Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa
File: 375520d4-df61-4e6c-9222-5f7232d9f4b8.roa (raw, json)
Hash identifier: u6ZLE5EL8tSi5KVsSP5mtV3EQ8WYmN3Hej56EFNJw+k=
Subject key identifier: 1D:81:47:B3:5D:12:01:A4:38:85:DB:E6:AD:F8:7F:1F:FF:B6:A5:D7
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 25D7E463C2A11B02E89092BBA6C6045AC29A2CBE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:4020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d7:e4:63:c2:a1:1b:02:e8:90:92:bb:a6:c6:04:5a:c2:9a:2c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3ae5db7d1aba812229bafe1d53e4281165f256f76144163eb9936816f392296c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:58:f9:c3:17:c5:c4:d6:d1:a1:0b:bc:7b:41:
f5:8c:06:44:a8:68:02:86:66:a9:0a:e9:3d:e9:3a:
48:d9:d4:e3:e0:79:79:0d:3d:3b:9c:d7:d3:af:8c:
f1:b2:ae:7d:04:87:0f:ac:fd:4c:57:57:bb:c8:e0:
ea:6a:36:aa:31:06:60:4a:4e:11:32:14:60:8e:3e:
77:9f:4c:8c:5f:05:3b:cf:61:8c:48:60:c9:cc:40:
66:a4:0b:4b:5f:63:e6:6e:c3:1b:4d:99:0e:7a:fb:
b2:a5:51:e1:f8:f6:6d:3d:b9:74:92:18:49:ae:b5:
d8:c8:62:69:10:64:9f:86:a9:75:32:e0:f2:71:c6:
d6:54:0a:e5:08:3b:02:ce:a2:6d:98:0b:86:e2:67:
1f:ff:fd:ed:65:b8:13:80:fd:3d:fd:bd:4c:1c:f6:
49:46:98:2b:c2:41:9a:bf:d5:77:6e:72:1b:a9:44:
ef:94:fb:ba:55:46:1c:ea:ad:78:17:48:31:b2:84:
ef:be:b3:2a:0b:22:d6:70:2a:0a:fb:b8:c7:69:4c:
fd:ce:93:e9:42:ec:78:87:ad:dd:c0:50:e3:66:9a:
b0:e7:20:fc:b1:ce:84:ef:28:0f:81:a2:14:61:4f:
37:8b:c2:e6:84:65:6d:22:0f:46:d9:1e:2a:67:1d:
2d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:81:47:B3:5D:12:01:A4:38:85:DB:E6:AD:F8:7F:1F:FF:B6:A5:D7
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:4020::/48
Signature Algorithm: sha256WithRSAEncryption
3a:f9:fc:42:4c:3d:42:45:44:52:db:48:95:5f:3a:ec:75:6e:
f3:19:20:b0:34:ea:e5:23:a6:66:81:fe:fb:42:16:68:82:90:
2a:71:f6:ac:56:cb:05:48:9d:8b:02:b0:55:a8:25:6e:77:32:
10:ab:5c:b7:87:38:06:0f:06:46:aa:85:bb:f8:af:6e:06:f1:
92:01:6e:ea:12:2a:1f:00:f2:e1:cf:ed:f5:8c:4a:de:27:07:
8c:cf:e6:23:88:db:f5:fe:48:32:28:6c:23:75:08:41:ac:09:
fa:8b:16:1e:14:fe:d2:b4:a6:01:8f:8d:20:23:42:76:0d:cb:
f9:15:b5:a9:36:cb:46:9d:6b:05:46:9c:12:27:1d:af:70:fa:
c5:0f:0e:a3:9f:03:c5:e3:a2:b3:ad:b0:9e:54:59:93:12:0d:
73:22:94:58:89:1e:25:7e:2e:89:a2:14:25:89:53:5f:7b:ae:
87:59:7b:ad:8e:dc:8a:9e:ae:f9:dc:43:96:78:96:53:ec:d1:
02:59:68:65:3d:40:1a:0b:ba:11:ce:be:4a:2d:70:b6:33:f7:
bf:bb:a4:13:1b:06:8b:23:ca:73:72:5e:90:e1:ac:c1:37:5e:
d5:f7:e1:b3:6a:89:72:e5:94:e3:4a:77:d1:c7:1d:31:0b:32:
ab:52:67:50
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJdfkY8KhGwLokJK7psYEWsKaLL4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAM2FlNWRiN2QxYWJhODEyMjI5YmFm
ZTFkNTNlNDI4MTE2NWYyNTZmNzYxNDQxNjNlYjk5MzY4MTZmMzkyMjk2YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Fj5wxfFxNbRoQu8e0H1jAZEqGgC
hmapCuk96TpI2dTj4Hl5DT07nNfTr4zxsq59BIcPrP1MV1e7yODqajaqMQZgSk4R
MhRgjj53n0yMXwU7z2GMSGDJzEBmpAtLX2PmbsMbTZkOevuypVHh+PZtPbl0khhJ
rrXYyGJpEGSfhql1MuDyccbWVArlCDsCzqJtmAuG4mcf//3tZbgTgP09/b1MHPZJ
RpgrwkGav9V3bnIbqUTvlPu6VUYc6q14F0gxsoTvvrMqCyLWcCoK+7jHaUz9zpPp
Qux4h63dwFDjZpqw5yD8sc6E7ygPgaIUYU83i8LmhGVtIg9G2R4qZx0t/wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFB2BR7NdEgGkOIXb5q34fx//tqXXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM3NTUyMGQ0LWRmNjEtNGU2Yy05MjIyLTVmNzIzMmQ5ZjRiOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba/0AgMA0GCSqGSIb3DQEBCwUAA4IBAQA6+fxCTD1CRURS20iV
XzrsdW7zGSCwNOrlI6Zmgf77QhZogpAqcfasVssFSJ2LArBVqCVudzIQq1y3hzgG
DwZGqoW7+K9uBvGSAW7qEiofAPLhz+31jEreJweMz+YjiNv1/kgyKGwjdQhBrAn6
ixYeFP7StKYBj40gI0J2Dcv5FbWpNstGnWsFRpwSJx2vcPrFDw6jnwPF46KzrbCe
VFmTEg1zIpRYiR4lfi6JohQliVNfe66HWXutjtyKnq753EOWeJZT7NECWWhlPUAa
C7oRzr5KLXC2M/e/u6QTGwaLI8pzcl6Q4azBN17V9+Gzaoly5ZTjSnfRxx0xCzKr
UmdQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:11:16 2025 by rpki-client