Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43b40021-be8f-464d-b054-4e7db7c9b814.roa
File: 43b40021-be8f-464d-b054-4e7db7c9b814.roa (raw, json)
Hash identifier: nJvr2/GUOJdL4F2b2U/acVcTQdiJcq/39wecFvWFJwc=
Subject key identifier: D5:E0:C8:5C:6D:D9:2D:FF:4A:95:07:F9:B5:28:CA:19:35:59:00:E9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 541BA1C24A69079EE44F05489C6961CBF89168F7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43b40021-be8f-464d-b054-4e7db7c9b814.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da12:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:1b:a1:c2:4a:69:07:9e:e4:4f:05:48:9c:69:61:cb:f8:91:68:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=501bdc933fdc0210a7d9a8ba633428d5b11b63f24335bc6b3c0848287603d7d6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:d0:dc:27:40:93:a0:aa:cd:91:07:bf:61:
f0:19:85:bd:17:4a:61:cb:e7:2d:7a:96:24:a7:60:
58:34:44:a2:69:ab:06:4e:2a:e4:b5:b5:3c:1e:0c:
55:c3:af:d3:da:a0:14:ff:fe:49:ca:46:69:a5:a2:
96:fe:38:b3:c9:76:53:d9:44:a0:ec:d6:52:b6:a2:
61:24:e6:2a:f6:ff:97:97:a2:d9:bb:14:52:51:b9:
d4:55:a6:3d:08:5c:ac:c8:9b:56:95:9f:e8:21:2d:
de:d0:ad:0e:69:0d:1f:14:1a:3c:af:7e:05:0d:f3:
ed:25:94:87:78:bb:dc:e0:05:5f:35:55:c3:88:6d:
af:1c:1d:c8:2b:99:a5:c1:05:a7:54:67:b3:f2:c8:
cf:18:31:9a:85:6d:d3:ca:2c:20:3b:c5:8e:8d:b7:
02:48:22:b7:a6:88:cc:5b:f9:ff:95:94:58:0d:03:
1c:14:e1:af:74:d4:1e:8a:ab:1a:ea:35:68:41:54:
33:1c:58:48:eb:38:1b:9d:97:3c:da:dd:e1:8d:13:
cd:2e:e1:59:b1:88:01:21:0d:5b:52:c5:b5:b2:e5:
e8:13:49:54:25:cd:83:53:f1:32:9f:3b:3a:29:9c:
e9:74:29:1b:5b:18:df:f4:1c:d1:5d:77:dd:8f:78:
6e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E0:C8:5C:6D:D9:2D:FF:4A:95:07:F9:B5:28:CA:19:35:59:00:E9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43b40021-be8f-464d-b054-4e7db7c9b814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da12:400::/38
Signature Algorithm: sha256WithRSAEncryption
38:c3:d8:7c:eb:42:89:b4:b9:96:7c:3c:cd:53:fb:49:f4:c6:
aa:13:3e:55:a6:cd:ff:b2:43:dc:69:9e:b9:fe:60:26:62:2e:
13:e2:23:ea:22:91:4f:c5:18:88:8f:9e:c5:35:51:4a:cb:d2:
ff:7e:74:97:8b:62:4f:8a:4e:b2:55:b6:0e:69:74:1a:16:b4:
98:63:e1:2f:54:5b:80:b5:07:4b:2d:a7:7b:ea:07:d2:7a:4b:
eb:51:68:b5:e1:e2:74:a4:99:15:21:12:ad:f3:3e:28:bd:0c:
b8:20:5a:bf:e3:b1:56:ad:24:a2:08:ea:46:a1:95:2b:d0:ba:
c6:55:10:3f:33:26:e5:4b:d5:c6:81:9c:6d:4e:d9:1e:73:e8:
19:0c:47:40:e7:ee:e4:17:03:9f:7f:97:28:16:11:50:79:ab:
e2:67:76:97:d3:a2:16:59:6d:6f:c0:4d:cf:7f:62:b8:ab:38:
77:39:88:af:00:de:d6:56:dc:2a:6f:bf:e0:52:92:ec:c1:ee:
cb:a4:41:99:05:a5:75:23:eb:0e:b7:5b:a6:13:6b:74:9a:d9:
a7:24:58:c1:11:7c:f3:4f:ab:da:2c:8a:47:48:a8:a4:26:3f:
1f:36:e8:5b:8a:a9:3b:f4:68:16:a8:44:3b:8c:8c:75:f7:08:
a3:12:fa:a2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVBuhwkppB57kTwVInGlhy/iRaPcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANTAxYmRjOTMzZmRjMDIxMGE3ZDlh
OGJhNjMzNDI4ZDViMTFiNjNmMjQzMzViYzZiM2MwODQ4Mjg3NjAzZDdkNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBTQ3CdAk6CqzZEHv2HwGYW9F0ph
y+ctepYkp2BYNESiaasGTirktbU8HgxVw6/T2qAU//5JykZppaKW/jizyXZT2USg
7NZStqJhJOYq9v+Xl6LZuxRSUbnUVaY9CFysyJtWlZ/oIS3e0K0OaQ0fFBo8r34F
DfPtJZSHeLvc4AVfNVXDiG2vHB3IK5mlwQWnVGez8sjPGDGahW3TyiwgO8WOjbcC
SCK3pojMW/n/lZRYDQMcFOGvdNQeiqsa6jVoQVQzHFhI6zgbnZc82t3hjRPNLuFZ
sYgBIQ1bUsW1suXoE0lUJc2DU/Eynzs6KZzpdCkbWxjf9BzRXXfdj3huAwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNXgyFxt2S3/SpUH+bUoyhk1WQDpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQzYjQwMDIxLWJlOGYtNDY0ZC1iMDU0LTRlN2RiN2M5YjgxNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaEgQwDQYJKoZIhvcNAQELBQADggEBADjD2HzrQom0uZZ8PM1T
+0n0xqoTPlWmzf+yQ9xpnrn+YCZiLhPiI+oikU/FGIiPnsU1UUrL0v9+dJeLYk+K
TrJVtg5pdBoWtJhj4S9UW4C1B0stp3vqB9J6S+tRaLXh4nSkmRUhEq3zPii9DLgg
Wr/jsVatJKII6kahlSvQusZVED8zJuVL1caBnG1O2R5z6BkMR0Dn7uQXA59/lygW
EVB5q+JndpfTohZZbW/ATc9/YrirOHc5iK8A3tZW3Cpvv+BSkuzB7sukQZkFpXUj
6w63W6YTa3Sa2ackWMERfPNPq9osikdIqKQmPx826FuKqTv0aBaoRDuMjHX3CKMS
+qI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:23:34 2025 by rpki-client