Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f566d19-ce73-40fd-941c-356b2337d320.roa
File: 4f566d19-ce73-40fd-941c-356b2337d320.roa (raw, json)
Hash identifier: b7W8/RarQtisUpxuUT/zvazJFfGCoCfxWD0bHU5epH8=
Subject key identifier: 67:07:F2:07:93:2D:98:4B:4A:55:63:54:92:F7:CA:B6:81:8D:8C:00
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0D5034F26C574E52816B448BE9CB0441115714E8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f566d19-ce73-40fd-941c-356b2337d320.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:8840::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:50:34:f2:6c:57:4e:52:81:6b:44:8b:e9:cb:04:41:11:57:14:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f357a1609c371da7c90230770562259d057071301584506b7fe94338f07b0b05, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:8b:82:8d:cf:14:81:d9:ec:bb:23:a9:c8:
85:f9:5c:17:01:a2:cb:99:06:cc:c1:34:b1:64:42:
fe:0b:93:db:61:1b:9c:8f:c7:a6:30:00:b8:79:14:
bb:d3:55:7e:4b:bd:7f:03:b0:8f:fa:89:a0:bb:9c:
d0:fa:38:5d:0e:50:ea:e2:f4:5d:74:4c:75:d0:cf:
17:d1:bc:2e:7b:07:56:d0:10:03:06:b9:29:0f:25:
1d:e5:a9:3d:36:06:be:f8:0b:f3:d4:ac:a7:db:12:
7b:26:0e:ee:ec:d3:02:cf:f3:89:ff:67:9a:84:51:
26:ce:3a:2d:d4:5f:c4:7e:11:5d:a9:76:75:72:05:
f3:bd:2a:f6:ff:d2:ba:01:99:27:d2:94:46:7f:63:
34:ce:87:4c:3d:6f:36:fd:31:4c:40:02:b8:f6:b9:
c4:72:6e:0a:98:b5:9a:a4:f2:55:de:35:91:5a:9d:
52:c3:b6:fa:ed:9e:b6:d2:ae:9b:e5:41:f9:f9:c1:
e2:16:6b:72:87:e5:59:74:9d:94:3b:99:33:57:66:
f3:54:88:6f:4d:2e:06:6c:ee:be:91:8b:a3:c0:75:
dd:17:c3:f9:f1:cb:39:bc:72:c5:8b:48:94:79:57:
25:ba:cb:d8:bf:47:4a:ee:b4:8d:29:b9:f2:5b:dc:
39:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:07:F2:07:93:2D:98:4B:4A:55:63:54:92:F7:CA:B6:81:8D:8C:00
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f566d19-ce73-40fd-941c-356b2337d320.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:8840::/48
Signature Algorithm: sha256WithRSAEncryption
b8:29:9c:75:b8:63:bc:97:84:a4:91:80:fd:37:4f:28:2d:ae:
03:3d:98:e9:d2:6a:31:65:f2:05:f3:cf:2b:82:0e:ae:35:0b:
29:7f:4d:74:24:0f:52:16:0d:87:ca:58:fb:80:50:89:3a:ef:
2c:f2:9e:2d:50:b2:2f:95:36:0c:1d:c2:05:f8:d7:29:3d:46:
43:74:c8:4e:b9:4d:72:57:28:77:16:b0:1a:ef:7e:04:cd:a1:
b8:1e:e9:9b:91:1c:4c:50:39:bf:49:5c:68:dd:d9:0f:a4:38:
bc:d7:2a:47:4a:1a:f8:cb:21:b6:a7:16:ba:f5:73:ac:b9:75:
26:d0:62:ce:de:b3:fb:9d:40:55:5a:0d:38:81:4b:da:b3:d4:
69:2d:c4:47:fe:cb:d2:54:28:ba:6c:02:0b:21:05:f2:87:bb:
ac:c9:a2:1c:2c:4a:02:29:33:0f:8f:ff:de:70:a7:93:88:b7:
03:bb:1e:5e:38:7e:a2:82:34:1d:8e:bf:91:d0:f5:d9:9e:33:
c0:9e:40:06:d2:bc:82:27:33:be:87:e6:4c:b1:16:c8:2d:02:
97:17:3b:44:fb:4d:d7:22:2b:bf:f7:5a:18:d5:34:69:9a:f9:
47:64:9b:6a:48:07:2f:c7:2d:c2:b1:07:ae:bc:a2:6d:22:ce:
83:2e:f2:2c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUDVA08mxXTlKBa0SL6csEQRFXFOgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZjM1N2ExNjA5YzM3MWRhN2M5MDIz
MDc3MDU2MjI1OWQwNTcwNzEzMDE1ODQ1MDZiN2ZlOTQzMzhmMDdiMGIwNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkWLgo3PFIHZ7LsjqciF+VwXAaLL
mQbMwTSxZEL+C5PbYRucj8emMAC4eRS701V+S71/A7CP+omgu5zQ+jhdDlDq4vRd
dEx10M8X0bwuewdW0BADBrkpDyUd5ak9Nga++Avz1Kyn2xJ7Jg7u7NMCz/OJ/2ea
hFEmzjot1F/EfhFdqXZ1cgXzvSr2/9K6AZkn0pRGf2M0zodMPW82/TFMQAK49rnE
cm4KmLWapPJV3jWRWp1Sw7b67Z620q6b5UH5+cHiFmtyh+VZdJ2UO5kzV2bzVIhv
TS4GbO6+kYujwHXdF8P58cs5vHLFi0iUeVclusvYv0dK7rSNKbnyW9w5OwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGcH8geTLZhLSlVjVJL3yraBjYwAMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRmNTY2ZDE5LWNlNzMtNDBmZC05NDFjLTM1NmIyMzM3ZDMyMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9IhAMA0GCSqGSIb3DQEBCwUAA4IBAQC4KZx1uGO8l4SkkYD9
N08oLa4DPZjp0moxZfIF888rgg6uNQspf010JA9SFg2Hylj7gFCJOu8s8p4tULIv
lTYMHcIF+NcpPUZDdMhOuU1yVyh3FrAa734EzaG4HumbkRxMUDm/SVxo3dkPpDi8
1ypHShr4yyG2pxa69XOsuXUm0GLO3rP7nUBVWg04gUvas9RpLcRH/svSVCi6bAIL
IQXyh7usyaIcLEoCKTMPj//ecKeTiLcDux5eOH6igjQdjr+R0PXZnjPAnkAG0ryC
JzO+h+ZMsRbILQKXFztE+03XIiu/91oY1TRpmvlHZJtqSAcvxy3CsQeuvKJtIs6D
LvIs
-----END CERTIFICATE-----
Generated at Sun May 11 20:11:13 2025 by rpki-client