Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa
File: 73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa (raw, json)
Hash identifier: WkA+VfUqXVbi8pEDGDntrddz/ZxX5q1LH6YJgI/Ym9Q=
Subject key identifier: 6B:44:AC:B3:D5:27:59:03:BC:AC:2F:D2:0C:F3:20:8B:1F:84:E0:FB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3422A08A0150016E2594332A3774C5580786C8E4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:1040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:22:a0:8a:01:50:01:6e:25:94:33:2a:37:74:c5:58:07:86:c8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5f1615f45b2a39e54b900ee7686f90c48208ec97266f8c7c3ed5f8a5255af9a1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:6f:99:aa:07:0d:5a:dc:89:83:7c:29:82:
f9:c2:ce:71:ba:07:5c:f7:06:36:90:bd:c0:4a:80:
08:66:29:c9:64:83:ee:98:d8:ac:ca:be:9a:bd:d4:
28:a8:29:47:db:57:45:b0:31:9a:db:58:3e:24:e5:
95:ff:c8:f0:8f:eb:0f:86:3b:71:44:6d:ca:9d:8d:
ca:87:28:b3:55:bf:05:1f:54:c4:b4:9d:ae:50:89:
f4:56:d3:36:dd:fa:57:97:dd:27:d1:2b:9a:bc:a3:
18:80:31:51:6a:50:d9:9f:98:f0:cc:56:ef:8b:da:
77:6f:7c:13:17:aa:04:92:6b:ad:af:05:96:05:da:
9e:23:b8:dc:ec:1c:5f:26:86:e1:9a:a3:50:bf:25:
1c:74:f7:64:4f:f1:5f:9e:3b:aa:96:b1:24:28:0f:
7c:10:fa:0b:74:01:89:1c:02:c9:8a:5e:a5:32:7b:
8b:58:65:85:ba:b9:76:94:40:58:e0:29:22:2d:78:
e3:c0:03:a0:fc:6f:01:15:65:8d:10:50:bc:a1:ea:
70:3b:46:8b:a8:b5:73:b0:3a:c3:29:a1:07:4f:0e:
8e:a8:08:90:42:c6:48:a7:e7:33:44:8c:59:e2:5b:
ef:d5:30:1b:50:68:6b:1f:e2:01:97:34:e8:e4:a0:
ca:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:44:AC:B3:D5:27:59:03:BC:AC:2F:D2:0C:F3:20:8B:1F:84:E0:FB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:1040::/48
Signature Algorithm: sha256WithRSAEncryption
35:f1:d7:51:ae:e6:fb:a3:c8:0c:a8:65:26:85:72:31:09:ac:
05:fa:15:a5:6e:f3:a1:33:44:e7:d5:63:7a:95:05:10:89:b0:
1d:99:f0:06:11:2c:39:ec:44:fb:18:3d:f6:45:fb:a9:ab:6b:
5b:e0:79:bf:b7:1d:08:3c:b3:2a:80:30:02:e6:e7:50:ec:22:
6e:95:96:a1:00:a9:d1:87:8a:f9:c0:3f:29:c5:9b:7a:e4:e6:
af:ef:bb:0b:7d:da:ff:73:b9:0c:d7:c3:91:e4:fa:a4:bb:48:
55:33:1f:e3:7d:15:fd:1c:b9:97:19:50:f5:b7:8c:5b:ba:bf:
68:c1:8b:3c:af:64:43:54:17:64:51:75:c4:28:da:bd:f8:e2:
8e:93:e9:36:b0:87:9a:b8:eb:37:38:32:e4:6c:cd:ba:ba:15:
e0:bc:ad:c7:73:b7:23:03:30:81:db:62:fd:0b:e4:d0:4f:88:
15:a2:09:f2:fc:b0:ed:82:51:32:e2:b5:92:f6:2e:7a:91:af:
e4:15:a2:47:26:69:ac:9a:cf:1b:b0:83:ee:f5:d8:24:23:62:
be:1b:30:55:80:ef:c4:2a:d1:58:d3:66:72:6f:74:18:5f:78:
aa:9f:e0:0a:99:fa:21:64:ef:df:2e:f7:3b:d0:11:0b:7a:25:
5e:df:ab:e4
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUNCKgigFQAW4llDMqN3TFWAeGyOQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWYxNjE1ZjQ1YjJhMzllNTRiOTAw
ZWU3Njg2ZjkwYzQ4MjA4ZWM5NzI2NmY4YzdjM2VkNWY4YTUyNTVhZjlhMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZVvmaoHDVrciYN8KYL5ws5xugdc
9wY2kL3ASoAIZinJZIPumNisyr6avdQoqClH21dFsDGa21g+JOWV/8jwj+sPhjtx
RG3KnY3KhyizVb8FH1TEtJ2uUIn0VtM23fpXl90n0SuavKMYgDFRalDZn5jwzFbv
i9p3b3wTF6oEkmutrwWWBdqeI7jc7BxfJobhmqNQvyUcdPdkT/FfnjuqlrEkKA98
EPoLdAGJHALJil6lMnuLWGWFurl2lEBY4CkiLXjjwAOg/G8BFWWNEFC8oepwO0aL
qLVzsDrDKaEHTw6OqAiQQsZIp+czRIxZ4lvv1TAbUGhrH+IBlzTo5KDKPQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGtErLPVJ1kDvKwv0gzzIIsfhOD7MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzczYzIyZjQxLTZkNzEtNGI1MS04Y2M2LTJiY2ZmNGZkY2FmNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9BBAMA0GCSqGSIb3DQEBCwUAA4IBAQA18ddRrub7o8gMqGUm
hXIxCawF+hWlbvOhM0Tn1WN6lQUQibAdmfAGESw57ET7GD32Rfupq2tb4Hm/tx0I
PLMqgDAC5udQ7CJulZahAKnRh4r5wD8pxZt65Oav77sLfdr/c7kM18OR5Pqku0hV
Mx/jfRX9HLmXGVD1t4xbur9owYs8r2RDVBdkUXXEKNq9+OKOk+k2sIeauOs3ODLk
bM26uhXgvK3Hc7cjAzCB22L9C+TQT4gVogny/LDtglEy4rWS9i56ka/kFaJHJmms
ms8bsIPu9dgkI2K+GzBVgO/EKtFY02Zyb3QYX3iqn+AKmfohZO/fLvc70BELeiVe
36vk
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:07 2025 by rpki-client