Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3929d5cd-33ce-4cee-9bb9-47a14b5f0637.roa
File: 3929d5cd-33ce-4cee-9bb9-47a14b5f0637.roa (raw, json)
Hash identifier: NLWC/fCP2c9e3Ta1TWxRQQtiZRJuDtegy8Vld7Esox0=
Subject key identifier: A7:B6:2D:35:55:E5:81:28:F9:A8:EC:F1:B1:A1:3A:96:B7:7F:F6:F1
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0DE702B82F5A2E90EC124325C8AD14E76C9482E5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3929d5cd-33ce-4cee-9bb9-47a14b5f0637.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:880::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:e7:02:b8:2f:5a:2e:90:ec:12:43:25:c8:ad:14:e7:6c:94:82:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d661b5e2fe1d3d3cc37eb898df35c076b33b1679993f9409254beb412bb38c2b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:86:d0:85:0e:9f:e3:e8:bc:44:58:b4:08:58:
ff:e9:6d:fb:0e:0d:c3:b2:58:36:1b:5f:1f:c4:0e:
fd:5b:7f:2c:a2:48:84:45:7a:9f:39:bf:28:12:47:
c9:51:07:c7:c4:f6:ea:01:ab:ee:8a:26:ec:14:e8:
ca:31:e4:31:45:16:69:b5:bc:5f:28:f4:81:3a:22:
25:bd:f0:af:0d:0e:94:df:68:59:f6:e6:b0:81:38:
0f:0e:c3:85:e2:92:af:f1:64:f5:49:d3:81:b0:fa:
8e:da:dd:44:8e:5d:01:ac:ee:01:31:23:ce:a1:1f:
64:1c:d5:d8:1b:18:0f:51:43:1a:2a:76:a4:68:1f:
89:af:66:62:65:e6:9b:90:9c:82:e4:c9:cc:5d:ce:
fa:ec:3e:80:a8:7d:8e:f5:f7:00:a9:9b:40:cd:a7:
91:5d:bb:1f:38:f7:92:7e:6b:ff:e3:32:c3:2f:ce:
02:49:4f:58:5d:fa:a9:23:ec:05:a8:81:91:f2:b2:
ce:e5:e8:e6:47:a1:45:d8:2f:01:2d:b4:e6:94:98:
8c:ea:69:fb:34:25:b1:40:da:d6:ff:e7:0e:d6:ac:
10:0a:a8:d6:19:0c:61:4f:65:64:88:20:b9:6b:94:
b8:f9:30:70:ac:fa:23:b5:f9:28:1f:83:2f:4c:04:
32:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B6:2D:35:55:E5:81:28:F9:A8:EC:F1:B1:A1:3A:96:B7:7F:F6:F1
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3929d5cd-33ce-4cee-9bb9-47a14b5f0637.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:880::/48
Signature Algorithm: sha256WithRSAEncryption
3f:1a:ed:84:a6:3f:83:72:98:04:b5:8f:8d:0a:b1:2f:94:72:
e9:a6:e5:13:5d:30:48:24:76:f1:cc:f8:df:10:dc:1e:45:42:
1b:46:b1:74:49:7f:da:4f:a5:17:5a:8b:e2:0b:3a:fe:94:d6:
71:0b:76:a6:b1:ec:e3:4f:ba:c8:a5:72:fa:85:fa:25:49:f8:
f6:23:4f:0b:86:87:4e:b5:e8:de:53:36:a1:e7:c2:25:e4:62:
64:77:5c:92:0e:0e:b3:9a:9f:92:30:58:54:bd:a4:5a:5e:09:
00:f1:d0:94:fb:1f:c0:7c:02:f0:2c:37:7f:da:5a:09:c9:db:
2f:dc:c7:3c:b0:92:6d:a2:74:d3:f3:51:60:c4:3a:07:e0:5e:
3d:2c:4d:16:f8:c8:34:d1:07:b0:b9:b7:29:7e:c8:7c:6b:04:
56:46:32:94:fd:b6:fc:6e:ff:3e:1c:87:e6:47:91:80:9a:02:
55:e9:66:fe:2b:02:40:3f:70:db:68:47:7f:97:1f:a1:58:1d:
cc:24:fb:eb:de:0d:04:5d:8e:88:74:35:0b:77:ab:00:c8:cf:
35:74:45:04:b8:4e:ac:7d:72:94:28:00:71:87:03:91:e2:c5:
45:a2:1d:2f:fe:57:7d:48:67:00:14:3c:99:ef:d7:95:f5:b2:
8b:f2:2c:a3
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUDecCuC9aLpDsEkMlyK0U52yUguUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZDY2MWI1ZTJmZTFkM2QzY2MzN2Vi
ODk4ZGYzNWMwNzZiMzNiMTY3OTk5M2Y5NDA5MjU0YmViNDEyYmIzOGMyYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4bQhQ6f4+i8RFi0CFj/6W37Dg3D
slg2G18fxA79W38sokiERXqfOb8oEkfJUQfHxPbqAavuiibsFOjKMeQxRRZptbxf
KPSBOiIlvfCvDQ6U32hZ9uawgTgPDsOF4pKv8WT1SdOBsPqO2t1Ejl0BrO4BMSPO
oR9kHNXYGxgPUUMaKnakaB+Jr2ZiZeabkJyC5MnMXc767D6AqH2O9fcAqZtAzaeR
XbsfOPeSfmv/4zLDL84CSU9YXfqpI+wFqIGR8rLO5ejmR6FF2C8BLbTmlJiM6mn7
NCWxQNrW/+cO1qwQCqjWGQxhT2VkiCC5a5S4+TBwrPojtfkoH4MvTAQyowIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKe2LTVV5YEo+ajs8bGhOpa3f/bxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM5MjlkNWNkLTMzY2UtNGNlZS05YmI5LTQ3YTE0YjVmMDYzNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYQiAMA0GCSqGSIb3DQEBCwUAA4IBAQA/Gu2Epj+DcpgEtY+N
CrEvlHLppuUTXTBIJHbxzPjfENweRUIbRrF0SX/aT6UXWoviCzr+lNZxC3amsezj
T7rIpXL6hfolSfj2I08LhodOtejeUzah58Il5GJkd1ySDg6zmp+SMFhUvaRaXgkA
8dCU+x/AfALwLDd/2loJydsv3Mc8sJJtonTT81FgxDoH4F49LE0W+Mg00Qewubcp
fsh8awRWRjKU/bb8bv8+HIfmR5GAmgJV6Wb+KwJAP3DbaEd/lx+hWB3MJPvr3g0E
XY6IdDULd6sAyM81dEUEuE6sfXKUKABxhwOR4sVFoh0v/ld9SGcAFDyZ79eV9bKL
8iyj
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:28:41 2025 by rpki-client