Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa
File: 5c92d86f-d096-414c-bd9a-599ba8ca213f.roa (raw, json)
Hash identifier: 2mcmBVR3PgO0yOcrJSld6PMc6WxmslQGdDtgakK1ybI=
Subject key identifier: B7:D7:AE:4B:4F:D9:69:59:0B:A9:98:52:56:D4:74:95:A7:29:D8:1C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3F7A265B07D4523F9922DAD7F4C88517F9DC6766
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7a:26:5b:07:d4:52:3f:99:22:da:d7:f4:c8:85:17:f9:dc:67:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=4b9e33acb48eebeb21e76db4949436f401ebeef24aa512f401055227b9da72c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:70:21:dc:78:ce:a3:25:18:44:5e:e7:e3:33:
ee:e6:c1:36:8b:b2:54:5b:b4:f9:48:b9:51:2e:9e:
4d:91:f3:7e:4e:38:26:cc:bd:53:27:40:fe:51:28:
35:05:30:17:09:fd:c7:2a:6d:76:47:37:f6:0c:83:
81:bd:54:8a:94:dc:59:da:21:57:6b:3c:e0:30:57:
26:fd:43:c5:26:c6:d5:f5:3f:eb:fa:a0:64:7f:00:
1c:b1:df:d8:51:a1:7d:23:9e:fc:21:21:f4:79:84:
91:0b:64:63:71:d8:c6:4e:67:c7:be:fc:0d:a3:97:
ad:7d:24:58:0e:d2:4f:37:00:79:60:12:1f:04:33:
51:77:9a:17:05:d8:11:6c:cb:7f:fd:ca:06:7a:ba:
d1:0f:8f:0d:0a:42:ce:44:a0:00:5e:1f:c3:47:a3:
66:9f:16:bb:47:cf:5c:29:8b:d6:cf:a6:bd:fe:18:
f2:f0:d2:2f:88:0f:6a:77:b6:67:24:e8:ed:d1:8f:
e1:f9:04:07:7f:28:85:c2:82:36:12:74:5b:12:eb:
c4:41:d5:24:e4:30:8a:7f:b2:81:b3:c3:5a:7a:22:
10:9c:f4:2f:b3:3a:78:7d:51:93:f2:fa:17:42:74:
11:d3:73:a4:01:3f:cf:51:6e:fc:b4:7a:ca:24:b4:
09:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D7:AE:4B:4F:D9:69:59:0B:A9:98:52:56:D4:74:95:A7:29:D8:1C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:2800::/40
Signature Algorithm: sha256WithRSAEncryption
25:64:4a:0f:3f:11:76:66:27:f9:1c:f1:d1:5f:38:cc:e2:a7:
b3:95:ab:e3:22:9e:bb:7c:95:27:ae:a3:08:f1:a6:64:12:39:
cd:35:f3:52:b7:a7:a0:9a:70:44:8b:5d:b2:bb:42:3b:62:e1:
3f:f5:94:a7:fc:a7:d9:6d:73:0a:b6:2d:13:06:02:cc:65:1b:
aa:d1:d9:e5:52:95:f3:dc:bd:fd:a9:02:cb:4e:eb:65:05:b0:
b6:16:5a:e6:1e:10:7e:94:a3:77:82:8d:14:a5:2d:29:17:dc:
43:a7:ab:54:b5:ea:9f:8e:60:86:7a:43:5a:b9:05:d4:f3:0b:
42:47:29:6c:52:18:29:71:58:71:f7:74:c3:0b:ba:a1:a4:42:
b9:ff:82:65:8a:e8:e2:58:56:ba:2b:40:22:49:e8:78:00:2d:
be:27:12:2a:2b:59:2b:06:ba:54:fa:20:54:af:1c:98:1f:54:
8f:7b:76:e3:f2:1d:fd:ce:5f:c0:63:bc:ba:3d:99:8d:5c:90:
ae:e1:4c:d0:f4:ec:2d:42:75:af:8b:67:62:a4:1e:39:b3:71:
0f:b8:7c:a4:fc:51:0a:8f:d8:9b:f7:03:a7:37:04:bd:3d:1d:
c8:ad:d0:59:e0:42:31:f8:bd:46:17:a0:35:62:37:4e:a0:6f:
f9:bf:7c:a4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUP3omWwfUUj+ZItrX9MiFF/ncZ2YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANGI5ZTMzYWNiNDhlZWJlYjIxZTc2
ZGI0OTQ5NDM2ZjQwMWViZWVmMjRhYTUxMmY0MDEwNTUyMjdiOWRhNzJjMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nAh3HjOoyUYRF7n4zPu5sE2i7JU
W7T5SLlRLp5NkfN+TjgmzL1TJ0D+USg1BTAXCf3HKm12Rzf2DIOBvVSKlNxZ2iFX
azzgMFcm/UPFJsbV9T/r+qBkfwAcsd/YUaF9I578ISH0eYSRC2RjcdjGTmfHvvwN
o5etfSRYDtJPNwB5YBIfBDNRd5oXBdgRbMt//coGerrRD48NCkLORKAAXh/DR6Nm
nxa7R89cKYvWz6a9/hjy8NIviA9qd7ZnJOjt0Y/h+QQHfyiFwoI2EnRbEuvEQdUk
5DCKf7KBs8NaeiIQnPQvszp4fVGT8voXQnQR03OkAT/PUW78tHrKJLQJ4QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLfXrktP2WlZC6mYUlbUdJWnKdgcMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVjOTJkODZmLWQwOTYtNDE0Yy1iZDlhLTU5OWJhOGNhMjEzZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacCgwDQYJKoZIhvcNAQELBQADggEBACVkSg8/EXZmJ/kc8dFf
OMzip7OVq+Minrt8lSeuowjxpmQSOc0181K3p6CacESLXbK7Qjti4T/1lKf8p9lt
cwq2LRMGAsxlG6rR2eVSlfPcvf2pAstO62UFsLYWWuYeEH6Uo3eCjRSlLSkX3EOn
q1S16p+OYIZ6Q1q5BdTzC0JHKWxSGClxWHH3dMMLuqGkQrn/gmWK6OJYVrorQCJJ
6HgALb4nEiorWSsGulT6IFSvHJgfVI97duPyHf3OX8BjvLo9mY1ckK7hTND07C1C
da+LZ2KkHjmzcQ+4fKT8UQqP2Jv3A6c3BL09Hcit0FngQjH4vUYXoDViN06gb/m/
fKQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:08:46 2025 by rpki-client