Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4386eec0-31bd-4fe0-a809-ab13a56325fb.roa
File: 4386eec0-31bd-4fe0-a809-ab13a56325fb.roa (raw, json)
Hash identifier: cu3bZdT/2L75IV1mTgmXnDglQEepq3IFegr8n/jaT5c=
Subject key identifier: 26:92:CC:12:EF:C1:2B:BE:3F:B9:69:86:CC:2E:84:8C:CF:5C:C4:DF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 23942976707582E0CECE85227159C43E55D71195
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4386eec0-31bd-4fe0-a809-ab13a56325fb.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:94:29:76:70:75:82:e0:ce:ce:85:22:71:59:c4:3e:55:d7:11:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e37277c49fb34deb4b51fd973b56d45990108c3726d08e93b14ea18c1a3aa20f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:91:c9:fa:57:39:b6:05:41:33:5c:06:8c:77:
4f:eb:e4:4d:4c:51:c7:dd:fd:40:f7:61:b3:9f:00:
48:8b:44:df:62:47:f2:96:d9:68:ff:30:79:f0:d4:
5f:8b:cd:d2:31:40:a8:c9:48:76:2f:74:51:93:34:
e6:41:ca:28:76:36:d2:71:e0:b3:e0:3a:12:e9:33:
24:72:50:98:0e:c1:db:be:8d:ae:26:c8:c5:f9:e3:
de:39:5d:db:d7:11:ab:eb:6e:f6:d6:ac:1b:3e:05:
70:5b:0a:81:a4:21:18:5a:a9:2b:45:68:81:d8:67:
9d:d5:df:9f:54:0d:99:59:5f:36:1f:4f:1d:b1:f3:
eb:d5:8d:49:ac:49:7b:b0:3b:73:b8:6a:c2:78:f0:
9a:ad:85:93:b0:57:52:90:f8:8a:c4:96:9d:21:92:
6b:61:9c:29:0f:be:85:ff:52:49:53:4d:b5:f2:9a:
55:bd:4c:fe:f8:ca:74:a0:bf:43:f0:e1:59:20:4f:
61:10:e8:dd:ea:a5:93:ba:00:3e:d3:a7:a6:99:17:
8f:9e:14:a5:d8:d7:89:c7:42:ea:62:b8:62:6b:63:
00:61:de:2a:2d:c2:a9:23:f6:b3:bb:a2:67:f0:bc:
6a:b4:19:78:89:81:dc:61:bb:9a:f2:87:11:13:06:
a3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:92:CC:12:EF:C1:2B:BE:3F:B9:69:86:CC:2E:84:8C:CF:5C:C4:DF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4386eec0-31bd-4fe0-a809-ab13a56325fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8:2800::/40
Signature Algorithm: sha256WithRSAEncryption
90:db:e7:2a:b4:42:14:0d:2d:a9:28:3e:11:db:45:40:a1:67:
dd:01:e1:25:7f:87:9c:81:07:83:e0:3b:48:18:8b:da:1c:e5:
11:cf:ce:ad:25:d0:ab:4b:d4:e7:2f:f6:41:ff:98:56:0a:59:
dd:d4:9a:b6:25:7a:a8:23:75:03:28:5d:fd:e9:01:cc:4c:5f:
64:aa:4c:d1:8e:8d:4a:7e:e1:e2:da:75:b5:23:b0:34:57:5f:
73:30:89:56:99:12:de:c8:c6:44:b4:d4:ac:db:17:4c:53:6d:
a2:9d:d9:43:6e:17:38:e9:6f:74:65:6d:64:cd:dd:af:f4:86:
ea:11:dd:c2:3c:ad:98:9f:61:22:5a:2f:2f:1f:f0:71:e8:81:
0c:c8:6e:dc:a7:93:f8:33:73:1e:1d:ec:8b:a6:a9:cd:bb:1a:
d6:c9:05:87:e9:ca:cf:d8:b4:a0:a5:98:5f:7a:60:d6:c0:b1:
1b:2a:73:71:9e:bf:7a:f6:9a:07:f6:23:b8:b8:c4:4a:84:12:
53:21:aa:48:8d:e6:d0:a7:94:ab:bf:e5:19:dd:81:d2:40:47:
69:de:c6:6d:56:38:ca:3b:65:c7:7a:6c:bd:52:e7:e2:bd:32:
5f:16:b1:e0:1b:b4:45:2a:2e:f9:f9:50:aa:56:28:9e:c4:2a:
e6:a7:29:3a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUI5QpdnB1guDOzoUicVnEPlXXEZUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZTM3Mjc3YzQ5ZmIzNGRlYjRiNTFm
ZDk3M2I1NmQ0NTk5MDEwOGMzNzI2ZDA4ZTkzYjE0ZWExOGMxYTNhYTIwZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspHJ+lc5tgVBM1wGjHdP6+RNTFHH
3f1A92GznwBIi0TfYkfyltlo/zB58NRfi83SMUCoyUh2L3RRkzTmQcoodjbSceCz
4DoS6TMkclCYDsHbvo2uJsjF+ePeOV3b1xGr62721qwbPgVwWwqBpCEYWqkrRWiB
2Ged1d+fVA2ZWV82H08dsfPr1Y1JrEl7sDtzuGrCePCarYWTsFdSkPiKxJadIZJr
YZwpD76F/1JJU0218ppVvUz++Mp0oL9D8OFZIE9hEOjd6qWTugA+06emmRePnhSl
2NeJx0LqYrhia2MAYd4qLcKpI/azu6Jn8LxqtBl4iYHcYbua8ocREwajAQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCaSzBLvwSu+P7lphswuhIzPXMTfMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQzODZlZWMwLTMxYmQtNGZlMC1hODA5LWFiMTNhNTYzMjVmYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauCgwDQYJKoZIhvcNAQELBQADggEBAJDb5yq0QhQNLakoPhHb
RUChZ90B4SV/h5yBB4PgO0gYi9oc5RHPzq0l0KtL1Ocv9kH/mFYKWd3UmrYleqgj
dQMoXf3pAcxMX2SqTNGOjUp+4eLadbUjsDRXX3MwiVaZEt7IxkS01KzbF0xTbaKd
2UNuFzjpb3RlbWTN3a/0huoR3cI8rZifYSJaLy8f8HHogQzIbtynk/gzcx4d7Ium
qc27GtbJBYfpys/YtKClmF96YNbAsRsqc3Gev3r2mgf2I7i4xEqEElMhqkiN5tCn
lKu/5RndgdJAR2nexm1WOMo7Zcd6bL1S5+K9Ml8WseAbtEUqLvn5UKpWKJ7EKuan
KTo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:23:39 2025 by rpki-client