Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa
File: 2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa (raw, json)
Hash identifier: 8LTjcmFjdg5vxgJSJEPbz/LU0iopsQI3WCfGY1hdqdg=
Subject key identifier: 61:41:E7:07:72:F5:3D:04:0E:49:82:7D:29:CC:CD:83:06:19:11:64
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 66BA30B483F0F3FA2547CAB5CF4AFB51209C314C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:c840::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:ba:30:b4:83:f0:f3:fa:25:47:ca:b5:cf:4a:fb:51:20:9c:31:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5539eb683ad6d5850ad79c912a86a3a9c4064cee454b8624ae1473fa2267007b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:03:44:59:e6:e6:62:52:a7:f1:5b:d8:be:f9:
68:b8:cc:28:74:02:57:30:32:c7:c9:77:e6:63:20:
b9:b3:30:a7:ca:47:29:e2:6d:54:08:8d:41:44:29:
b7:f4:af:c9:9b:d8:07:4e:4a:8c:19:69:75:ed:5d:
f5:45:e8:42:b7:db:0b:57:8f:d0:7b:49:0f:df:7f:
60:fd:88:19:c6:4d:65:58:fe:eb:d7:42:27:f2:5f:
26:5d:66:e2:22:f5:e1:b0:da:fd:2f:bf:72:56:60:
9d:7f:90:0a:e4:9e:59:17:80:91:7d:7e:7d:df:02:
40:74:3a:bc:2c:1e:33:73:f6:33:02:09:19:58:7d:
38:9f:70:9c:ca:6c:30:b3:87:3f:4c:ee:61:f9:20:
d2:e8:09:ec:02:a5:56:55:b1:8f:0a:66:23:8b:f3:
96:40:de:c1:24:46:6e:11:7f:af:e3:02:b0:b1:35:
94:73:e9:f9:36:da:85:47:4c:26:25:cb:c8:41:cb:
71:8f:0e:23:4f:c9:f6:47:ba:a0:a6:9b:f4:b0:af:
69:fa:5a:1b:63:29:0c:c1:ed:ab:ed:99:3b:95:c3:
1c:0c:d0:0d:ae:d7:04:1f:0e:dc:29:5d:c3:5c:25:
89:ed:03:df:c8:29:41:88:76:8c:30:76:a0:09:21:
85:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:41:E7:07:72:F5:3D:04:0E:49:82:7D:29:CC:CD:83:06:19:11:64
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:c840::/48
Signature Algorithm: sha256WithRSAEncryption
73:e1:40:6b:a3:ba:ee:bd:20:c6:93:1a:61:09:c5:38:09:0c:
42:b5:b9:d1:b8:4a:45:69:4d:26:40:77:54:f6:82:27:8a:ab:
76:34:0b:6b:a6:00:78:d8:8c:d1:db:22:39:dc:41:9a:23:52:
db:64:aa:e7:f4:ee:64:28:08:15:f0:cf:fb:d0:90:39:47:43:
98:ad:50:71:79:a1:07:3b:ad:46:25:0c:b9:d0:a1:29:06:19:
5c:cf:35:cc:3a:a7:02:92:fa:d9:e3:ea:30:b7:49:5e:12:4f:
b4:36:21:c2:bd:cc:68:86:f6:52:17:e3:44:4a:ab:2d:2a:0f:
cc:e4:45:46:7c:0b:bb:0d:fd:e3:dd:a7:ef:02:25:24:c6:b1:
3f:9c:47:66:0f:3d:94:08:5e:68:33:9c:74:72:8f:49:c9:2b:
f7:d1:99:04:27:60:b6:55:53:f7:59:7b:f9:47:05:64:b3:85:
92:77:48:d3:e7:c5:da:8a:47:81:a8:e6:36:13:d4:23:4d:ee:
b7:a2:22:0f:c4:5c:72:0f:b8:af:de:3d:d7:25:40:7a:f2:87:
49:11:36:cd:fb:6e:8c:ed:88:43:0f:64:2b:5f:87:ab:04:e4:
7b:b9:fc:4b:55:3e:62:0a:29:6f:d1:66:08:67:dc:84:8e:5e:
f5:9b:03:4d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUZrowtIPw8/olR8q1z0r7USCcMUwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANTUzOWViNjgzYWQ2ZDU4NTBhZDc5
YzkxMmE4NmEzYTljNDA2NGNlZTQ1NGI4NjI0YWUxNDczZmEyMjY3MDA3YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wNEWebmYlKn8VvYvvlouMwodAJX
MDLHyXfmYyC5szCnykcp4m1UCI1BRCm39K/Jm9gHTkqMGWl17V31RehCt9sLV4/Q
e0kP339g/YgZxk1lWP7r10In8l8mXWbiIvXhsNr9L79yVmCdf5AK5J5ZF4CRfX59
3wJAdDq8LB4zc/YzAgkZWH04n3Ccymwws4c/TO5h+SDS6AnsAqVWVbGPCmYji/OW
QN7BJEZuEX+v4wKwsTWUc+n5NtqFR0wmJcvIQctxjw4jT8n2R7qgppv0sK9p+lob
YykMwe2r7Zk7lcMcDNANrtcEHw7cKV3DXCWJ7QPfyClBiHaMMHagCSGFWwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGFB5wdy9T0EDkmCfSnMzYMGGRFkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJmNWY3Yzk2LWNiZjYtNGNkNy1hMmRhLTZjODZmZjAyOTY3My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba/8hAMA0GCSqGSIb3DQEBCwUAA4IBAQBz4UBro7ruvSDGkxph
CcU4CQxCtbnRuEpFaU0mQHdU9oIniqt2NAtrpgB42IzR2yI53EGaI1LbZKrn9O5k
KAgV8M/70JA5R0OYrVBxeaEHO61GJQy50KEpBhlczzXMOqcCkvrZ4+owt0leEk+0
NiHCvcxohvZSF+NESqstKg/M5EVGfAu7Df3j3afvAiUkxrE/nEdmDz2UCF5oM5x0
co9JySv30ZkEJ2C2VVP3WXv5RwVks4WSd0jT58XaikeBqOY2E9QjTe63oiIPxFxy
D7iv3j3XJUB68odJETbN+26M7YhDD2QrX4erBOR7ufxLVT5iCilv0WYIZ9yEjl71
mwNN
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:08:03 2025 by rpki-client