Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa
File: 6018436a-9c1a-42cb-8584-15032be971bb.roa (raw, json)
Hash identifier: yXFTq/tCvgWYuQDoePWfZwgT8FL3sGhGwEAr3qJwHp8=
Subject key identifier: E3:25:B9:24:D5:AC:12:89:BF:2B:D4:7B:7F:EB:0A:53:5A:D3:86:98
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6C60F6D1DD7E9A1F90C8D48D9FDFA7EA856E1FD4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da24::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:60:f6:d1:dd:7e:9a:1f:90:c8:d4:8d:9f:df:a7:ea:85:6e:1f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=492b191460467a79ff951a0556fd816ac8230610477ce8a6feedb6aa2ee55ecd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f4:9a:2d:72:ce:38:77:30:a1:82:8f:f6:e7:
52:14:0a:ff:46:a3:85:f5:1d:e4:9c:e3:5f:6e:20:
d2:53:5d:ee:b7:a9:08:f0:fc:da:3b:a2:44:59:13:
5f:d4:ae:93:a9:4e:6f:54:ae:a3:5c:c3:c5:b1:ef:
ad:44:ef:de:7e:8e:1c:b5:db:85:c2:d5:39:c9:6d:
50:84:e2:04:a7:67:ca:bf:63:0d:62:6a:be:8b:0a:
cb:cf:14:a0:24:0e:16:ea:56:8e:0e:b5:b8:0e:c0:
03:2e:06:da:9c:fc:1a:6e:51:0c:c7:29:e5:68:47:
89:7c:bd:e1:fd:05:8e:7e:12:ce:25:73:c0:40:41:
ea:81:bc:31:7b:97:1b:67:50:fa:b8:98:db:ed:63:
2d:18:e4:ba:d8:cc:3c:1e:fe:fa:7c:1b:a4:53:ec:
e7:57:18:ad:7d:03:3e:d5:d7:26:f3:04:38:c7:dd:
e8:65:20:1e:3b:a6:00:58:9f:9d:19:ee:65:88:d2:
8a:5d:84:b6:6d:15:5d:f3:d8:9b:00:2a:40:66:a4:
03:3c:a9:69:30:69:4a:48:dd:8b:f1:c7:a1:12:db:
41:8a:74:8e:bc:82:0f:c0:d7:4e:fd:33:2e:b0:12:
ba:bc:7b:8e:07:0a:4d:72:76:89:10:b7:c8:19:55:
3e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:25:B9:24:D5:AC:12:89:BF:2B:D4:7B:7F:EB:0A:53:5A:D3:86:98
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da24::/36
Signature Algorithm: sha256WithRSAEncryption
78:1d:55:3c:7e:f4:4c:46:f6:63:a9:bd:c2:6e:23:eb:cf:f4:
67:b2:db:2f:e1:0f:c6:91:28:b7:2e:21:ec:d2:47:b9:d4:a6:
a2:ee:6c:7f:ed:e6:bc:55:15:c4:f9:2c:0a:56:5f:eb:ee:d5:
41:07:2b:bd:88:98:a2:fc:7d:6c:19:22:44:e9:6e:28:40:2e:
d1:fb:57:ea:89:fc:e1:5a:c8:b4:c6:55:c6:b1:c1:77:c8:7e:
36:92:6e:d5:c6:72:f1:39:d9:61:8a:dc:09:f5:e1:fa:3d:c4:
4e:15:b6:7e:2d:ed:24:1a:ee:a0:ee:48:95:95:72:c6:2c:8a:
68:87:b2:52:94:aa:ab:80:ad:13:7f:9f:2d:1e:ed:df:55:ae:
6d:b3:07:88:33:c5:bb:20:93:d8:f2:8d:be:e2:49:82:17:9e:
da:ed:00:83:ce:80:76:d8:65:f5:00:45:8c:0c:3a:57:86:5f:
0c:d6:f3:58:39:04:dc:2e:0c:f6:e8:cd:de:bc:a6:ab:82:3e:
84:da:34:4e:85:90:ce:90:26:2d:37:e0:3b:9b:ce:3b:63:66:
ed:38:c5:d7:70:6b:13:87:59:b9:48:9c:5e:c3:14:ff:62:83:
81:2c:bf:e4:d6:ad:f0:8c:f3:66:bd:05:23:32:92:a0:0e:b4:
93:50:b5:50
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbGD20d1+mh+QyNSNn9+n6oVuH9QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNzAwMDAwMFoX
DTI1MDMwMzIzNTk1OVowejFJMEcGA1UEBRNANDkyYjE5MTQ2MDQ2N2E3OWZmOTUx
YTA1NTZmZDgxNmFjODIzMDYxMDQ3N2NlOGE2ZmVlZGI2YWEyZWU1NWVjZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vSaLXLOOHcwoYKP9udSFAr/RqOF
9R3knONfbiDSU13ut6kI8PzaO6JEWRNf1K6TqU5vVK6jXMPFse+tRO/efo4ctduF
wtU5yW1QhOIEp2fKv2MNYmq+iwrLzxSgJA4W6laODrW4DsADLgbanPwablEMxynl
aEeJfL3h/QWOfhLOJXPAQEHqgbwxe5cbZ1D6uJjb7WMtGOS62Mw8Hv76fBukU+zn
VxitfQM+1dcm8wQ4x93oZSAeO6YAWJ+dGe5liNKKXYS2bRVd89ibACpAZqQDPKlp
MGlKSN2L8cehEttBinSOvIIPwNdO/TMusBK6vHuOBwpNcnaJELfIGVU+DwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOMluSTVrBKJvyvUe3/rClNa04aYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYwMTg0MzZhLTljMWEtNDJjYi04NTg0LTE1MDMyYmU5NzFiYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaJAAwDQYJKoZIhvcNAQELBQADggEBAHgdVTx+9ExG9mOpvcJu
I+vP9Gey2y/hD8aRKLcuIezSR7nUpqLubH/t5rxVFcT5LApWX+vu1UEHK72ImKL8
fWwZIkTpbihALtH7V+qJ/OFayLTGVcaxwXfIfjaSbtXGcvE52WGK3An14fo9xE4V
tn4t7SQa7qDuSJWVcsYsimiHslKUqquArRN/ny0e7d9Vrm2zB4gzxbsgk9jyjb7i
SYIXntrtAIPOgHbYZfUARYwMOleGXwzW81g5BNwuDPbozd68pquCPoTaNE6FkM6Q
Ji034DubzjtjZu04xddwaxOHWblInF7DFP9ig4Esv+TWrfCM82a9BSMykqAOtJNQ
tVA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:45 2025 by rpki-client