Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa
File: 61c0a164-da93-428a-bae0-35d34ec93555.roa (raw, json)
Hash identifier: gHwLAb3YBU2iA8kWdrC4sOavWyYjk8hZXfX3oV+HDpI=
Subject key identifier: C5:B3:60:87:C1:C7:C7:FC:05:E2:44:12:21:1D:BB:8E:16:AE:EB:F0
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 138712A0ECFB43B97C303DFB770D788A4F55D86C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da1a:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:87:12:a0:ec:fb:43:b9:7c:30:3d:fb:77:0d:78:8a:4f:55:d8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=158c6ae5150f9c8d08eec8d0d435ad800e5591679277dff8942077f8e80bf243, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f5:28:33:e2:0b:a6:6a:d5:f6:0b:61:1c:4c:
4f:71:5e:a4:6e:d3:e1:7b:81:d3:a5:f3:8c:14:bf:
67:0a:08:bf:ec:f0:ee:2b:59:f9:67:5e:c6:44:4a:
06:ca:6e:7e:a0:aa:b0:d6:ee:6b:f7:ec:a9:ff:61:
9d:4f:63:9a:f5:bf:d1:7f:17:31:27:b1:75:a9:2e:
32:70:18:d6:92:f0:fc:53:a8:fc:f5:60:da:16:ee:
9f:e7:88:7d:ff:70:df:31:97:64:97:ff:9f:d9:9d:
93:7a:f9:b6:7f:4f:63:71:63:54:ca:57:bd:89:df:
0c:cd:39:b1:98:7c:4d:4c:d6:60:13:d2:6e:d4:36:
90:57:31:1d:30:d7:47:5b:0f:16:0d:e7:9c:61:33:
22:3c:65:00:e2:11:76:9e:58:3b:12:c3:4a:c4:20:
00:2f:2f:04:d9:5e:bd:cf:3d:8e:23:a6:8e:36:19:
57:b1:ba:99:23:bb:97:31:43:3f:2a:e0:52:ab:ea:
96:e0:10:70:ee:0b:cf:6a:18:22:5c:66:60:07:84:
8c:42:2a:00:47:75:e1:bf:e2:36:9c:95:1b:12:11:
8b:35:66:f7:fc:7f:d9:f5:a3:f0:d3:9f:7d:be:38:
92:5e:15:7d:1b:63:3e:d7:a7:3a:5d:5d:cb:04:47:
61:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B3:60:87:C1:C7:C7:FC:05:E2:44:12:21:1D:BB:8E:16:AE:EB:F0
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da1a:400::/38
Signature Algorithm: sha256WithRSAEncryption
54:7a:4b:5d:94:8b:a7:e5:1e:bf:89:54:fd:89:d3:b3:d1:95:
b8:2e:34:a3:11:33:69:65:bf:14:56:89:06:4b:b8:3b:57:d6:
f2:f3:5e:02:3e:83:48:7b:6b:16:29:ce:b3:e2:c9:ce:f9:f6:
5f:ec:04:3d:57:5c:4d:95:f0:6f:24:88:f5:03:77:e0:ca:d5:
7a:57:c9:c4:10:fc:77:fc:37:1b:f5:a1:1d:da:59:83:5c:fb:
b3:84:fb:9a:67:1c:96:e7:5c:ee:24:8f:05:43:13:29:d4:c6:
34:ec:a3:bc:82:d2:34:a3:d4:6d:04:43:e9:4c:d0:27:ad:06:
f4:8b:d4:f1:b6:12:0c:a3:95:a2:92:f4:ee:e2:f0:ab:49:b9:
95:17:db:ed:ef:3a:22:36:f0:35:27:71:8b:17:84:23:44:0d:
16:32:59:a2:19:a5:4b:18:97:03:6c:60:40:2c:20:36:1b:45:
28:df:64:f1:44:dc:9e:da:16:55:00:f7:c6:21:fa:c3:5e:e3:
61:85:36:60:ac:ba:1f:56:a0:d4:3f:cd:f6:c3:e8:77:e9:d0:
5e:1b:11:35:61:82:4a:d4:7d:61:7a:aa:94:84:4f:ea:b3:77:
e3:4e:88:66:33:6a:01:bb:cc:04:69:c3:aa:65:42:6d:4a:d0:
80:99:fd:bd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUE4cSoOz7Q7l8MD37dw14ik9V2GwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTU4YzZhZTUxNTBmOWM4ZDA4ZWVj
OGQwZDQzNWFkODAwZTU1OTE2NzkyNzdkZmY4OTQyMDc3ZjhlODBiZjI0MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPUoM+ILpmrV9gthHExPcV6kbtPh
e4HTpfOMFL9nCgi/7PDuK1n5Z17GREoGym5+oKqw1u5r9+yp/2GdT2Oa9b/Rfxcx
J7F1qS4ycBjWkvD8U6j89WDaFu6f54h9/3DfMZdkl/+f2Z2Tevm2f09jcWNUyle9
id8MzTmxmHxNTNZgE9Ju1DaQVzEdMNdHWw8WDeecYTMiPGUA4hF2nlg7EsNKxCAA
Ly8E2V69zz2OI6aONhlXsbqZI7uXMUM/KuBSq+qW4BBw7gvPahgiXGZgB4SMQioA
R3Xhv+I2nJUbEhGLNWb3/H/Z9aPw0599vjiSXhV9G2M+16c6XV3LBEdhlwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMWzYIfBx8f8BeJEEiEdu44WruvwMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYxYzBhMTY0LWRhOTMtNDI4YS1iYWUwLTM1ZDM0ZWM5MzU1NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaGgQwDQYJKoZIhvcNAQELBQADggEBAFR6S12Ui6flHr+JVP2J
07PRlbguNKMRM2llvxRWiQZLuDtX1vLzXgI+g0h7axYpzrPiyc759l/sBD1XXE2V
8G8kiPUDd+DK1XpXycQQ/Hf8Nxv1oR3aWYNc+7OE+5pnHJbnXO4kjwVDEynUxjTs
o7yC0jSj1G0EQ+lM0CetBvSL1PG2EgyjlaKS9O7i8KtJuZUX2+3vOiI28DUncYsX
hCNEDRYyWaIZpUsYlwNsYEAsIDYbRSjfZPFE3J7aFlUA98Yh+sNe42GFNmCsuh9W
oNQ/zfbD6Hfp0F4bETVhgkrUfWF6qpSET+qzd+NOiGYzagG7zARpw6plQm1K0ICZ
/b0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:21 2025 by rpki-client