Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa
File: 5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa (raw, json)
Hash identifier: w5w4ZestibooNccSWcTkCSiURlLn6yBqjDr2II68Pik=
Subject key identifier: 44:FF:61:17:1F:DB:3F:BA:AA:72:BD:CD:C7:DA:AC:6B:86:20:68:D9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2A17CB978F7D6B91BE1D7FAA9EC9ABAEF8A91E9D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:8800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:17:cb:97:8f:7d:6b:91:be:1d:7f:aa:9e:c9:ab:ae:f8:a9:1e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=36753a072e5992f7d140419ea0d15dbe67f4f528a97924a15684356ea292fe07, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:49:aa:6b:e4:25:53:80:6d:cb:0f:fe:e0:a5:
c2:21:25:56:e4:e3:c3:2f:a9:94:15:cb:8a:24:aa:
13:71:7f:63:76:12:a4:86:14:78:f6:a7:d0:34:94:
9a:72:b0:9e:09:cf:15:8d:e2:3b:2b:b1:9c:77:24:
cf:92:89:bd:4e:d3:6d:79:14:43:b6:98:15:11:04:
81:f0:94:c3:b5:08:79:4b:54:bf:f4:3a:75:2f:26:
9e:e2:c4:c7:47:80:13:77:60:79:2e:70:f4:99:16:
6d:59:97:2b:5a:ac:86:f6:b5:3d:4e:83:ec:b5:64:
4c:3d:fa:80:26:ac:68:81:9a:00:25:51:ab:46:d1:
70:e4:13:dc:45:29:52:0b:a7:56:a3:47:c3:5f:ed:
52:59:11:03:10:c6:c5:a1:95:d6:64:d0:4f:5b:9d:
e5:1d:93:db:53:ac:10:2f:d0:c5:00:9c:15:6d:6b:
8d:ab:f6:02:95:ce:3d:0b:f9:94:27:77:db:6b:88:
33:0e:6c:b5:03:8e:ce:bf:e4:d3:3f:88:a3:01:77:
ab:6b:0a:bc:90:f8:8d:84:b3:c3:2c:17:ab:b3:ca:
c6:ba:f1:6f:6e:13:dd:c3:43:fa:8c:b0:17:f5:2b:
b0:de:9f:82:87:70:c2:5b:e6:0c:1e:25:aa:2a:65:
1a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FF:61:17:1F:DB:3F:BA:AA:72:BD:CD:C7:DA:AC:6B:86:20:68:D9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:8800::/40
Signature Algorithm: sha256WithRSAEncryption
51:85:07:09:24:eb:0f:dd:d8:de:4b:a7:72:5d:e1:bd:a7:e9:
71:ae:c8:9e:5b:3b:ff:49:09:ed:d4:9e:4c:bf:83:6d:67:dd:
22:35:f2:45:1c:fb:11:62:70:15:3d:7e:8f:4d:90:99:c4:8d:
6e:48:62:52:14:cb:25:5e:d2:61:ff:27:37:f6:09:84:b6:47:
ba:54:c5:9d:57:2b:b0:f2:fc:c0:60:bd:86:44:bf:96:3e:a4:
cb:0e:e1:84:8d:35:da:40:4e:e2:24:1f:18:66:ca:e0:6e:8c:
82:c2:d3:d1:38:4f:1e:84:07:c2:ef:54:17:82:6c:48:dd:26:
a8:95:45:d8:a3:6d:a4:86:a7:19:cd:2a:70:c9:8a:47:3e:3a:
61:79:09:66:0a:62:83:c7:28:dd:e9:53:53:ce:c9:99:9e:07:
6f:d2:df:52:e2:94:7b:8a:76:f3:12:85:9a:e6:1b:94:0a:7a:
49:23:01:2a:3f:0c:f0:e0:e8:21:b8:75:95:66:a2:c8:bc:e1:
bd:e3:cc:b6:aa:db:35:78:8f:15:d6:da:35:f9:b1:f9:63:95:
88:a9:70:24:19:32:df:e6:99:7a:88:47:ec:32:49:10:21:76:
5c:df:d9:8b:2e:ea:88:b8:46:5e:97:9e:ac:3a:1b:d7:ab:bb:
ee:9b:51:16
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKhfLl499a5G+HX+qnsmrrvipHp0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMzY3NTNhMDcyZTU5OTJmN2QxNDA0
MTllYTBkMTVkYmU2N2Y0ZjUyOGE5NzkyNGExNTY4NDM1NmVhMjkyZmUwNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0mqa+QlU4Btyw/+4KXCISVW5OPD
L6mUFcuKJKoTcX9jdhKkhhR49qfQNJSacrCeCc8VjeI7K7GcdyTPkom9TtNteRRD
tpgVEQSB8JTDtQh5S1S/9Dp1Lyae4sTHR4ATd2B5LnD0mRZtWZcrWqyG9rU9ToPs
tWRMPfqAJqxogZoAJVGrRtFw5BPcRSlSC6dWo0fDX+1SWREDEMbFoZXWZNBPW53l
HZPbU6wQL9DFAJwVbWuNq/YClc49C/mUJ3fba4gzDmy1A47Ov+TTP4ijAXerawq8
kPiNhLPDLBers8rGuvFvbhPdw0P6jLAX9Suw3p+Ch3DCW+YMHiWqKmUajQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFET/YRcf2z+6qnK9zcfarGuGIGjZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzViMTViOGNjLTAyNmQtNDkwOS05NzZiLWE0OGEyNmZjM2VlMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/4gwDQYJKoZIhvcNAQELBQADggEBAFGFBwkk6w/d2N5Lp3Jd
4b2n6XGuyJ5bO/9JCe3Unky/g21n3SI18kUc+xFicBU9fo9NkJnEjW5IYlIUyyVe
0mH/Jzf2CYS2R7pUxZ1XK7Dy/MBgvYZEv5Y+pMsO4YSNNdpATuIkHxhmyuBujILC
09E4Tx6EB8LvVBeCbEjdJqiVRdijbaSGpxnNKnDJikc+OmF5CWYKYoPHKN3pU1PO
yZmeB2/S31LilHuKdvMShZrmG5QKekkjASo/DPDg6CG4dZVmosi84b3jzLaq2zV4
jxXW2jX5sfljlYipcCQZMt/mmXqIR+wySRAhdlzf2Ysu6oi4Rl6Xnqw6G9eru+6b
URY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:41:42 2025 by rpki-client