Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d5afbd6-8d8c-49a9-bea6-8e8f6b808827.roa
File: 5d5afbd6-8d8c-49a9-bea6-8e8f6b808827.roa (raw, json)
Hash identifier: ct2NZRoI4yYlTRarigm9N9wRkW/L6zj3yiYfu7CGORc=
Subject key identifier: 98:10:EB:4A:94:B6:02:FF:37:53:4B:FC:F7:B9:F6:8A:A9:56:3A:0A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5D129E360785F7858AEDD2E9D23DE6F9C9FC372F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d5afbd6-8d8c-49a9-bea6-8e8f6b808827.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:12:9e:36:07:85:f7:85:8a:ed:d2:e9:d2:3d:e6:f9:c9:fc:37:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=dca18886454a4f784651932f3d0e9ead227903309367b7a3386df269e996383a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cd:eb:e3:22:78:11:47:d6:54:52:1f:d3:b3:
88:fa:2f:79:8e:8f:d9:42:2c:6d:44:ae:33:44:da:
0c:c2:26:70:32:b6:2f:f1:bc:75:30:4d:b7:85:2f:
df:a4:c0:06:27:7d:6b:d1:2e:97:88:89:a2:b5:71:
67:cf:05:79:25:56:31:6d:d3:45:cc:d4:1d:24:37:
aa:79:c2:de:64:b7:49:c8:88:52:13:0f:88:13:e3:
af:c8:d4:ae:4d:dd:41:de:1a:9f:6b:16:ec:52:d6:
51:72:23:07:51:02:54:d8:ef:63:27:a9:bd:a2:d2:
42:e1:7f:01:ef:6c:be:ef:c5:13:4c:25:5c:4c:7f:
ec:13:ef:58:c3:4d:f8:68:71:31:c3:4c:dc:aa:81:
3a:d8:13:4b:0d:0f:ff:2b:e7:72:0f:60:e0:a2:74:
32:e2:b9:c8:df:98:fb:99:ab:de:d4:ac:ea:a8:f8:
13:79:02:05:6a:19:53:fd:f6:95:d3:68:58:e8:53:
9a:ad:62:97:ed:e6:c8:2e:d7:51:26:42:2e:76:01:
1b:3a:db:5c:10:e2:c6:45:c8:3c:f1:61:b8:9d:96:
62:ca:b1:f0:6b:bd:67:a8:6e:b4:52:11:37:ba:d6:
2a:1a:48:e0:ba:93:4c:a0:93:1a:d3:7a:8d:c3:2b:
07:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:10:EB:4A:94:B6:02:FF:37:53:4B:FC:F7:B9:F6:8A:A9:56:3A:0A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d5afbd6-8d8c-49a9-bea6-8e8f6b808827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:840::/46
Signature Algorithm: sha256WithRSAEncryption
bc:d2:2b:1d:37:e2:9b:ec:18:bc:2a:62:af:5b:f4:ef:fb:f4:
ca:43:87:2f:77:4d:c4:eb:a0:1a:b1:06:ce:9b:02:26:57:5d:
e7:51:8c:0f:32:20:0d:2a:eb:2a:45:96:01:93:0a:fe:b1:c9:
45:91:fe:80:c5:3f:86:d1:99:57:4c:10:fa:64:ad:b2:d7:02:
60:7e:e7:6e:7f:cc:48:d6:f6:e6:2a:a8:6d:3f:9a:53:80:05:
78:57:33:f1:9a:3e:e0:8d:8e:4f:b8:5e:4d:1d:e8:a4:ed:a8:
ae:8b:05:80:87:7c:09:5c:5e:a8:c9:2a:cc:99:94:e4:18:8c:
14:25:21:9d:85:20:d1:f2:b6:a9:e4:a0:5f:af:1a:73:e5:3d:
b3:c4:80:14:48:b9:9c:54:3e:8a:0d:20:f7:bb:2d:fa:38:49:
1d:ab:c9:0a:3d:0e:6c:32:c3:91:40:90:51:6b:4a:cd:57:da:
6c:7c:fd:77:43:b1:66:a4:d4:cc:39:56:ed:5f:e2:a0:da:2b:
3e:15:6a:c3:3f:4f:ac:66:64:0a:3f:48:c7:ed:ea:d0:91:3a:
3e:e6:7c:83:80:6f:20:3b:77:63:6d:d6:1c:d3:5a:1c:26:cd:
b2:d6:f4:c8:46:66:bb:48:4e:2e:f4:61:9f:be:7d:34:56:36:
de:e7:21:bb
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUXRKeNgeF94WK7dLp0j3m+cn8Ny8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZGNhMTg4ODY0NTRhNGY3ODQ2NTE5
MzJmM2QwZTllYWQyMjc5MDMzMDkzNjdiN2EzMzg2ZGYyNjllOTk2MzgzYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM3r4yJ4EUfWVFIf07OI+i95jo/Z
QixtRK4zRNoMwiZwMrYv8bx1ME23hS/fpMAGJ31r0S6XiImitXFnzwV5JVYxbdNF
zNQdJDeqecLeZLdJyIhSEw+IE+OvyNSuTd1B3hqfaxbsUtZRciMHUQJU2O9jJ6m9
otJC4X8B72y+78UTTCVcTH/sE+9Yw034aHExw0zcqoE62BNLDQ//K+dyD2DgonQy
4rnI35j7mave1KzqqPgTeQIFahlT/faV02hY6FOarWKX7ebILtdRJkIudgEbOttc
EOLGRcg88WG4nZZiyrHwa71nqG60UhE3utYqGkjgupNMoJMa03qNwysHYwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJgQ60qUtgL/N1NL/Pe59oqpVjoKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVkNWFmYmQ2LThkOGMtNDlhOS1iZWE2LThlOGY2YjgwODgyNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+whAMA0GCSqGSIb3DQEBCwUAA4IBAQC80isdN+Kb7Bi8KmKv
W/Tv+/TKQ4cvd03E66AasQbOmwImV13nUYwPMiANKusqRZYBkwr+sclFkf6AxT+G
0ZlXTBD6ZK2y1wJgfuduf8xI1vbmKqhtP5pTgAV4VzPxmj7gjY5PuF5NHeik7aiu
iwWAh3wJXF6oySrMmZTkGIwUJSGdhSDR8rap5KBfrxpz5T2zxIAUSLmcVD6KDSD3
uy36OEkdq8kKPQ5sMsORQJBRa0rNV9psfP13Q7FmpNTMOVbtX+Kg2is+FWrDP0+s
ZmQKP0jH7erQkTo+5nyDgG8gO3djbdYc01ocJs2y1vTIRma7SE4u9GGfvn00Vjbe
5yG7
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:20:14 2025 by rpki-client