Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/561b2653-251b-4a06-91e6-d8a55b1ccb18.roa
File: 561b2653-251b-4a06-91e6-d8a55b1ccb18.roa (raw, json)
Hash identifier: 8B1JDFRDqzVWg275kM65IOFWl9feEGhX9Ee4UdoBFUg=
Subject key identifier: 24:3B:E0:DC:26:CF:A0:AE:90:EF:D0:D2:8D:61:B7:E8:70:6D:0D:15
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 46AA25859D9D7D175C1FF09A9F3CEAE97B23BD8C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/561b2653-251b-4a06-91e6-d8a55b1ccb18.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da32:8800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:aa:25:85:9d:9d:7d:17:5c:1f:f0:9a:9f:3c:ea:e9:7b:23:bd:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f52268fc1e4478993c930d9fc525d7e424e6c0897f32539db4ef128272d23257, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2a:dd:64:06:1f:5d:d8:ed:12:40:88:9f:fc:
e8:33:f6:f5:61:5c:eb:44:2d:f8:e4:94:4d:83:1b:
f0:eb:7c:36:40:32:76:46:9d:b7:2f:a2:1a:d9:af:
a7:e0:d9:d2:3c:a0:ad:c1:f6:0c:5e:ed:5e:a3:fb:
5f:e4:39:39:cb:4e:4d:f5:68:0c:0a:4e:af:6d:e0:
67:fd:bf:fa:40:5b:b7:0d:e6:49:73:fd:43:85:23:
11:63:b4:bd:7b:78:45:0b:93:47:51:b1:d9:05:d3:
a3:b4:41:47:01:ca:e8:fc:75:6b:b0:35:34:a7:01:
0d:d4:84:76:cc:9b:bb:07:73:a7:4a:a2:38:de:8b:
34:90:ad:50:40:39:54:50:8f:4f:f4:c5:19:92:f4:
39:98:74:1e:cf:31:7c:31:0c:e0:68:32:96:5e:dd:
cd:1d:b9:1e:e1:1e:3e:f8:08:4b:45:b8:d4:14:66:
f6:1e:2b:40:59:9b:46:45:39:41:25:1a:05:70:2a:
a6:6a:43:ff:04:2b:81:c9:b7:74:2d:b5:93:8f:17:
d9:cd:16:c3:22:0a:e3:f8:1c:5e:7f:53:83:d9:0e:
d1:c6:b8:46:5a:78:38:7d:62:c4:d3:1e:d1:fe:36:
70:0d:d9:19:ea:c4:bb:c0:c3:39:d1:48:54:b6:33:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3B:E0:DC:26:CF:A0:AE:90:EF:D0:D2:8D:61:B7:E8:70:6D:0D:15
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/561b2653-251b-4a06-91e6-d8a55b1ccb18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da32:8800::/40
Signature Algorithm: sha256WithRSAEncryption
78:be:bc:b8:b4:a5:10:5f:86:4b:ac:12:2c:2b:10:17:6f:5c:
53:2f:32:8c:31:5a:36:50:e7:d5:28:77:08:98:07:a2:bc:01:
78:73:c6:68:fb:47:e9:2e:f6:05:35:ba:99:fb:5a:53:1d:bb:
a1:96:bd:4e:3a:5b:9a:8f:4e:eb:c7:fb:ad:10:1c:f5:c1:30:
9a:a0:6a:32:c0:ce:86:89:c8:7b:b6:54:0f:8b:20:77:0d:ee:
ad:b1:47:30:48:1d:38:ef:57:94:1a:bf:0a:51:60:70:3a:b2:
ad:06:f1:eb:27:2c:50:ed:86:2d:fd:ab:1a:ca:3c:67:fa:20:
ca:29:0a:59:85:9e:2d:a2:30:dd:8a:90:38:a5:f2:e6:b4:af:
b3:5b:2b:e1:be:e4:2f:e0:5e:92:03:cf:f2:5a:cc:ae:8c:5f:
8d:88:0b:28:c9:2d:cf:bf:19:1d:0f:8a:ee:dc:25:9d:c2:a1:
e2:3d:bb:b4:1c:2d:85:77:65:07:44:4d:4a:07:70:c3:4f:bb:
3b:1f:7b:78:ab:26:e9:bd:39:6f:61:b6:a0:c8:a0:bd:6c:f0:
64:41:3e:ac:a4:61:03:14:19:13:69:39:02:7f:ab:e6:93:83:
8b:6f:18:30:81:29:5f:0c:30:45:fc:67:49:aa:33:b2:34:45:
04:05:17:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIURqolhZ2dfRdcH/Canzzq6XsjvYwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZjUyMjY4ZmMxZTQ0Nzg5OTNjOTMw
ZDlmYzUyNWQ3ZTQyNGU2YzA4OTdmMzI1MzlkYjRlZjEyODI3MmQyMzI1NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyrdZAYfXdjtEkCIn/zoM/b1YVzr
RC345JRNgxvw63w2QDJ2Rp23L6Ia2a+n4NnSPKCtwfYMXu1eo/tf5Dk5y05N9WgM
Ck6vbeBn/b/6QFu3DeZJc/1DhSMRY7S9e3hFC5NHUbHZBdOjtEFHAcro/HVrsDU0
pwEN1IR2zJu7B3OnSqI43os0kK1QQDlUUI9P9MUZkvQ5mHQezzF8MQzgaDKWXt3N
Hbke4R4++AhLRbjUFGb2HitAWZtGRTlBJRoFcCqmakP/BCuBybd0LbWTjxfZzRbD
Igrj+Bxef1OD2Q7RxrhGWng4fWLE0x7R/jZwDdkZ6sS7wMM50UhUtjMXpQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCQ74Nwmz6CukO/Q0o1ht+hwbQ0VMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU2MWIyNjUzLTI1MWItNGEwNi05MWU2LWQ4YTU1YjFjY2IxOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMogwDQYJKoZIhvcNAQELBQADggEBAHi+vLi0pRBfhkusEiwr
EBdvXFMvMowxWjZQ59UodwiYB6K8AXhzxmj7R+ku9gU1upn7WlMdu6GWvU46W5qP
TuvH+60QHPXBMJqgajLAzoaJyHu2VA+LIHcN7q2xRzBIHTjvV5QavwpRYHA6sq0G
8esnLFDthi39qxrKPGf6IMopClmFni2iMN2KkDil8ua0r7NbK+G+5C/gXpIDz/Ja
zK6MX42ICyjJLc+/GR0Piu7cJZ3CoeI9u7QcLYV3ZQdETUoHcMNPuzsfe3irJum9
OW9htqDIoL1s8GRBPqykYQMUGRNpOQJ/q+aTg4tvGDCBKV8MMEX8Z0mqM7I0RQQF
FxU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:36:29 2025 by rpki-client