Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34f0a7a2-e26e-4df2-8831-0d777cdb488c.roa
File: 34f0a7a2-e26e-4df2-8831-0d777cdb488c.roa (raw, json)
Hash identifier: jTWUTNMkZSdx2aCj+qf0tY51dtyg1z4JaSi3zz0Woo8=
Subject key identifier: 66:F4:7A:75:11:80:61:1C:95:73:13:7D:43:A0:8A:01:41:07:DD:66
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0A23C74C808F62FF3320523B68AE4C9698FBEE74
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34f0a7a2-e26e-4df2-8831-0d777cdb488c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:2840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:23:c7:4c:80:8f:62:ff:33:20:52:3b:68:ae:4c:96:98:fb:ee:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a92f7a37e48c989c2cc18d067ec81071b801a9b69defb3527045f27000663580, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:39:07:b7:d0:fe:44:1a:47:4d:3a:0a:54:8b:
b6:5e:26:d5:b2:45:fe:a6:b9:06:0b:03:fb:5c:c1:
c5:41:09:03:1f:1b:1e:cf:5d:5b:de:eb:bf:3a:61:
c7:3a:03:3a:a8:91:7e:34:af:b9:ce:9d:d3:e5:93:
b4:3f:0a:1d:47:8a:c3:d5:ca:9c:b4:2c:f0:13:7d:
d0:38:f1:18:57:93:05:1b:c6:40:c7:4d:c6:10:8f:
3a:6d:ea:c4:f2:2d:2b:b2:b0:c4:4b:18:20:d7:1f:
e0:51:96:fe:fe:ee:e0:9e:a6:e3:1c:18:92:18:0f:
00:3c:44:fb:ee:b0:49:88:8b:41:2c:c4:76:6d:93:
7b:4a:5e:48:e1:f9:59:bd:3f:52:d4:bf:09:b5:78:
07:4a:fa:87:1a:7b:85:bf:61:6c:7f:b4:a1:e6:2c:
33:c2:0b:bc:71:8b:36:4b:6a:22:a9:c4:a8:91:50:
01:c0:c5:b1:6c:d9:c2:12:9b:b8:2e:f3:b1:45:b0:
ce:48:b2:7e:b4:65:d1:38:f8:6e:c9:84:4c:72:09:
b7:d1:3c:0c:d7:b8:39:66:93:85:85:d7:6b:1e:a0:
0f:f5:6a:f8:6d:a5:fa:16:93:d5:1b:4f:d1:f2:97:
29:18:90:9f:71:1a:ee:7b:8d:72:c8:ac:de:e4:b8:
b0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F4:7A:75:11:80:61:1C:95:73:13:7D:43:A0:8A:01:41:07:DD:66
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34f0a7a2-e26e-4df2-8831-0d777cdb488c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:2840::/46
Signature Algorithm: sha256WithRSAEncryption
97:4c:f7:87:78:08:3d:9d:a1:bf:4e:39:72:85:2b:93:f2:af:
c5:fa:be:ab:e5:df:38:67:9a:62:ff:66:b4:30:10:f1:32:15:
75:a3:b0:a3:e1:b5:dc:0d:fb:b4:d5:e0:19:cc:ca:b8:35:bf:
6e:22:57:52:55:92:af:5d:f9:8f:5c:9c:76:22:69:d1:4e:8e:
a4:55:5a:6f:3e:47:99:21:f6:35:2c:71:c6:f8:b0:a8:cd:20:
17:a1:ff:9a:8e:52:f4:4f:01:b5:9a:31:4c:2b:3a:72:eb:e0:
66:ad:d4:bc:f6:31:21:7e:29:c7:8b:5d:25:f2:e5:4b:4c:c6:
83:74:2c:9e:fc:c8:8a:d2:06:ee:19:db:e7:1a:c6:53:21:7f:
0b:e2:f9:e2:83:f0:d2:3f:3d:90:b3:7e:54:df:e0:1f:88:da:
4b:14:7f:a7:c1:f5:f2:0c:fa:e8:e9:38:34:03:0a:f8:ae:6b:
bc:73:9c:dc:37:f3:1f:0b:b8:53:6a:3a:d9:77:1d:23:38:39:
39:37:0b:99:c9:3a:57:86:10:ef:c8:1e:0f:1d:48:ef:70:c2:
b1:c2:ed:a4:ae:86:81:8f:41:e5:9b:81:8f:dc:87:83:99:39:
c4:4d:0b:27:91:7b:b0:89:c0:8a:a2:4f:18:75:c5:61:54:fd:
64:45:33:0e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCiPHTICPYv8zIFI7aK5Mlpj77nQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTkyZjdhMzdlNDhjOTg5YzJjYzE4
ZDA2N2VjODEwNzFiODAxYTliNjlkZWZiMzUyNzA0NWYyNzAwMDY2MzU4MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDkHt9D+RBpHTToKVIu2XibVskX+
prkGCwP7XMHFQQkDHxsez11b3uu/OmHHOgM6qJF+NK+5zp3T5ZO0PwodR4rD1cqc
tCzwE33QOPEYV5MFG8ZAx03GEI86berE8i0rsrDESxgg1x/gUZb+/u7gnqbjHBiS
GA8APET77rBJiItBLMR2bZN7Sl5I4flZvT9S1L8JtXgHSvqHGnuFv2Fsf7Sh5iwz
wgu8cYs2S2oiqcSokVABwMWxbNnCEpu4LvOxRbDOSLJ+tGXROPhuyYRMcgm30TwM
17g5ZpOFhddrHqAP9Wr4baX6FpPVG0/R8pcpGJCfcRrue41yyKze5LiwvwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGb0enURgGEclXMTfUOgigFBB91mMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM0ZjBhN2EyLWUyNmUtNGRmMi04ODMxLTBkNzc3Y2RiNDg4Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaShAMA0GCSqGSIb3DQEBCwUAA4IBAQCXTPeHeAg9naG/Tjly
hSuT8q/F+r6r5d84Z5pi/2a0MBDxMhV1o7Cj4bXcDfu01eAZzMq4Nb9uIldSVZKv
XfmPXJx2ImnRTo6kVVpvPkeZIfY1LHHG+LCozSAXof+ajlL0TwG1mjFMKzpy6+Bm
rdS89jEhfinHi10l8uVLTMaDdCye/MiK0gbuGdvnGsZTIX8L4vnig/DSPz2Qs35U
3+AfiNpLFH+nwfXyDPro6Tg0Awr4rmu8c5zcN/MfC7hTajrZdx0jODk5NwuZyTpX
hhDvyB4PHUjvcMKxwu2kroaBj0Hlm4GP3IeDmTnETQsnkXuwicCKok8YdcVhVP1k
RTMO
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:31 2025 by rpki-client