Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa
File: 52887821-8ea1-4c00-aade-d864665119f4.roa (raw, json)
Hash identifier: syJ6eNc/ANBFI2fsSEkwGCBXoGV6U1tx9QMntRKpSxc=
Subject key identifier: 34:CE:33:DB:D8:61:87:2B:36:63:7E:AE:29:A5:6F:FB:9E:0F:F6:7E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2DE24282A79A7288DACA47C79E7B13348181817B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da11:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:e2:42:82:a7:9a:72:88:da:ca:47:c7:9e:7b:13:34:81:81:81:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e3349ce14c86ddf3bb642848dd64d0f85cac9242b7b95dd5b8cdfaaabb01c01b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:97:1a:74:2e:98:bb:05:5c:d1:96:03:1c:
a2:7d:79:08:c5:68:e2:11:77:0e:05:e1:0c:ab:9b:
9c:0a:42:e4:9b:61:3e:7a:24:8b:85:73:54:10:dd:
33:0e:61:45:37:da:e3:3f:5a:d6:58:f1:c4:d5:0e:
19:50:60:37:ad:b9:d6:0d:e6:6b:39:18:39:f1:b3:
00:e9:2c:f2:e4:1e:c0:18:d6:3e:fa:44:1b:b8:56:
01:20:d6:a3:89:b6:5e:a7:65:e9:56:5d:fe:5e:f4:
0f:e7:3c:8a:39:0f:59:82:13:a9:dc:fb:dc:53:d2:
5c:66:7b:ab:6c:1b:bc:06:a5:ba:74:61:f3:76:3b:
e1:ee:19:91:16:d9:af:28:c4:a7:a8:1f:d8:32:2d:
68:d4:10:39:97:8a:0b:12:5f:f2:52:71:ef:6f:c3:
8f:94:3b:2e:57:ed:47:18:91:5a:1c:0c:e3:b2:21:
5e:96:71:6b:d4:3b:c8:60:39:28:be:24:32:cc:1c:
54:24:d9:2c:6c:24:d6:dd:e0:5c:54:c7:d8:fa:90:
c9:45:64:14:dc:39:bf:85:a3:41:60:90:b9:2a:e8:
27:34:dc:d2:4e:79:c2:25:0f:20:a7:0e:83:d4:7f:
fc:ca:d2:3b:c1:97:62:1a:8d:99:0a:f0:fa:6f:4e:
74:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CE:33:DB:D8:61:87:2B:36:63:7E:AE:29:A5:6F:FB:9E:0F:F6:7E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da11:400::/38
Signature Algorithm: sha256WithRSAEncryption
84:4e:c4:a3:9f:41:74:f5:76:1e:8c:12:8f:43:3f:fa:10:ea:
85:11:ed:26:ea:6d:9d:11:fd:76:0b:37:ac:4a:19:d7:3d:8a:
72:2c:19:f8:3e:72:a8:23:26:84:b8:e8:85:dc:52:0f:0e:fe:
6a:20:7a:00:a0:a5:91:0e:65:da:2e:1d:92:b7:3d:a7:33:ee:
5b:18:28:58:ac:eb:28:5f:05:4a:f1:ad:42:55:0a:da:c2:7c:
c1:94:33:c2:86:66:41:b2:27:cf:64:16:b7:a7:6b:ec:b9:ac:
a1:13:65:5a:6d:79:fd:19:bd:c6:2f:3a:37:54:35:a7:12:2b:
bf:48:ad:f1:6b:06:ff:6a:95:9c:fb:54:fc:d1:c0:4e:ac:df:
55:d3:74:99:a6:96:92:6d:78:ab:77:af:fd:31:cd:b1:ca:a4:
12:07:7c:36:a4:3c:6a:04:65:8d:4f:1b:ec:48:98:e0:b1:56:
9a:5c:00:18:32:4f:ad:8f:7e:b3:2b:95:49:28:a9:53:0e:72:
e6:09:09:5e:a2:43:17:3a:39:3e:13:88:4d:f1:dc:07:8a:c8:
2d:08:63:ed:85:12:72:8d:11:f9:bf:49:49:16:a0:9b:ff:b4:
b4:c2:21:41:aa:b0:cc:e9:4b:91:80:01:2c:4e:aa:75:4a:5b:
4e:93:6d:85
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULeJCgqeacojaykfHnnsTNIGBgXswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZTMzNDljZTE0Yzg2ZGRmM2JiNjQy
ODQ4ZGQ2NGQwZjg1Y2FjOTI0MmI3Yjk1ZGQ1YjhjZGZhYWFiYjAxYzAxYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjKXGnQumLsFXNGWAxyifXkIxWji
EXcOBeEMq5ucCkLkm2E+eiSLhXNUEN0zDmFFN9rjP1rWWPHE1Q4ZUGA3rbnWDeZr
ORg58bMA6Szy5B7AGNY++kQbuFYBINajibZep2XpVl3+XvQP5zyKOQ9ZghOp3Pvc
U9JcZnurbBu8BqW6dGHzdjvh7hmRFtmvKMSnqB/YMi1o1BA5l4oLEl/yUnHvb8OP
lDsuV+1HGJFaHAzjsiFelnFr1DvIYDkoviQyzBxUJNksbCTW3eBcVMfY+pDJRWQU
3Dm/haNBYJC5KugnNNzSTnnCJQ8gpw6D1H/8ytI7wZdiGo2ZCvD6b050YwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDTOM9vYYYcrNmN+rimlb/ueD/Z+MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzUyODg3ODIxLThlYTEtNGMwMC1hYWRlLWQ4NjQ2NjUxMTlmNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaEQQwDQYJKoZIhvcNAQELBQADggEBAIROxKOfQXT1dh6MEo9D
P/oQ6oUR7SbqbZ0R/XYLN6xKGdc9inIsGfg+cqgjJoS46IXcUg8O/mogegCgpZEO
ZdouHZK3Pacz7lsYKFis6yhfBUrxrUJVCtrCfMGUM8KGZkGyJ89kFrena+y5rKET
ZVptef0ZvcYvOjdUNacSK79IrfFrBv9qlZz7VPzRwE6s31XTdJmmlpJteKt3r/0x
zbHKpBIHfDakPGoEZY1PG+xImOCxVppcABgyT62PfrMrlUkoqVMOcuYJCV6iQxc6
OT4TiE3x3AeKyC0IY+2FEnKNEfm/SUkWoJv/tLTCIUGqsMzpS5GAASxOqnVKW06T
bYU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:48:23 2025 by rpki-client