15:b5:a2:01:01:47:fb:76:06:04:6b:
99:5b:77:35:43:77:22:18:26:d9:90:d9:db:3d:de:
cd:05:7f:5d:c0:10:be:4e:78:91:05:c7:1f:b5:cb:
b9:82:c2:08:ce:f9:e3:f1:26:e3:01:c4:66:12:01:
f6:32:cd:9f:9e:af:57:05:0e:45:f2:65:3f:80:c5:
f1:81:ae:6b:b6:53:7f:38:d0:ee:eb:b1:b6:11:51:
46:8b:be:16:8d:9c:f4:ae:b0:34:3a:5e:73:0e:23:
4c:76:4e:bf:8c:a4:59:52:ac:92:09:1b:de:e8:f8:
5f:9b:9d:0b:d1:7f:ee:85:ad:61:4e:fc:9b:86:08:
44:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:82:5D:F6:20:C7:C0:B0:3B:44:72:83:CE:66:48:61:2B:14:D1:76
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f2a4d99-6aa4-4f2b-8a7a-ee89f569501d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:9040::/48
Signature Algorithm: sha256WithRSAEncryption
20:06:12:a7:4a:3e:73:09:dd:5a:f3:f6:68:ca:1e:39:0b:06:
54:02:49:69:8c:39:dd:65:e9:14:34:4a:77:75:35:d7:6a:f7:
3b:a8:94:a7:85:10:dc:ed:d0:88:83:74:b7:1c:3a:6d:3e:69:
d1:84:0c:1f:5c:3e:f6:00:0d:91:c8:3b:41:ff:a6:b4:f7:9e:
cc:a6:fe:c7:e3:4f:83:77:5a:5a:ff:e4:0a:d6:e0:7c:57:e0:
5f:8f:83:4b:53:05:f4:ba:23:a7:24:18:69:79:7a:f9:c7:9a:
8d:3f:01:e2:d3:45:b3:6d:02:53:94:4c:b5:8a:9b:89:f6:d6:
c6:e6:e9:84:a8:44:bb:39:c5:b5:16:8d:40:01:7f:61:c7:1a:
61:4d:c6:74:52:62:c9:5b:30:6c:ce:1d:74:91:89:d4:91:3a:
23:20:99:aa:8e:e4:f7:0c:98:27:59:ba:4f:6e:86:0f:e3:1c:
af:72:4d:2b:51:c0:ae:ba:25:74:e0:21:5a:04:14:85:bd:74:
35:8b:4f:9d:40:dd:25:38:ae:95:cc:1e:2d:c1:4c:99:47:4f:
ac:74:c7:51:5e:dd:d6:19:85:6f:07:c1:11:49:4f:81:a6:3f:
4e:0e:07:3b:eb:01:34:b5:3a:47:ed:39:93:f1:c8:ef:cd:77:
36:29:73:47
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUXpTMShcOjjdeYn5PjYhQS2vARHUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZTU1NmY1M2JiYTQwNzdhNzE5NDU2
MDBiYmIzMzcwODc1NzVjNmE3NmUzNDAyMWM2ZDFjODExNmVlNWRhZjFhYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj0LYJi81Z8d6vHX3uAc0DaznPJj
PbrlvnFG3CvM0Sv78YzqJLTWwGBroXlQ+74mNbviy/Grwr5e69EpnPKT5wd6ewGX
ZKr53JzXBzxgFsoTWykrkpfY2c9uGpPx2QzNsQ2oPLex61aUQfnYKx+Wj+Xai6xu
tElJucgKFbWiAQFH+3YGBGuZW3c1Q3ciGCbZkNnbPd7NBX9dwBC+TniRBccftcu5
gsIIzvnj8SbjAcRmEgH2Ms2fnq9XBQ5F8mU/gMXxga5rtlN/ONDu67G2EVFGi74W
jZz0rrA0Ol5zDiNMdk6/jKRZUqySCRve6Phfm50L0X/uha1hTvybhghEvQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMCCXfYgx8CwO0Ryg85mSGErFNF2MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJmMmE0ZDk5LTZhYTQtNGYyYi04YTdhLWVlODlmNTY5NTAxZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9JBAMA0GCSqGSIb3DQEBCwUAA4IBAQAgBhKnSj5zCd1a8/Zo
yh45CwZUAklpjDndZekUNEp3dTXXavc7qJSnhRDc7dCIg3S3HDptPmnRhAwfXD72
AA2RyDtB/6a0957Mpv7H40+Dd1pa/+QK1uB8V+Bfj4NLUwX0uiOnJBhpeXr5x5qN
PwHi00WzbQJTlEy1ipuJ9tbG5umEqES7OcW1Fo1AAX9hxxphTcZ0UmLJWzBszh10
kYnUkTojIJmqjuT3DJgnWbpPboYP4xyvck0rUcCuuiV04CFaBBSFvXQ1i0+dQN0l
OK6VzB4twUyZR0+sdMdRXt3WGYVvB8ERSU+Bpj9ODgc76wE0tTpH7TmT8cjvzXc2
KXNH
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:17:23 2025 by rpki-client