Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56a3ec11-278f-484a-aee2-dc1f64294598.roa
File: 56a3ec11-278f-484a-aee2-dc1f64294598.roa (raw, json)
Hash identifier: zG1YP5rkz61EsK6849SJ9igotTgBU/lTmqyj9UH8rbE=
Subject key identifier: 5C:9F:20:65:65:0F:DF:65:9C:0A:00:15:73:81:BE:D0:E5:F3:08:9B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3E7E3A4BBEA8BDF59E1FEA3832040696B315FE5E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56a3ec11-278f-484a-aee2-dc1f64294598.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:4040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:7e:3a:4b:be:a8:bd:f5:9e:1f:ea:38:32:04:06:96:b3:15:fe:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=0580e9713e8566353952a4b0086e34ef8c965e7632ac8d29a10415cfaf1f1b14, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:5a:21:63:ce:aa:60:09:07:de:e8:d0:c5:
f4:4d:3f:09:2c:ba:7a:21:67:d4:84:c7:04:7e:91:
d0:5f:1c:12:b0:7a:f0:5a:09:b7:e3:57:76:73:d9:
7e:82:db:26:6f:4f:98:d9:67:2e:4f:e7:86:c3:7e:
3a:08:9c:33:ed:eb:c2:a4:72:e9:29:76:72:75:5b:
c8:0c:4c:66:1e:c8:18:3f:61:3d:36:ec:5d:49:28:
f1:6a:76:4b:33:e0:ef:4f:e0:e7:09:99:ba:3b:63:
34:8b:3a:07:35:c5:1f:0c:45:96:e7:9c:a5:ce:c7:
84:72:21:56:86:f2:25:ea:b7:e3:24:2c:0e:75:4d:
c1:7c:59:a9:10:70:04:94:0d:82:e9:81:1f:e2:45:
18:77:ab:eb:34:1d:0e:0e:e4:91:ff:68:83:fa:99:
d7:82:0b:c8:70:30:d4:21:f0:21:b7:8c:e3:57:d9:
3b:42:0f:74:72:c2:62:25:94:ff:c9:ed:48:0d:56:
18:a7:b1:99:16:be:9d:bd:5e:14:20:4a:db:91:e1:
60:91:95:39:8a:a3:43:ea:28:70:a3:92:cf:49:ad:
21:b6:69:57:4a:ee:a3:62:f6:27:de:39:c1:b6:54:
55:81:59:af:32:75:59:7f:98:fc:b4:6a:36:91:02:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9F:20:65:65:0F:DF:65:9C:0A:00:15:73:81:BE:D0:E5:F3:08:9B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56a3ec11-278f-484a-aee2-dc1f64294598.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:4040::/46
Signature Algorithm: sha256WithRSAEncryption
4a:1d:9e:7c:6d:6b:5f:17:af:54:24:31:fd:3c:85:06:ee:1f:
70:5e:67:27:ff:4b:fb:1c:5a:20:07:39:2c:20:f8:a4:12:98:
52:25:b9:a1:58:5e:87:79:ec:d1:18:73:ab:bb:2b:96:f0:a7:
10:9d:ba:bd:2d:a0:82:71:66:12:c2:e8:43:c9:9f:6f:91:9d:
b7:2f:e3:76:65:24:4e:2e:48:c8:35:90:3c:cd:ac:ff:e0:d4:
ae:fe:92:a7:30:98:27:ed:dc:2a:cf:e0:67:34:ce:ca:78:2d:
3f:a1:ef:86:24:b1:74:34:56:86:5f:92:14:c3:08:58:51:d6:
76:fd:be:a4:12:8b:aa:91:ca:77:38:a4:d8:43:6c:de:5f:ce:
10:c0:3a:74:ca:d1:eb:ea:38:ca:b7:54:c8:e2:21:3a:f5:8c:
3c:70:36:ab:81:07:6c:af:56:07:6f:ef:56:6a:d9:df:e5:c9:
2f:d9:90:44:0c:f0:27:04:ef:60:73:36:3c:fd:eb:42:28:70:
e1:e3:59:53:0f:e0:50:1c:7f:4a:e1:fa:a0:92:57:14:67:2e:
80:05:27:3b:1c:9c:78:94:8d:f3:23:54:55:01:b8:1c:c3:c8:
e3:39:a0:4f:05:88:e3:a1:14:4e:04:0a:8a:24:e1:e0:38:fd:
58:e1:8d:ac
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUPn46S76ovfWeH+o4MgQGlrMV/l4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMDU4MGU5NzEzZTg1NjYzNTM5NTJh
NGIwMDg2ZTM0ZWY4Yzk2NWU3NjMyYWM4ZDI5YTEwNDE1Y2ZhZjFmMWIxNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1daIWPOqmAJB97o0MX0TT8JLLp6
IWfUhMcEfpHQXxwSsHrwWgm341d2c9l+gtsmb0+Y2WcuT+eGw346CJwz7evCpHLp
KXZydVvIDExmHsgYP2E9NuxdSSjxanZLM+DvT+DnCZm6O2M0izoHNcUfDEWW55yl
zseEciFWhvIl6rfjJCwOdU3BfFmpEHAElA2C6YEf4kUYd6vrNB0ODuSR/2iD+pnX
ggvIcDDUIfAht4zjV9k7Qg90csJiJZT/ye1IDVYYp7GZFr6dvV4UIErbkeFgkZU5
iqND6ihwo5LPSa0htmlXSu6jYvYn3jnBtlRVgVmvMnVZf5j8tGo2kQKf8wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFyfIGVlD99lnAoAFXOBvtDl8wibMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU2YTNlYzExLTI3OGYtNDg0YS1hZWUyLWRjMWY2NDI5NDU5OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba90BAMA0GCSqGSIb3DQEBCwUAA4IBAQBKHZ58bWtfF69UJDH9
PIUG7h9wXmcn/0v7HFogBzksIPikEphSJbmhWF6HeezRGHOruyuW8KcQnbq9LaCC
cWYSwuhDyZ9vkZ23L+N2ZSROLkjINZA8zaz/4NSu/pKnMJgn7dwqz+BnNM7KeC0/
oe+GJLF0NFaGX5IUwwhYUdZ2/b6kEouqkcp3OKTYQ2zeX84QwDp0ytHr6jjKt1TI
4iE69Yw8cDargQdsr1YHb+9Watnf5ckv2ZBEDPAnBO9gczY8/etCKHDh41lTD+BQ
HH9K4fqgklcUZy6ABSc7HJx4lI3zI1RVAbgcw8jjOaBPBYjjoRROBAqKJOHgOP1Y
4Y2s
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:28:14 2025 by rpki-client