Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f4586d3-447b-4c16-87c7-c068a92e5e74.roa
File: 5f4586d3-447b-4c16-87c7-c068a92e5e74.roa (raw, json)
Hash identifier: 0oIovTQ6xqpIzT9FqwBNYjMro3txkgL21zN/4rqHQfk=
Subject key identifier: B1:40:2A:A1:5F:CE:BF:C5:69:43:3F:71:06:DE:02:65:3B:5D:D2:1C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 548E4F5F7C9479F8CEE6B4393E221FFEEB6B0EFD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f4586d3-447b-4c16-87c7-c068a92e5e74.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:8e:4f:5f:7c:94:79:f8:ce:e6:b4:39:3e:22:1f:fe:eb:6b:0e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=837729666de8c9fc553eabed3e5e25c5a83be3ef604e5aca5eea6dff35c960ed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:91:ba:f1:f8:8f:9a:68:0a:84:45:10:88:7f:
0a:42:eb:a7:e5:b2:5f:bf:86:13:1c:6b:07:ec:a1:
69:9e:38:df:aa:92:a8:29:3e:be:58:7f:43:e4:4c:
fa:72:44:b6:12:2d:54:2c:31:ee:38:61:e5:23:0f:
49:54:e0:d5:2e:7d:13:fe:c7:e1:56:88:cd:bc:db:
2d:28:2e:1e:1a:27:42:72:9c:06:f4:83:3c:f9:35:
cd:15:98:96:b2:c6:e0:78:7f:02:97:d6:fc:e5:08:
2b:a6:86:a7:a7:ad:5c:ea:7b:29:76:b6:c3:36:f9:
b6:71:59:dc:1d:11:ef:d3:ff:d5:59:63:81:04:06:
18:49:bc:f6:60:04:83:53:80:ea:23:05:25:46:ea:
f0:36:33:16:21:17:99:59:40:9f:6a:ad:54:7e:72:
e3:aa:29:30:05:c6:96:dd:49:48:88:54:17:4d:a6:
eb:33:92:39:5d:6b:32:d5:db:c1:1b:03:5f:7d:1a:
b4:95:a9:3b:54:8a:dc:4d:83:be:c2:eb:74:4e:a0:
8d:94:ff:06:bf:43:8c:0e:31:bf:04:71:80:43:f1:
0b:54:80:fc:1e:8e:9f:53:f8:ab:9f:6e:6a:c8:ab:
3b:a6:a4:35:a0:78:9a:9e:41:2b:d9:89:09:27:6b:
1e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:40:2A:A1:5F:CE:BF:C5:69:43:3F:71:06:DE:02:65:3B:5D:D2:1C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f4586d3-447b-4c16-87c7-c068a92e5e74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:1040::/48
Signature Algorithm: sha256WithRSAEncryption
4b:e0:85:3c:0f:89:20:45:23:83:8b:83:03:e1:1d:5d:a7:d3:
0f:e9:c0:c5:02:b9:36:ca:7e:5d:f2:a3:ca:72:f2:c1:66:98:
98:79:bc:70:8f:7b:3e:46:fe:9e:d6:8f:2f:11:0d:6d:ff:35:
63:07:05:a5:d8:f8:33:2c:c8:02:e0:26:d0:bd:69:d0:db:d5:
b5:0e:3a:7f:cc:5e:dd:de:b2:17:06:a2:7e:9c:6f:63:b2:6e:
30:7b:5c:15:43:89:3d:39:de:0d:fa:db:71:b8:1b:10:0c:d5:
60:b6:f4:ba:f3:ca:ec:e5:21:fb:11:5e:44:cc:33:66:dc:a1:
75:c2:07:a7:d6:37:2e:27:39:d5:05:d4:6d:2d:48:d5:c3:6b:
1a:a2:ef:09:ae:df:b3:f3:a8:b8:71:d9:6f:46:07:93:bd:04:
81:56:a6:bd:5c:50:d6:18:01:4f:35:ce:9c:0f:cf:49:13:47:
ed:ee:ee:63:92:ff:54:8f:d8:12:66:ef:6c:d8:c4:cf:a4:e2:
f7:8a:d0:6a:8e:fb:85:98:a6:a0:35:f9:a3:64:75:61:b4:4a:
2a:d8:14:5a:a5:5a:bf:77:32:20:26:63:67:cd:c8:dd:1e:22:
fa:1a:60:73:0b:29:e2:29:47:56:73:5f:a7:c1:34:3c:24:af:
de:f3:84:65
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUVI5PX3yUefjO5rQ5PiIf/utrDv0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAODM3NzI5NjY2ZGU4YzlmYzU1M2Vh
YmVkM2U1ZTI1YzVhODNiZTNlZjYwNGU1YWNhNWVlYTZkZmYzNWM5NjBlZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZG68fiPmmgKhEUQiH8KQuun5bJf
v4YTHGsH7KFpnjjfqpKoKT6+WH9D5Ez6ckS2Ei1ULDHuOGHlIw9JVODVLn0T/sfh
VojNvNstKC4eGidCcpwG9IM8+TXNFZiWssbgeH8Cl9b85Qgrpoanp61c6nspdrbD
Nvm2cVncHRHv0//VWWOBBAYYSbz2YASDU4DqIwUlRurwNjMWIReZWUCfaq1UfnLj
qikwBcaW3UlIiFQXTabrM5I5XWsy1dvBGwNffRq0lak7VIrcTYO+wut0TqCNlP8G
v0OMDjG/BHGAQ/ELVID8Ho6fU/irn25qyKs7pqQ1oHiankEr2YkJJ2seMwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLFAKqFfzr/FaUM/cQbeAmU7XdIcMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVmNDU4NmQzLTQ0N2ItNGMxNi04N2M3LWMwNjhhOTJlNWU3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8hBAMA0GCSqGSIb3DQEBCwUAA4IBAQBL4IU8D4kgRSODi4MD
4R1dp9MP6cDFArk2yn5d8qPKcvLBZpiYebxwj3s+Rv6e1o8vEQ1t/zVjBwWl2Pgz
LMgC4CbQvWnQ29W1Djp/zF7d3rIXBqJ+nG9jsm4we1wVQ4k9Od4N+ttxuBsQDNVg
tvS688rs5SH7EV5EzDNm3KF1wgen1jcuJznVBdRtLUjVw2saou8Jrt+z86i4cdlv
RgeTvQSBVqa9XFDWGAFPNc6cD89JE0ft7u5jkv9Uj9gSZu9s2MTPpOL3itBqjvuF
mKagNfmjZHVhtEoq2BRapVq/dzIgJmNnzcjdHiL6GmBzCyniKUdWc1+nwTQ8JK/e
84Rl
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:20:34 2025 by rpki-client