Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa
File: 35c40aab-f83d-41b2-947a-e29a7ed6818f.roa (raw, json)
Hash identifier: mh+1wRdXAPFRyYf8UEHunuii8uDF7vvOJI0u+K6uwZQ=
Subject key identifier: F5:C7:85:66:34:96:C7:55:4F:12:99:FE:C7:69:CB:9D:D4:00:F2:8C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7CB3351BAA64EE93B90D85D26C7F44C4D64D0D04
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:b3:35:1b:aa:64:ee:93:b9:0d:85:d2:6c:7f:44:c4:d6:4d:0d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=7c0b504e5d79b61297331a1c557d9b4ca519aa297eb5b951edbe02453a9c5c4d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:d7:9a:d5:2d:0a:29:cf:1e:da:b6:37:87:
40:57:4a:c2:b4:fd:71:cf:29:5d:6e:df:06:96:31:
26:f6:21:10:84:03:fe:48:f3:04:ee:8a:d7:dd:2b:
57:5e:0b:5b:7e:73:b8:59:14:23:3e:02:38:df:61:
2c:5c:6a:db:09:40:50:36:9e:71:8a:5a:03:d5:a3:
85:87:26:26:38:68:1b:83:0a:01:1f:95:6e:b4:5b:
14:dc:34:6a:8c:af:7e:bd:10:0a:84:ac:b0:95:39:
c9:6f:fc:a7:39:60:a9:22:5b:43:d4:24:77:ba:dc:
e6:4a:3f:5c:61:5f:d6:31:a6:56:54:17:0a:e5:9b:
6a:07:59:bc:6c:8d:34:15:53:f6:c1:11:dd:c8:d1:
34:6d:1a:ae:d8:ab:bb:b2:ec:82:d3:49:31:69:dc:
cd:be:17:23:b5:3e:aa:dd:8f:b5:a1:13:11:11:31:
89:9d:d5:e1:50:78:3e:38:57:a8:c5:8a:44:5e:3e:
d3:f0:be:4d:f5:b9:77:c4:df:0a:90:b4:e9:f1:a5:
73:68:9d:23:83:82:aa:06:10:8b:17:37:ce:fd:9c:
50:ec:ce:4a:e2:1f:1f:17:9a:24:a6:39:54:cc:ea:
0b:cd:c2:f7:c0:a1:66:1d:3d:22:42:91:89:05:00:
db:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C7:85:66:34:96:C7:55:4F:12:99:FE:C7:69:CB:9D:D4:00:F2:8C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8::/32
Signature Algorithm: sha256WithRSAEncryption
25:2c:09:3a:f0:37:41:cd:a6:19:89:ea:ef:16:c2:27:75:41:
6a:5d:2a:5f:77:47:3d:c7:7f:b3:96:b2:62:2d:69:2e:dc:33:
19:90:02:52:0d:28:8d:0d:bb:72:0a:d6:9b:96:22:47:6d:16:
31:6c:65:e3:e9:58:a3:60:5a:a2:5c:56:e8:f2:11:cd:b7:31:
e1:ab:07:6e:3a:06:f9:5d:50:01:07:c5:8a:b6:89:a2:c4:06:
c8:ed:45:fc:d9:9e:17:ec:3f:57:24:6b:d4:be:f4:d0:e1:27:
81:9c:11:39:5a:3e:3f:29:80:41:5a:d3:43:6b:08:9d:f0:27:
fa:aa:f4:f2:ec:4e:fa:68:ed:54:da:96:1a:f7:1d:59:fd:3b:
23:4c:17:f3:2c:5c:df:e6:2e:fd:87:85:15:59:ae:bb:5b:f2:
20:71:ea:0f:c4:2a:68:ba:f6:e9:b6:b6:52:ad:b4:0d:8c:51:
b3:09:50:d1:8c:e7:ee:b6:6e:41:71:63:6f:f7:01:88:b1:fc:
08:a8:4f:be:22:7c:79:01:20:5e:84:f8:6c:e6:a7:b4:19:27:
34:d0:42:86:f9:1d:2e:9f:2d:9a:1e:11:f6:a2:04:95:a3:29:
8b:4d:6d:74:02:1a:4e:44:63:fa:f7:3c:0d:a7:ac:0e:82:33:
42:8d:00:1a
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUfLM1G6pk7pO5DYXSbH9ExNZNDQQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNTAwMDAwMFoX
DTI1MDMwMTIzNTk1OVowejFJMEcGA1UEBRNAN2MwYjUwNGU1ZDc5YjYxMjk3MzMx
YTFjNTU3ZDliNGNhNTE5YWEyOTdlYjViOTUxZWRiZTAyNDUzYTljNWM0ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsifXmtUtCinPHtq2N4dAV0rCtP1x
zyldbt8GljEm9iEQhAP+SPME7orX3StXXgtbfnO4WRQjPgI432EsXGrbCUBQNp5x
iloD1aOFhyYmOGgbgwoBH5VutFsU3DRqjK9+vRAKhKywlTnJb/ynOWCpIltD1CR3
utzmSj9cYV/WMaZWVBcK5ZtqB1m8bI00FVP2wRHdyNE0bRqu2Ku7suyC00kxadzN
vhcjtT6q3Y+1oRMRETGJndXhUHg+OFeoxYpEXj7T8L5N9bl3xN8KkLTp8aVzaJ0j
g4KqBhCLFzfO/ZxQ7M5K4h8fF5okpjlUzOoLzcL3wKFmHT0iQpGJBQDbnwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPXHhWY0lsdVTxKZ/sdpy53UAPKMMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM1YzQwYWFiLWY4M2QtNDFiMi05NDdhLWUyOWE3ZWQ2ODE4Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAbauDANBgkqhkiG9w0BAQsFAAOCAQEAJSwJOvA3Qc2mGYnq7xbC
J3VBal0qX3dHPcd/s5ayYi1pLtwzGZACUg0ojQ27cgrWm5YiR20WMWxl4+lYo2Ba
olxW6PIRzbcx4asHbjoG+V1QAQfFiraJosQGyO1F/NmeF+w/VyRr1L700OEngZwR
OVo+PymAQVrTQ2sInfAn+qr08uxO+mjtVNqWGvcdWf07I0wX8yxc3+Yu/YeFFVmu
u1vyIHHqD8QqaLr26ba2Uq20DYxRswlQ0Yzn7rZuQXFjb/cBiLH8CKhPviJ8eQEg
XoT4bOantBknNNBChvkdLp8tmh4R9qIElaMpi01tdAIaTkRj+vc8DaesDoIzQo0A
Gg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:07:19 2025 by rpki-client