Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/422b2cc7-8cfe-4120-83e9-971bd9b03f2b.roa
File: 422b2cc7-8cfe-4120-83e9-971bd9b03f2b.roa (raw, json)
Hash identifier: yOYuKBIH0gQPAXvkVvno8dmieiCwJNnet61RsarojAI=
Subject key identifier: 66:43:60:17:3A:68:85:8D:D0:43:3B:9F:44:31:26:B1:E6:0C:57:CA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0AF788763C68AC2593EDE780E52156DDABCF55C2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/422b2cc7-8cfe-4120-83e9-971bd9b03f2b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:40c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f7:88:76:3c:68:ac:25:93:ed:e7:80:e5:21:56:dd:ab:cf:55:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d5ea0d7f66eeb5330008c4d4f1371547e42eb12bef1ba66c58bc69412b140a87, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:21:4f:72:22:6e:80:29:cb:58:37:7d:ab:63:
ef:66:4c:4d:d2:81:aa:dd:4e:f0:3f:0e:c0:22:a9:
79:e7:94:fd:4a:ff:49:21:01:38:99:e8:da:09:9a:
3c:a6:e3:a7:12:94:7e:75:47:c7:d2:07:22:86:77:
50:0c:80:7d:09:18:18:7f:81:67:70:e0:d0:77:89:
3a:bd:7c:58:d7:61:1c:0a:3c:98:a4:c2:86:27:b4:
a6:35:7b:74:62:4a:40:93:e2:a7:70:14:4d:f8:9a:
62:f7:0c:f6:34:6c:d9:3b:86:84:f9:43:0c:6b:a9:
ec:cc:f4:7e:d1:99:31:99:55:13:48:27:d1:2e:1c:
27:82:ad:45:7c:90:99:c3:ff:a5:40:0c:fd:1b:e6:
5a:96:9f:2a:1f:72:db:1d:96:9a:7b:f8:49:f8:ad:
b1:de:67:e7:c7:4a:7c:a1:82:67:6b:db:5e:9f:92:
8d:6b:fa:e1:21:cd:4f:94:45:5d:e1:82:15:97:41:
2d:3d:2a:e7:d3:9d:7b:6b:cb:c2:7e:87:82:17:ac:
fc:65:bb:a1:91:1c:4e:b0:bb:82:6c:9a:04:ea:d3:
fc:9d:a4:ab:f6:d1:f5:eb:7d:d2:b9:71:82:cf:2c:
85:19:95:0b:1b:9b:2b:c3:32:80:89:2f:d0:24:21:
63:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:43:60:17:3A:68:85:8D:D0:43:3B:9F:44:31:26:B1:E6:0C:57:CA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/422b2cc7-8cfe-4120-83e9-971bd9b03f2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:a6:00:73:d4:71:44:7e:f3:56:05:7a:d2:e0:da:5c:ed:d0:
58:fe:e5:29:54:aa:48:17:77:12:7a:41:01:bf:4c:68:f5:a2:
9b:15:df:5b:ee:48:6a:bf:e7:40:31:14:8c:2f:0d:45:b1:a3:
2d:80:46:66:65:36:6a:7a:98:9b:23:80:92:e3:85:4a:c1:78:
9f:8b:8b:15:f6:74:8a:25:05:99:25:57:e9:59:03:8f:04:bd:
fc:14:49:9b:c8:32:38:72:19:72:5c:7d:3e:47:7d:7b:d8:eb:
4e:40:55:ab:f3:78:f6:22:c8:b7:3f:43:c1:20:c4:eb:d5:70:
60:5e:35:d0:d9:fe:ae:fd:ac:92:38:5d:81:ab:88:ff:a2:40:
f6:94:7f:e5:8e:7c:d3:cf:78:c0:74:18:a0:5c:1b:8b:02:b3:
98:18:5b:bf:60:c0:62:81:34:44:54:b8:1f:19:66:37:3b:bf:
f9:2c:9d:29:01:f8:44:92:c6:31:9e:13:60:7f:5a:92:81:58:
11:4c:09:ab:71:ad:7d:00:05:c1:29:1c:fd:59:38:68:45:f5:
b3:66:9c:6e:9a:e2:1a:3b:75:00:06:da:3f:ff:f3:51:9f:18:
2b:fe:b5:eb:9e:24:8a:2d:0e:2a:d6:de:bd:e4:ef:f6:86:9d:
59:86:de:23
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCveIdjxorCWT7eeA5SFW3avPVcIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZDVlYTBkN2Y2NmVlYjUzMzAwMDhj
NGQ0ZjEzNzE1NDdlNDJlYjEyYmVmMWJhNjZjNThiYzY5NDEyYjE0MGE4NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCFPciJugCnLWDd9q2PvZkxN0oGq
3U7wPw7AIql555T9Sv9JIQE4mejaCZo8puOnEpR+dUfH0gcihndQDIB9CRgYf4Fn
cODQd4k6vXxY12EcCjyYpMKGJ7SmNXt0YkpAk+KncBRN+Jpi9wz2NGzZO4aE+UMM
a6nszPR+0ZkxmVUTSCfRLhwngq1FfJCZw/+lQAz9G+Zalp8qH3LbHZaae/hJ+K2x
3mfnx0p8oYJna9ten5KNa/rhIc1PlEVd4YIVl0EtPSrn0517a8vCfoeCF6z8Zbuh
kRxOsLuCbJoE6tP8naSr9tH1633SuXGCzyyFGZULG5srwzKAiS/QJCFjFwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGZDYBc6aIWN0EM7n0QxJrHmDFfKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQyMmIyY2M3LThjZmUtNDEyMC04M2U5LTk3MWJkOWIwM2YyYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaOEDAMA0GCSqGSIb3DQEBCwUAA4IBAQCLpgBz1HFEfvNWBXrS
4Npc7dBY/uUpVKpIF3cSekEBv0xo9aKbFd9b7khqv+dAMRSMLw1FsaMtgEZmZTZq
epibI4CS44VKwXifi4sV9nSKJQWZJVfpWQOPBL38FEmbyDI4chlyXH0+R3172OtO
QFWr83j2Isi3P0PBIMTr1XBgXjXQ2f6u/aySOF2Bq4j/okD2lH/ljnzTz3jAdBig
XBuLArOYGFu/YMBigTREVLgfGWY3O7/5LJ0pAfhEksYxnhNgf1qSgVgRTAmrca19
AAXBKRz9WThoRfWzZpxumuIaO3UABto///NRnxgr/rXrniSKLQ4q1t695O/2hp1Z
ht4j
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:06:59 2025 by rpki-client