Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa
File: 404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa (raw, json)
Hash identifier: Xws6AwUv/sHKavuy09gW1SApgPdlmAL7IsONM7+j/3U=
Subject key identifier: 16:48:38:53:E4:6E:65:1F:7D:16:4E:68:A9:6A:4A:30:2A:44:93:BB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6DB3C80886E2D087F81C73A6A71B8081E1C30EE9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf5::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:b3:c8:08:86:e2:d0:87:f8:1c:73:a6:a7:1b:80:81:e1:c3:0e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=258d5e7101c06ceb773d143b5caa2d64956ef6d5df5395f9924176bb2725b059, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:83:3f:78:4a:56:6b:b8:42:3d:4d:05:d7:
1c:bb:06:85:16:7d:10:3e:c4:88:77:56:df:17:2c:
17:d4:23:e3:6d:84:2a:0d:fb:5a:df:90:fd:9e:62:
4f:bf:41:48:70:e7:25:3c:b7:ef:5a:83:b2:8f:57:
42:8a:44:8f:e6:d5:c3:6c:3f:1c:c8:de:3d:03:87:
a7:c0:47:3d:2d:b8:c4:94:4c:78:90:97:16:09:97:
3d:f9:64:2e:46:79:d7:4e:28:de:b7:c8:6b:62:91:
98:92:eb:c1:c0:65:9f:02:44:30:81:a4:89:1f:ca:
a1:81:73:47:d6:49:b4:51:8c:48:76:5e:c2:73:81:
7b:49:0d:98:7d:22:26:fa:fc:5f:ce:90:29:1e:29:
01:d7:49:3c:a4:78:a2:2e:52:65:49:1a:19:d5:71:
0d:1d:39:32:bb:42:7c:7b:e3:48:1e:c7:9f:73:b2:
90:a7:05:d0:cc:6b:57:d5:2a:23:9f:cd:d7:03:42:
03:aa:12:ad:ec:8e:76:3c:5b:1d:42:46:7d:8d:56:
5b:c7:e4:d0:f5:e4:b1:45:50:51:4e:bc:d2:8b:07:
43:cd:35:fd:4a:9f:f4:6d:ae:2c:80:fd:27:a0:48:
c7:f9:ad:cc:56:70:a3:21:fe:c9:ba:ae:30:65:8f:
79:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:48:38:53:E4:6E:65:1F:7D:16:4E:68:A9:6A:4A:30:2A:44:93:BB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf5::/32
Signature Algorithm: sha256WithRSAEncryption
58:21:d9:33:b0:bb:4c:99:37:3b:b9:da:df:f6:b1:85:fa:d7:
c6:29:47:c0:62:a8:61:74:bb:6c:46:55:a4:ac:25:77:fc:9c:
9a:4d:78:10:a3:85:9c:76:75:d1:77:6c:5c:12:83:d9:06:94:
0d:c8:b0:d3:3f:dc:de:12:d4:6a:75:44:fc:bf:7d:1f:d3:87:
bf:db:dc:db:53:16:16:ad:53:f9:68:5d:51:48:4b:bb:12:6d:
7c:82:51:3f:83:a2:e6:4c:30:47:d3:60:ee:e4:5f:c3:72:e7:
7f:92:fa:57:37:ae:2c:f0:8a:35:aa:6f:dd:03:30:1b:9e:d5:
8a:95:38:60:88:c4:96:73:51:9f:6d:7e:88:69:2d:59:96:fc:
3d:6b:d3:ed:05:b7:d1:8b:fd:dc:e5:f1:98:cd:70:47:a1:97:
5d:b3:22:ab:c0:13:bb:66:c3:93:e9:1c:a6:0f:c9:e7:9b:23:
62:ef:8b:ba:8e:17:fb:77:fa:00:a8:29:ef:c8:46:84:07:c1:
25:4e:da:d7:cd:50:b1:58:b8:66:6d:3a:4c:03:95:01:8e:83:
56:85:53:e6:6e:87:c4:c0:e5:9a:c5:b7:75:a8:4b:9f:24:c9:
8a:dc:14:31:40:fa:e3:39:9b:64:dc:53:55:5d:43:84:b7:2e:
c0:84:de:8b
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUbbPICIbi0If4HHOmpxuAgeHDDukwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNzAwMDAwMFoX
DTI1MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAMjU4ZDVlNzEwMWMwNmNlYjc3M2Qx
NDNiNWNhYTJkNjQ5NTZlZjZkNWRmNTM5NWY5OTI0MTc2YmIyNzI1YjA1OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG6DP3hKVmu4Qj1NBdccuwaFFn0Q
PsSId1bfFywX1CPjbYQqDfta35D9nmJPv0FIcOclPLfvWoOyj1dCikSP5tXDbD8c
yN49A4enwEc9LbjElEx4kJcWCZc9+WQuRnnXTijet8hrYpGYkuvBwGWfAkQwgaSJ
H8qhgXNH1km0UYxIdl7Cc4F7SQ2YfSIm+vxfzpApHikB10k8pHiiLlJlSRoZ1XEN
HTkyu0J8e+NIHsefc7KQpwXQzGtX1Sojn83XA0IDqhKt7I52PFsdQkZ9jVZbx+TQ
9eSxRVBRTrzSiwdDzTX9Sp/0ba4sgP0noEjH+a3MVnCjIf7Juq4wZY95pwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFBZIOFPkbmUffRZOaKlqSjAqRJO7MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQwNGIxZjA5LTU4ZWQtNGQ4Yi04Yjk1LThkZmUzZDgzMzQyNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAba9TANBgkqhkiG9w0BAQsFAAOCAQEAWCHZM7C7TJk3O7na3/ax
hfrXxilHwGKoYXS7bEZVpKwld/ycmk14EKOFnHZ10XdsXBKD2QaUDciw0z/c3hLU
anVE/L99H9OHv9vc21MWFq1T+WhdUUhLuxJtfIJRP4Oi5kwwR9Ng7uRfw3Lnf5L6
VzeuLPCKNapv3QMwG57VipU4YIjElnNRn21+iGktWZb8PWvT7QW30Yv93OXxmM1w
R6GXXbMiq8ATu2bDk+kcpg/J55sjYu+Luo4X+3f6AKgp78hGhAfBJU7a181QsVi4
Zm06TAOVAY6DVoVT5m6HxMDlmsW3dahLnyTJitwUMUD64zmbZNxTVV1DhLcuwITe
iw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:28 2025 by rpki-client