Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa
File: 635b223e-f641-496e-be0c-3d916b763149.roa (raw, json)
Hash identifier: 3InYMW+dgYV5zQlCjxu7wKqup+FAPPkDNf6Od/4tQRM=
Subject key identifier: 64:C3:3E:0C:5E:28:E0:D7:53:CF:5B:AA:97:BD:67:1B:BF:49:36:C4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 343C9590F36398EDDD090EC69D42F817BF95B7C7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da29::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:3c:95:90:f3:63:98:ed:dd:09:0e:c6:9d:42:f8:17:bf:95:b7:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=403a260fb4d98dbd08b15355f9905f2f8b2ab96dc904d14717de01a104f854f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:01:6e:79:b0:c4:aa:26:2c:e9:68:47:c5:75:
53:90:cb:6c:d6:6d:4c:a8:58:b0:e4:3e:d9:53:c6:
fd:96:bb:cf:5e:ff:cf:35:29:fd:06:95:18:66:c5:
01:67:86:18:48:b8:36:85:ed:b7:57:0b:a7:f1:46:
d6:c4:57:25:a3:85:bd:b5:04:3b:11:8a:fa:c2:e2:
51:cc:90:e7:15:fa:87:92:df:fa:f6:22:15:16:e0:
43:39:0d:e7:12:8c:30:a6:93:56:1f:88:f7:0c:eb:
25:bb:6a:7c:67:7d:6f:a3:3f:6e:2a:9d:58:17:41:
89:56:55:b2:31:5b:3c:81:3b:8a:b7:31:af:e6:ce:
cc:05:c1:a3:60:c9:f3:6f:14:7c:93:c0:01:74:0b:
94:b9:1a:6b:cf:73:9e:04:e7:ec:2c:9c:3d:f2:77:
38:14:05:fc:d8:e4:15:06:5e:33:d7:25:6e:fd:34:
c2:4c:e3:55:d3:f9:89:79:eb:4d:a1:eb:e5:eb:16:
a2:97:04:df:30:82:d8:7d:a1:78:08:b1:08:dd:8f:
ad:c3:fd:c0:b6:d9:88:6c:ce:6f:a5:03:59:44:28:
ac:c9:5d:78:8d:70:f5:9d:78:39:b7:3c:8c:52:00:
61:b2:6c:c7:ea:e6:79:5d:b0:9c:19:a6:87:b9:1e:
94:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C3:3E:0C:5E:28:E0:D7:53:CF:5B:AA:97:BD:67:1B:BF:49:36:C4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da29::/36
Signature Algorithm: sha256WithRSAEncryption
13:c2:a5:d9:46:c7:c7:fe:5e:2c:6e:f9:30:ae:fc:64:21:ec:
8d:2b:3f:26:3d:bf:d6:1f:5f:b6:c6:b2:53:be:dc:27:24:71:
37:40:7f:40:17:7b:b1:97:0b:92:0c:69:f4:bd:54:79:a7:1a:
e0:4d:d6:27:b6:ca:7c:5c:41:42:cb:8f:9d:08:2f:08:97:1a:
ff:55:8a:59:c0:8b:b9:9e:c1:df:12:4b:e7:ac:db:86:96:69:
13:4a:66:8d:87:ac:07:e7:46:07:1b:41:b6:bc:3a:bb:e7:6d:
38:d5:10:77:be:8d:8d:cd:bd:26:e1:19:16:cd:a2:bb:59:1e:
bc:24:c1:9e:69:36:19:a0:a6:a9:a8:f8:8c:1b:33:d9:de:40:
58:9b:ff:02:84:c4:12:88:ca:b8:4c:39:78:9f:1e:1a:2f:f8:
c1:92:47:a5:be:09:2f:a7:53:60:9d:22:5a:11:00:f9:01:14:
8b:d2:0d:c1:fe:cf:1d:21:92:86:e6:ff:f0:1f:72:50:53:3e:
70:a4:d3:9a:60:27:6b:f9:be:8a:fa:d0:3d:ec:9f:87:de:41:
30:24:42:a3:00:29:34:26:07:78:53:2f:9d:be:47:69:d0:cb:
92:0d:c9:63:d0:38:0f:c7:81:68:3f:eb:2a:62:38:a6:2f:46:
cf:0b:92:d7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNDyVkPNjmO3dCQ7GnUL4F7+Vt8cwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNzAwMDAwMFoX
DTI1MDMwMzIzNTk1OVowejFJMEcGA1UEBRNANDAzYTI2MGZiNGQ5OGRiZDA4YjE1
MzU1Zjk5MDVmMmY4YjJhYjk2ZGM5MDRkMTQ3MTdkZTAxYTEwNGY4NTRmODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogFuebDEqiYs6WhHxXVTkMts1m1M
qFiw5D7ZU8b9lrvPXv/PNSn9BpUYZsUBZ4YYSLg2he23Vwun8UbWxFclo4W9tQQ7
EYr6wuJRzJDnFfqHkt/69iIVFuBDOQ3nEowwppNWH4j3DOslu2p8Z31voz9uKp1Y
F0GJVlWyMVs8gTuKtzGv5s7MBcGjYMnzbxR8k8ABdAuUuRprz3OeBOfsLJw98nc4
FAX82OQVBl4z1yVu/TTCTONV0/mJeetNoevl6xailwTfMILYfaF4CLEI3Y+tw/3A
ttmIbM5vpQNZRCisyV14jXD1nXg5tzyMUgBhsmzH6uZ5XbCcGaaHuR6UZwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGTDPgxeKODXU89bqpe9Zxu/STbEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYzNWIyMjNlLWY2NDEtNDk2ZS1iZTBjLTNkOTE2Yjc2MzE0OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaKQAwDQYJKoZIhvcNAQELBQADggEBABPCpdlGx8f+Xixu+TCu
/GQh7I0rPyY9v9YfX7bGslO+3CckcTdAf0AXe7GXC5IMafS9VHmnGuBN1ie2ynxc
QULLj50ILwiXGv9VilnAi7mewd8SS+es24aWaRNKZo2HrAfnRgcbQba8OrvnbTjV
EHe+jY3NvSbhGRbNortZHrwkwZ5pNhmgpqmo+IwbM9neQFib/wKExBKIyrhMOXif
Hhov+MGSR6W+CS+nU2CdIloRAPkBFIvSDcH+zx0hkobm//AfclBTPnCk05pgJ2v5
vor60D3sn4feQTAkQqMAKTQmB3hTL52+R2nQy5INyWPQOA/HgWg/6ypiOKYvRs8L
ktc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:26:09 2025 by rpki-client