Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55168c3f-59f5-4c4b-bf1f-3d712c6a85cc.roa
File: 55168c3f-59f5-4c4b-bf1f-3d712c6a85cc.roa (raw, json)
Hash identifier: qnIraJPCfb8Zt1Dc3tmBmBw7KpzNeZe/hWanVIWn3PY=
Subject key identifier: F4:76:BB:53:7E:18:29:73:2B:3B:26:E4:31:9C:11:DA:CB:38:96:6D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5AFCEDDB5BED347BF02AAE85AB903452E58F1773
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55168c3f-59f5-4c4b-bf1f-3d712c6a85cc.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:4040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:fc:ed:db:5b:ed:34:7b:f0:2a:ae:85:ab:90:34:52:e5:8f:17:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2bd54d91a68fd7eed08b07aaeab30f7c515c2fb47a01284d3fe730b13b20bb03, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d5:fc:ce:32:0c:8e:d9:0f:e9:67:22:aa:20:
8a:a9:74:d7:e0:2e:87:66:58:45:00:22:8d:7b:2b:
dc:a7:d4:cf:a4:89:9b:49:02:5e:54:87:e9:dc:de:
99:33:da:d7:9f:18:4a:6a:0d:6f:c0:f3:60:d4:80:
aa:cc:d3:49:8d:8e:30:48:f9:94:84:35:b5:32:c4:
b9:33:af:d7:2c:c2:2c:8f:35:8f:c0:3b:49:d3:ec:
0c:78:12:ee:65:ec:b2:54:f0:82:8c:a9:8f:f4:43:
aa:9b:36:3f:33:f2:91:9f:f5:dc:e7:f6:0d:cf:62:
d3:9e:1b:f0:1c:cd:b2:f0:44:38:8a:47:49:a3:96:
27:3e:32:fd:00:3d:ca:9a:fc:9a:59:8f:11:77:e9:
e0:6f:61:85:ec:a8:d7:27:76:03:12:15:01:29:a5:
59:28:6c:9a:32:a4:84:ae:0f:59:54:68:d3:d4:ad:
df:48:6a:65:fd:1b:48:6b:c1:b6:22:91:85:31:83:
49:4a:a2:28:b6:d6:e5:6a:d7:c6:94:e0:30:3e:e1:
51:3e:cf:79:44:5b:01:76:7b:e4:35:08:a0:45:fd:
a9:6c:d6:5d:da:58:f2:bf:ed:0f:a2:de:91:c6:7f:
fd:23:61:bd:4b:cb:82:da:df:b5:83:07:2b:93:3b:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:76:BB:53:7E:18:29:73:2B:3B:26:E4:31:9C:11:DA:CB:38:96:6D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55168c3f-59f5-4c4b-bf1f-3d712c6a85cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:4040::/48
Signature Algorithm: sha256WithRSAEncryption
63:da:5a:ca:bd:31:34:a9:fb:9e:9d:37:c6:ae:cf:bf:37:b7:
fd:d3:6c:de:93:9c:fb:b6:c5:03:26:54:ef:52:f0:ea:ac:87:
23:7b:5f:92:e0:ce:c8:47:20:7a:76:19:07:0b:1c:f7:cd:fc:
38:27:b0:e9:38:7b:3a:3e:91:2a:cc:0a:74:bb:8e:58:38:35:
0b:ed:7d:3a:cd:6d:ed:01:c1:44:16:8b:57:88:19:c2:15:75:
88:0b:cb:17:9d:93:0a:d6:22:ec:c2:75:3d:2a:c3:04:49:f0:
83:68:e3:be:92:e5:e0:60:64:63:77:46:77:7b:a9:4c:1f:6d:
33:f5:6a:6e:55:30:ed:49:f4:fa:27:15:66:42:4c:01:77:da:
53:68:a2:5b:97:46:d4:3f:05:1a:f7:5c:d5:57:0a:36:8b:40:
02:79:d0:8c:1c:e4:a8:62:5b:b6:2b:c6:51:1c:43:05:68:7d:
11:8b:8e:05:87:0a:de:c6:05:a3:ff:4b:ba:21:b5:83:70:3f:
ce:ec:2c:d5:8d:32:81:97:2a:ed:27:e8:1b:c9:e6:3a:09:86:
95:42:5f:0f:ad:9a:7f:a8:69:37:1f:66:0e:9d:b9:63:f1:88:
e3:58:92:9d:13:a3:ee:34:5f:da:c8:52:17:82:4d:60:27:23:
d1:55:a2:8b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWvzt21vtNHvwKq6Fq5A0UuWPF3MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMmJkNTRkOTFhNjhmZDdlZWQwOGIw
N2FhZWFiMzBmN2M1MTVjMmZiNDdhMDEyODRkM2ZlNzMwYjEzYjIwYmIwMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tX8zjIMjtkP6WciqiCKqXTX4C6H
ZlhFACKNeyvcp9TPpImbSQJeVIfp3N6ZM9rXnxhKag1vwPNg1ICqzNNJjY4wSPmU
hDW1MsS5M6/XLMIsjzWPwDtJ0+wMeBLuZeyyVPCCjKmP9EOqmzY/M/KRn/Xc5/YN
z2LTnhvwHM2y8EQ4ikdJo5YnPjL9AD3KmvyaWY8Rd+ngb2GF7KjXJ3YDEhUBKaVZ
KGyaMqSErg9ZVGjT1K3fSGpl/RtIa8G2IpGFMYNJSqIottblatfGlOAwPuFRPs95
RFsBdnvkNQigRf2pbNZd2ljyv+0Pot6Rxn/9I2G9S8uC2t+1gwcrkzuS3QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPR2u1N+GClzKzsm5DGcEdrLOJZtMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU1MTY4YzNmLTU5ZjUtNGM0Yi1iZjFmLTNkNzEyYzZhODVjYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8kBAMA0GCSqGSIb3DQEBCwUAA4IBAQBj2lrKvTE0qfuenTfG
rs+/N7f902zek5z7tsUDJlTvUvDqrIcje1+S4M7IRyB6dhkHCxz3zfw4J7DpOHs6
PpEqzAp0u45YODUL7X06zW3tAcFEFotXiBnCFXWIC8sXnZMK1iLswnU9KsMESfCD
aOO+kuXgYGRjd0Z3e6lMH20z9WpuVTDtSfT6JxVmQkwBd9pTaKJbl0bUPwUa91zV
Vwo2i0ACedCMHOSoYlu2K8ZRHEMFaH0Ri44FhwrexgWj/0u6IbWDcD/O7CzVjTKB
lyrtJ+gbyeY6CYaVQl8PrZp/qGk3H2YOnblj8YjjWJKdE6PuNF/ayFIXgk1gJyPR
VaKL
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:28 2025 by rpki-client