Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69a3a15e-217b-47dc-aafb-8e9dde29170d.roa
File: 69a3a15e-217b-47dc-aafb-8e9dde29170d.roa (raw, json)
Hash identifier: UCZwtWf5wTxykl0NfDK189/SnFabyVlvnf+pYO8D2Lc=
Subject key identifier: 28:03:1E:AE:C2:98:E3:66:94:A5:F2:CA:5D:78:A2:CA:D9:05:62:C1
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3AA4643C4B34A3E5694A00F398F2E6C2727C6704
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69a3a15e-217b-47dc-aafb-8e9dde29170d.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf5:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:a4:64:3c:4b:34:a3:e5:69:4a:00:f3:98:f2:e6:c2:72:7c:67:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=0115bd5019441960c976ca2f6717e6faf0ea7e6fbbadbb8b3cf519a53bbb89bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:4a:4f:72:ab:7a:a9:94:c2:a8:2c:a1:d7:
d6:a2:c0:ce:05:ec:73:ac:36:e1:76:a4:64:7c:63:
7d:ad:99:38:7f:0f:65:62:7a:ab:c2:67:58:1d:52:
b5:b3:5a:f2:45:d8:59:7a:9b:3b:d0:c3:8b:07:10:
98:39:d3:55:5e:b3:43:58:b8:cf:a9:2c:2e:da:4e:
16:05:3c:37:05:ec:ab:f1:8f:36:a3:d2:ff:33:f0:
53:41:12:c0:5f:91:ce:70:15:4f:0e:55:43:3d:99:
0d:76:7e:46:f6:69:64:22:0d:36:49:eb:06:4d:52:
af:6b:12:91:e9:c9:03:fc:9f:65:e1:e8:7e:09:f6:
c4:35:1a:75:94:b2:2d:8a:74:16:66:11:ef:bf:0c:
63:6a:13:e9:cb:62:ec:68:38:d9:65:f2:bc:b0:cc:
5f:b9:8c:35:00:be:09:72:d8:c1:c1:7f:fd:fe:af:
e2:0e:e8:05:d8:4d:12:cd:e1:2f:83:6f:e3:da:b1:
b8:58:1b:13:e8:e4:9e:fb:30:38:81:d5:a5:9f:8b:
09:e1:84:e6:24:b6:18:f0:41:d7:1f:d1:d4:8a:9f:
af:8f:72:ed:7c:9c:07:23:45:76:a2:7c:00:f0:ed:
0e:a6:7b:e7:9f:f2:d3:fc:b4:bc:bf:52:e3:b6:5e:
f9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:03:1E:AE:C2:98:E3:66:94:A5:F2:CA:5D:78:A2:CA:D9:05:62:C1
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69a3a15e-217b-47dc-aafb-8e9dde29170d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf5:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:d8:66:34:2a:09:df:8b:c6:c1:8b:ba:97:70:d2:8b:f9:91:
ce:0a:47:4c:eb:b3:1a:dc:32:45:f8:13:1f:08:e3:25:fb:c6:
19:16:c8:c4:f3:f4:c0:25:93:bf:64:23:5e:e7:1e:2a:ad:c8:
95:e2:2c:90:d0:0f:5a:3b:45:12:f6:e3:ae:1a:b4:97:43:ff:
fc:20:eb:8a:32:42:a0:10:53:7e:2e:6d:66:28:a8:1b:76:1b:
57:35:86:9a:40:3a:bb:02:e1:86:d7:ef:87:9b:79:f0:ec:40:
2f:0c:4f:95:9c:43:c5:6f:ad:7d:64:26:b0:5a:e4:38:21:ee:
6b:2f:52:8c:01:3b:a0:50:75:72:ca:24:ca:bb:29:08:fc:99:
db:27:3d:e7:fb:e7:cc:48:fe:f6:7c:da:6c:2e:83:79:3d:0b:
57:6f:0b:30:f8:a9:1e:37:ba:e0:94:73:19:16:a9:59:cc:fd:
7a:ae:b4:31:ed:70:89:a6:ac:01:73:a7:e4:a9:cc:14:97:75:
46:6e:42:a5:75:78:bc:59:a0:6e:d6:0c:98:cd:ab:41:a3:cd:
b8:bd:bd:bd:d2:cc:10:1e:39:8a:73:c6:ed:61:fd:73:80:0e:
85:1a:89:25:04:c1:f0:57:1b:32:51:80:b3:71:4e:1f:58:91:
19:81:24:dd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOqRkPEs0o+VpSgDzmPLmwnJ8ZwQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNzAwMDAwMFoX
DTI1MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAMDExNWJkNTAxOTQ0MTk2MGM5NzZj
YTJmNjcxN2U2ZmFmMGVhN2U2ZmJiYWRiYjhiM2NmNTE5YTUzYmJiODliZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJZKT3KreqmUwqgsodfWosDOBexz
rDbhdqRkfGN9rZk4fw9lYnqrwmdYHVK1s1ryRdhZeps70MOLBxCYOdNVXrNDWLjP
qSwu2k4WBTw3Beyr8Y82o9L/M/BTQRLAX5HOcBVPDlVDPZkNdn5G9mlkIg02SesG
TVKvaxKR6ckD/J9l4eh+CfbENRp1lLItinQWZhHvvwxjahPpy2LsaDjZZfK8sMxf
uYw1AL4JctjBwX/9/q/iDugF2E0SzeEvg2/j2rG4WBsT6OSe+zA4gdWln4sJ4YTm
JLYY8EHXH9HUip+vj3LtfJwHI0V2onwA8O0Opnvnn/LT/LS8v1Ljtl75dwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCgDHq7CmONmlKXyyl14osrZBWLBMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY5YTNhMTVlLTIxN2ItNDdkYy1hYWZiLThlOWRkZTI5MTcwZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9YAwDQYJKoZIhvcNAQELBQADggEBAC/YZjQqCd+LxsGLupdw
0ov5kc4KR0zrsxrcMkX4Ex8I4yX7xhkWyMTz9MAlk79kI17nHiqtyJXiLJDQD1o7
RRL2464atJdD//wg64oyQqAQU34ubWYoqBt2G1c1hppAOrsC4YbX74ebefDsQC8M
T5WcQ8VvrX1kJrBa5Dgh7msvUowBO6BQdXLKJMq7KQj8mdsnPef758xI/vZ82mwu
g3k9C1dvCzD4qR43uuCUcxkWqVnM/XqutDHtcImmrAFzp+SpzBSXdUZuQqV1eLxZ
oG7WDJjNq0Gjzbi9vb3SzBAeOYpzxu1h/XOADoUaiSUEwfBXGzJRgLNxTh9YkRmB
JN0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:17:11 2025 by rpki-client