Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa
File: 49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa (raw, json)
Hash identifier: cx/N2ZtBDog6P59UshkjvRtl9VnYY8TL4KPp9f8cLfc=
Subject key identifier: 52:D3:FC:72:10:8D:64:DE:AE:7F:CD:E0:5D:B5:3A:C8:AB:9D:E8:FF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4239B4F692E73097AC468C2BAB3A8152D560DE07
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:4800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:39:b4:f6:92:e7:30:97:ac:46:8c:2b:ab:3a:81:52:d5:60:de:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=251daf8a1aaeffa099749b50cc3b031686d6b40a3119080d0b314cd24c6f2684, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:09:5e:0b:ad:7f:24:40:6f:c3:27:09:2d:4c:
30:3b:4d:20:19:39:b9:8f:da:a3:07:f4:ef:89:49:
b7:2f:58:d2:40:f7:37:41:35:89:2b:c9:cd:81:c1:
7b:ab:0c:b9:10:1d:25:6c:b6:ab:09:09:dd:58:2b:
00:bf:c5:6b:7b:13:22:81:46:f1:60:4c:81:cb:88:
c6:ce:99:e7:c1:7e:e4:ac:92:49:e5:16:65:54:59:
b0:00:d1:36:d6:e4:3c:ba:ab:c8:04:16:97:43:79:
5f:d5:4a:ef:98:40:ee:15:14:b1:06:43:f5:4c:ce:
a3:0e:b0:17:8c:b0:ef:24:3b:c5:a4:5e:ff:ab:d1:
4b:a7:22:78:39:f9:53:dc:ee:2d:25:3f:29:d1:42:
6c:b9:e9:29:bc:66:94:0b:fb:a8:c6:5d:78:7c:2c:
fc:09:c0:f2:54:ce:ec:10:72:13:01:c0:47:03:70:
e8:36:97:93:79:4d:c5:3b:23:47:bd:3b:c6:0b:60:
58:dd:c3:73:61:12:f9:6d:5e:d7:49:f7:f2:02:33:
3b:04:f8:63:e4:4f:f4:77:cb:21:3a:2a:94:b5:82:
cf:c5:4e:a8:ad:72:81:79:3b:4f:21:28:92:a2:55:
b1:70:3e:4b:19:01:ab:93:e9:98:30:c8:43:98:08:
94:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D3:FC:72:10:8D:64:DE:AE:7F:CD:E0:5D:B5:3A:C8:AB:9D:E8:FF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:4800::/40
Signature Algorithm: sha256WithRSAEncryption
80:8e:ce:f3:fc:07:2b:ba:69:a6:f2:e6:87:0e:f4:b7:61:5f:
c4:8c:85:c8:62:cd:da:3b:93:4c:75:66:ed:0b:b6:cd:9a:f7:
39:c7:b0:fa:67:cb:2b:58:8f:90:2c:33:1e:78:4e:5c:c9:e4:
a5:a4:43:fb:fe:38:d8:db:a8:47:13:f6:6e:ef:15:b5:29:e7:
82:99:ca:6c:2c:cf:92:7e:41:19:e8:db:66:c8:66:c4:e1:77:
0f:e4:15:84:07:5b:a2:c7:22:5f:60:34:1d:57:33:c1:9f:15:
db:b8:b7:b8:a9:22:b4:46:6d:6b:4e:f3:a1:88:db:29:e4:9f:
79:3b:23:69:dc:ff:b6:71:11:99:04:ef:1d:33:6d:7d:c7:db:
f4:e2:a6:07:61:4e:c0:b9:4a:ea:ee:88:82:4d:62:19:e0:7d:
a9:e1:1c:b5:b1:4a:29:6d:39:d8:8c:21:13:df:51:4a:40:3d:
16:46:48:f5:5b:57:06:94:05:89:63:ee:86:de:a4:e2:fb:3a:
e7:aa:7f:a2:26:fe:af:da:4b:3a:10:99:d5:df:fb:54:19:36:
a7:ec:ca:6e:38:1c:25:eb:a6:41:4c:8d:55:93:f2:ac:51:1b:
56:83:0e:ac:b6:3c:d3:b5:b7:19:6e:04:54:1e:a4:6b:4f:18:
69:c5:c6:89
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQjm09pLnMJesRowrqzqBUtVg3gcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjUxZGFmOGExYWFlZmZhMDk5NzQ5
YjUwY2MzYjAzMTY4NmQ2YjQwYTMxMTkwODBkMGIzMTRjZDI0YzZmMjY4NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwleC61/JEBvwycJLUwwO00gGTm5
j9qjB/TviUm3L1jSQPc3QTWJK8nNgcF7qwy5EB0lbLarCQndWCsAv8VrexMigUbx
YEyBy4jGzpnnwX7krJJJ5RZlVFmwANE21uQ8uqvIBBaXQ3lf1UrvmEDuFRSxBkP1
TM6jDrAXjLDvJDvFpF7/q9FLpyJ4OflT3O4tJT8p0UJsuekpvGaUC/uoxl14fCz8
CcDyVM7sEHITAcBHA3DoNpeTeU3FOyNHvTvGC2BY3cNzYRL5bV7XSffyAjM7BPhj
5E/0d8shOiqUtYLPxU6orXKBeTtPISiSolWxcD5LGQGrk+mYMMhDmAiUvwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFLT/HIQjWTern/N4F21Osirnej/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ5YzdlZTkzLTM2NTUtNGNhOS04ODk3LWM4ZTNkMWQwZjllYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9kgwDQYJKoZIhvcNAQELBQADggEBAICOzvP8Byu6aaby5ocO
9LdhX8SMhchizdo7k0x1Zu0Lts2a9znHsPpnyytYj5AsMx54TlzJ5KWkQ/v+ONjb
qEcT9m7vFbUp54KZymwsz5J+QRno22bIZsThdw/kFYQHW6LHIl9gNB1XM8GfFdu4
t7ipIrRGbWtO86GI2ynkn3k7I2nc/7ZxEZkE7x0zbX3H2/TipgdhTsC5SuruiIJN
YhngfanhHLWxSiltOdiMIRPfUUpAPRZGSPVbVwaUBYlj7obepOL7Oueqf6Im/q/a
SzoQmdXf+1QZNqfsym44HCXrpkFMjVWT8qxRG1aDDqy2PNO1txluBFQepGtPGGnF
xok=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:20 2025 by rpki-client