Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74eae580-d878-4c03-9f29-3a263b955b28.roa
File: 74eae580-d878-4c03-9f29-3a263b955b28.roa (raw, json)
Hash identifier: j1qS2hr9OLD9nh6kaQXz8hel2ybHaJ4nyimC6PQz5to=
Subject key identifier: CE:61:E5:87:F4:2A:10:7E:73:44:F6:88:79:A8:D0:41:AD:B6:86:FE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3FA279520D20442C946C261DED6EAE03DD5C9F86
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74eae580-d878-4c03-9f29-3a263b955b28.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab9:c800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:a2:79:52:0d:20:44:2c:94:6c:26:1d:ed:6e:ae:03:dd:5c:9f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c4b8de24ded2096a1dcd5208ae6ca754b9c4cdf15abcdfb038e8ade8757e576c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:ac:b7:cf:d9:7d:6e:41:c4:c6:d1:f5:ec:
61:15:9c:cb:e4:f5:59:c0:a1:ff:fd:6b:c2:16:3b:
4a:0b:1b:ae:2a:aa:e4:7f:36:7c:8b:13:bd:f7:d1:
b2:f4:6c:42:66:6c:86:17:18:e0:29:12:57:74:cb:
b3:c6:3f:17:9e:56:95:bb:0f:0b:57:19:06:a2:b7:
8e:1c:a0:5f:e1:21:fa:20:45:99:66:86:e0:f5:92:
b3:0b:7f:b5:b3:45:31:9d:cf:28:5e:80:27:4a:88:
91:9b:6c:f7:1f:2d:7e:cc:6b:9e:64:0a:94:08:8e:
79:53:a3:0d:29:0d:0c:6c:4f:49:d3:88:b2:59:de:
68:6c:ae:0b:cf:44:3b:cd:e7:b5:6e:2b:21:0e:a5:
46:33:4f:0d:ab:79:b9:41:48:12:44:2e:75:8a:4b:
ed:ce:de:f8:e0:55:ea:4b:06:20:f8:2d:d5:8f:d1:
75:38:48:c6:f0:7f:2e:be:23:22:aa:0d:8b:25:85:
ac:fa:f3:01:dd:32:0b:95:4e:28:2c:bb:84:a5:fa:
c0:ab:fc:ee:57:b1:d8:9b:7a:0e:45:c9:46:eb:76:
89:1d:6b:ed:53:06:b1:06:fb:46:e9:17:bb:be:52:
3e:76:a1:c6:59:55:a6:e5:87:9b:46:73:54:cc:82:
4f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:61:E5:87:F4:2A:10:7E:73:44:F6:88:79:A8:D0:41:AD:B6:86:FE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74eae580-d878-4c03-9f29-3a263b955b28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab9:c800::/40
Signature Algorithm: sha256WithRSAEncryption
94:4a:64:5a:ff:03:e3:1d:23:49:79:e4:3d:e4:9d:dd:11:42:
0f:7c:16:80:fd:76:78:14:bb:2d:b3:25:88:86:17:8a:f6:56:
79:4c:7b:e9:e3:7c:13:a5:3e:6b:b4:c2:66:f9:9d:2e:a4:eb:
ed:1e:2b:c9:d1:a9:43:04:8c:55:74:6d:ad:f7:b0:4b:32:6d:
f1:08:68:f3:a9:b8:09:ea:5a:24:98:fb:47:df:9c:9c:46:39:
24:7c:32:44:2c:84:3f:f8:c8:db:47:a9:4a:82:04:4b:c5:0a:
32:95:5d:2d:d6:d9:8d:54:af:d5:57:2a:ca:44:75:8e:30:1a:
8f:f0:72:eb:9d:3c:98:90:cb:32:9d:19:68:cc:64:45:b8:04:
56:84:1f:69:bc:3e:14:9d:a4:78:81:cd:67:af:6e:32:cd:f3:
ad:cf:67:6c:bd:dc:fb:75:ab:6e:78:a7:94:27:74:7b:6c:2d:
2a:e6:57:94:6b:aa:36:15:fa:78:6f:97:d1:e2:70:e3:7c:87:
8f:de:81:72:d3:e5:5d:c2:f6:3f:9d:3d:77:55:41:c3:01:bd:
53:3c:9a:2d:fb:25:74:95:69:b8:ae:92:f1:9a:5b:eb:56:15:
48:ef:9b:7b:6c:bd:f1:f7:1e:16:f2:f3:7f:79:ff:82:7c:25:
55:ec:85:e2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUP6J5Ug0gRCyUbCYd7W6uA91cn4YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAYzRiOGRlMjRkZWQyMDk2YTFkY2Q1
MjA4YWU2Y2E3NTRiOWM0Y2RmMTVhYmNkZmIwMzhlOGFkZTg3NTdlNTc2YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTWst8/ZfW5BxMbR9exhFZzL5PVZ
wKH//WvCFjtKCxuuKqrkfzZ8ixO999Gy9GxCZmyGFxjgKRJXdMuzxj8XnlaVuw8L
VxkGoreOHKBf4SH6IEWZZobg9ZKzC3+1s0Uxnc8oXoAnSoiRm2z3Hy1+zGueZAqU
CI55U6MNKQ0MbE9J04iyWd5obK4Lz0Q7zee1bishDqVGM08Nq3m5QUgSRC51ikvt
zt744FXqSwYg+C3Vj9F1OEjG8H8uviMiqg2LJYWs+vMB3TILlU4oLLuEpfrAq/zu
V7HYm3oORclG63aJHWvtUwaxBvtG6Re7vlI+dqHGWVWm5YebRnNUzIJPBwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFM5h5Yf0KhB+c0T2iHmo0EGttob+MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc0ZWFlNTgwLWQ4NzgtNGMwMy05ZjI5LTNhMjYzYjk1NWIyOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaucgwDQYJKoZIhvcNAQELBQADggEBAJRKZFr/A+MdI0l55D3k
nd0RQg98FoD9dngUuy2zJYiGF4r2VnlMe+njfBOlPmu0wmb5nS6k6+0eK8nRqUME
jFV0ba33sEsybfEIaPOpuAnqWiSY+0ffnJxGOSR8MkQshD/4yNtHqUqCBEvFCjKV
XS3W2Y1Ur9VXKspEdY4wGo/wcuudPJiQyzKdGWjMZEW4BFaEH2m8PhSdpHiBzWev
bjLN863PZ2y93Pt1q254p5QndHtsLSrmV5RrqjYV+nhvl9HicON8h4/egXLT5V3C
9j+dPXdVQcMBvVM8mi37JXSVabiukvGaW+tWFUjvm3tsvfH3Hhby8395/4J8JVXs
heI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:47:38 2025 by rpki-client