Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f81ea6-74ce-4274-9ac4-8387da206374.roa
File: 31f81ea6-74ce-4274-9ac4-8387da206374.roa (raw, json)
Hash identifier: Rht4v94xzd61MvvvnZzNljNXw9Nivf8+NKgLiF1MzFQ=
Subject key identifier: 37:F4:99:48:4A:73:31:01:AE:B3:67:49:F3:F8:8F:DF:85:94:3C:ED
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: F848E86CE4EEE6B8B7DACC006AF8C3230B370D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f81ea6-74ce-4274-9ac4-8387da206374.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:8040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f8:48:e8:6c:e4:ee:e6:b8:b7:da:cc:00:6a:f8:c3:23:0b:37:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=efce1dc4c8b216437b86ff2bade528629f67cf33e6e1963b8b803ba2c7adf0b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1f:b6:97:46:b1:41:7d:c3:9b:24:af:4d:86:
5a:f0:16:af:f2:c8:b6:66:1e:9c:6e:5c:94:16:0e:
78:04:f8:9a:ce:a8:1a:0f:1c:7d:6b:92:93:81:70:
cc:8f:22:9e:4c:80:a4:43:a3:e1:64:47:89:04:8a:
d3:0b:21:37:27:e5:97:20:46:e2:78:ef:da:07:9e:
0c:2f:cc:16:8b:13:76:70:c4:3c:56:bf:2b:20:43:
9c:2f:63:37:95:bd:f5:de:01:2e:24:88:26:0a:58:
d5:aa:8c:41:5e:6c:71:9d:3f:34:8a:7a:ab:12:4a:
70:18:75:50:38:37:01:57:a5:89:5f:34:68:25:c3:
ed:1a:71:21:2d:b3:f4:d1:b7:c7:42:73:a0:60:5a:
81:69:31:85:db:93:2e:60:e2:5e:d3:be:bd:23:e4:
86:e3:2c:b2:70:bf:6c:ab:de:e3:be:e9:c7:57:0b:
e3:21:16:08:28:04:25:44:71:d3:46:10:ed:da:87:
59:47:59:79:49:73:5a:51:6b:14:33:3b:8d:b4:b5:
1f:f9:fa:8c:84:d4:6c:dd:71:95:54:d2:e3:af:ca:
57:ad:35:52:d6:d0:95:f3:ea:10:ee:94:f5:16:95:
9c:66:02:79:e7:ce:26:a8:ce:1d:87:1b:d1:09:bb:
ef:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F4:99:48:4A:73:31:01:AE:B3:67:49:F3:F8:8F:DF:85:94:3C:ED
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f81ea6-74ce-4274-9ac4-8387da206374.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:8040::/48
Signature Algorithm: sha256WithRSAEncryption
42:48:af:6d:fd:75:7a:78:01:0d:a8:0d:08:87:6f:ab:7d:9a:
23:fe:02:dc:b5:d8:07:98:8a:3e:70:a5:8e:17:a9:fd:3a:2d:
f1:32:85:70:f6:c1:71:8a:3a:a7:8a:9c:a0:1b:4f:37:a5:6b:
25:67:e5:7f:cb:ed:b0:dc:88:98:08:54:e5:94:28:8c:f2:0a:
aa:3f:1d:45:c7:7c:90:c4:0e:4d:b0:9c:dd:be:98:3e:65:4a:
52:c6:6c:d3:37:49:ea:f0:4f:31:61:b0:a9:65:5c:46:03:d9:
10:1f:b5:86:c1:6e:0f:77:c6:53:29:fd:d9:b6:43:df:42:ad:
d5:18:2d:de:62:40:ba:cf:25:fe:dd:ac:57:18:63:62:d1:6d:
e5:05:a5:6f:e5:61:32:e1:74:de:32:e0:b6:fc:1b:ff:f6:f6:
74:40:4d:b3:0e:51:72:02:02:43:a7:7f:3b:98:24:b4:f2:68:
bc:34:cb:a8:bf:b8:53:18:1a:3a:a1:72:ef:4b:a5:83:66:60:
b1:28:91:a9:f0:1d:5d:9d:31:bd:e2:b0:e0:58:36:32:fd:3b:
cf:c2:0e:e5:a0:6f:51:f4:d6:46:b9:3a:b0:62:90:77:28:d9:
9c:69:49:dd:67:73:60:03:64:95:e4:e0:c7:4b:64:23:33:f4:
16:27:54:da
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUAPhI6Gzk7ua4t9rMAGr4wyMLNw0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZWZjZTFkYzRjOGIyMTY0MzdiODZm
ZjJiYWRlNTI4NjI5ZjY3Y2YzM2U2ZTE5NjNiOGI4MDNiYTJjN2FkZjBiMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB+2l0axQX3DmySvTYZa8Bav8si2
Zh6cblyUFg54BPiazqgaDxx9a5KTgXDMjyKeTICkQ6PhZEeJBIrTCyE3J+WXIEbi
eO/aB54ML8wWixN2cMQ8Vr8rIEOcL2M3lb313gEuJIgmCljVqoxBXmxxnT80inqr
EkpwGHVQODcBV6WJXzRoJcPtGnEhLbP00bfHQnOgYFqBaTGF25MuYOJe0769I+SG
4yyycL9sq97jvunHVwvjIRYIKAQlRHHTRhDt2odZR1l5SXNaUWsUMzuNtLUf+fqM
hNRs3XGVVNLjr8pXrTVS1tCV8+oQ7pT1FpWcZgJ5584mqM4dhxvRCbvv3wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDf0mUhKczEBrrNnSfP4j9+FlDztMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzMxZjgxZWE2LTc0Y2UtNDI3NC05YWM0LTgzODdkYTIwNjM3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYYBAMA0GCSqGSIb3DQEBCwUAA4IBAQBCSK9t/XV6eAENqA0I
h2+rfZoj/gLctdgHmIo+cKWOF6n9Oi3xMoVw9sFxijqnipygG083pWslZ+V/y+2w
3IiYCFTllCiM8gqqPx1Fx3yQxA5NsJzdvpg+ZUpSxmzTN0nq8E8xYbCpZVxGA9kQ
H7WGwW4Pd8ZTKf3ZtkPfQq3VGC3eYkC6zyX+3axXGGNi0W3lBaVv5WEy4XTeMuC2
/Bv/9vZ0QE2zDlFyAgJDp387mCS08mi8NMuov7hTGBo6oXLvS6WDZmCxKJGp8B1d
nTG94rDgWDYy/TvPwg7loG9R9NZGuTqwYpB3KNmcaUndZ3NgA2SV5ODHS2QjM/QW
J1Ta
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:29:11 2025 by rpki-client