Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa
File: 3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa (raw, json)
Hash identifier: 6PMXQrrQXVzBpHaHSFgGlGrlU1XXSmQNWTZDb5pHbXs=
Subject key identifier: DF:07:76:D6:F0:FB:39:2C:E2:FA:62:38:F6:10:EE:D5:BD:C0:5D:76
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3523B3F7867CF339051DD12AB2AAA20F3C5FAFE0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da32:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:23:b3:f7:86:7c:f3:39:05:1d:d1:2a:b2:aa:a2:0f:3c:5f:af:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=0b1c902751945a367c0ff6f29c006910c9126370e56264ae2ca5d168d9842e30, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:2c:54:17:8a:0d:63:7c:b4:96:3a:45:94:
b4:63:a8:52:9a:11:66:b8:06:83:35:72:58:ce:ff:
07:3b:df:80:db:9b:e1:f1:aa:42:ab:04:7c:49:1e:
ce:f3:7b:c0:ab:ea:32:52:7d:94:fb:ad:7f:36:f6:
8d:b5:99:a6:e0:d5:06:ba:89:e8:6d:88:42:30:0a:
3e:ce:53:65:97:37:5f:48:4f:94:41:1a:8f:10:2e:
97:ff:40:37:b7:78:10:34:85:63:8d:e1:d1:d4:86:
2b:6d:f7:49:0f:4f:83:0d:dd:dc:6f:b2:1a:fb:75:
7f:17:bf:3c:2b:74:c2:e1:55:f7:c2:5e:c0:35:01:
21:54:97:1c:15:97:91:f7:66:ea:32:0c:e7:5f:0d:
dc:42:05:0b:aa:8d:9b:26:41:51:6f:16:8b:ad:b8:
e8:ce:c1:aa:dc:ee:8e:1e:a4:b1:64:51:41:3d:62:
43:e1:ad:f5:a0:4b:02:72:6e:af:d9:2c:2a:c9:89:
f7:c2:41:50:ac:fb:db:63:fb:ba:a3:02:88:dd:01:
5c:7f:6b:ba:3a:38:9d:d0:7c:ee:7c:c6:8d:4e:8a:
87:eb:20:13:b0:d0:16:9b:1a:2d:16:68:ea:9a:2d:
1f:d0:42:6e:67:d3:11:29:90:27:79:39:86:36:15:
01:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:07:76:D6:F0:FB:39:2C:E2:FA:62:38:F6:10:EE:D5:BD:C0:5D:76
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3f319ba4-4f75-49fd-9a3b-a90c938a24af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da32:4000::/40
Signature Algorithm: sha256WithRSAEncryption
88:e3:e1:9d:ed:9a:d3:5b:4e:99:7f:95:b3:22:7d:42:4e:44:
7d:09:31:08:b5:dc:b5:71:30:12:dd:e6:15:a8:ee:7b:8c:5b:
00:fb:dc:c9:7a:fd:74:1a:49:57:8a:fe:1f:c7:cf:03:c3:da:
f7:79:0c:cc:10:31:2e:e8:b7:18:b3:e2:4d:77:a5:b8:b5:bc:
17:ac:ff:ee:f3:f8:e3:3d:c1:6d:c8:f5:b5:b6:c8:8e:60:77:
b2:1a:e8:e9:28:5b:c6:f1:b3:4e:1e:2b:5b:c8:4c:1f:f2:93:
32:c7:d9:32:3e:f2:bd:f5:2e:82:21:46:d4:97:fc:54:d6:05:
2e:6e:c4:c8:cb:e9:9d:35:50:8e:f5:01:e6:4e:7b:59:ff:14:
20:db:52:e4:88:51:8b:1e:4c:91:30:3e:89:6a:4a:34:32:7b:
c9:89:d3:e9:5e:5e:36:62:5c:a3:b4:7d:8e:6a:0f:48:ab:41:
a0:6d:19:77:18:0c:43:02:6e:33:dd:1a:20:9d:5f:22:41:83:
2d:9b:e5:34:e0:03:14:08:96:95:fb:ad:e5:31:f4:83:60:aa:
a9:fd:ca:2c:ab:ea:fe:d6:d8:c8:17:9f:9e:2e:f4:ee:92:fa:
a0:5c:20:a6:8a:7e:d5:af:7c:5d:33:fb:f3:a2:d1:8f:c6:63:
eb:9d:b8:da
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNSOz94Z88zkFHdEqsqqiDzxfr+AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNDAwMDAwMFoX
DTI1MDIyODIzNTk1OVowejFJMEcGA1UEBRNAMGIxYzkwMjc1MTk0NWEzNjdjMGZm
NmYyOWMwMDY5MTBjOTEyNjM3MGU1NjI2NGFlMmNhNWQxNjhkOTg0MmUzMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPYsVBeKDWN8tJY6RZS0Y6hSmhFm
uAaDNXJYzv8HO9+A25vh8apCqwR8SR7O83vAq+oyUn2U+61/NvaNtZmm4NUGuono
bYhCMAo+zlNllzdfSE+UQRqPEC6X/0A3t3gQNIVjjeHR1IYrbfdJD0+DDd3cb7Ia
+3V/F788K3TC4VX3wl7ANQEhVJccFZeR92bqMgznXw3cQgULqo2bJkFRbxaLrbjo
zsGq3O6OHqSxZFFBPWJD4a31oEsCcm6v2SwqyYn3wkFQrPvbY/u6owKI3QFcf2u6
Ojid0HzufMaNToqH6yATsNAWmxotFmjqmi0f0EJuZ9MRKZAneTmGNhUBzQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFN8Hdtbw+zks4vpiOPYQ7tW9wF12MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNmMzE5YmE0LTRmNzUtNDlmZC05YTNiLWE5MGM5MzhhMjRhZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMkAwDQYJKoZIhvcNAQELBQADggEBAIjj4Z3tmtNbTpl/lbMi
fUJORH0JMQi13LVxMBLd5hWo7nuMWwD73Ml6/XQaSVeK/h/HzwPD2vd5DMwQMS7o
txiz4k13pbi1vBes/+7z+OM9wW3I9bW2yI5gd7Ia6OkoW8bxs04eK1vITB/ykzLH
2TI+8r31LoIhRtSX/FTWBS5uxMjL6Z01UI71AeZOe1n/FCDbUuSIUYseTJEwPolq
SjQye8mJ0+leXjZiXKO0fY5qD0irQaBtGXcYDEMCbjPdGiCdXyJBgy2b5TTgAxQI
lpX7reUx9INgqqn9yiyr6v7W2MgXn54u9O6S+qBcIKaKftWvfF0z+/Oi0Y/GY+ud
uNo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:38 2025 by rpki-client