Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa
File: 75fce456-5901-4b20-bd6e-e79945bb44d1.roa (raw, json)
Hash identifier: 6+FSkmF671KGURZN4+VMv6nMWHCgfrfxrTjotRWMLRI=
Subject key identifier: 55:19:A9:56:9C:D5:7D:8B:0E:CE:E3:B4:56:1D:A3:12:4F:DF:C4:56
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 729ABACFA56C0D3897BD8F623A237D7CE4083E4E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:a000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:9a:ba:cf:a5:6c:0d:38:97:bd:8f:62:3a:23:7d:7c:e4:08:3e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=f2477d6040ada5680e4f76a26990774468819e5450467e15e3c7d11a1ba052a1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:cc:80:7d:fa:36:5b:ac:5e:72:19:b6:86:e1:
49:86:cc:e3:4d:91:af:56:dc:69:f8:63:f7:32:42:
c7:4c:85:00:f6:90:ac:bd:f7:23:1c:33:d8:ca:94:
42:45:5e:16:82:d0:81:48:e2:fd:3d:13:7a:45:3e:
4d:67:c0:2e:8d:1e:bb:8e:88:76:c3:f2:7c:e0:0f:
2d:2e:6f:f3:f0:1a:e6:c3:24:ae:81:eb:e0:52:d5:
ff:b8:eb:c1:65:bc:8f:95:99:37:13:26:6d:db:af:
56:32:3b:1c:8a:38:6c:b7:7d:b4:2c:2d:62:da:53:
78:50:d4:d5:6b:0d:7c:53:95:4a:4c:44:d6:51:62:
f9:aa:a9:62:10:ed:cb:16:5a:31:a9:1f:25:0e:84:
d5:d8:6e:57:51:87:9f:08:4e:7a:59:b8:e8:8f:c0:
2f:f8:ba:f5:f4:dc:7d:fc:70:d4:e1:b2:78:6b:3a:
fd:7f:18:db:8a:3a:a7:04:25:89:58:2a:46:bc:34:
a6:43:da:5f:3a:4c:fe:4c:a9:91:70:04:a9:8c:fb:
b6:6e:40:29:7e:7f:3d:90:8e:56:a5:e6:51:73:bd:
7e:56:f3:69:f6:8d:a5:d6:77:f1:92:09:0a:9c:fb:
2a:78:6a:e5:a5:b2:61:7f:7d:83:62:be:e2:64:9f:
20:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:19:A9:56:9C:D5:7D:8B:0E:CE:E3:B4:56:1D:A3:12:4F:DF:C4:56
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:a000::/48
Signature Algorithm: sha256WithRSAEncryption
27:87:ee:8b:e9:64:78:09:58:f1:74:3b:f1:e0:5b:e6:63:e2:
c5:2c:93:a0:98:d0:94:0a:0c:1a:f6:61:5b:b4:e7:c6:60:11:
d9:82:c3:c2:2b:e7:20:ae:f8:d0:72:8b:7e:cf:ed:1d:73:f5:
d7:fc:ce:2f:96:b3:f2:36:0d:46:60:9d:b9:1e:4d:1a:10:f1:
94:4e:06:87:12:01:e7:66:be:ec:16:b1:6c:38:40:07:00:02:
fb:53:0a:e2:ea:33:c9:52:e5:60:7f:5e:57:4d:ec:3f:87:3b:
ed:c1:1d:22:23:1a:09:55:ee:3a:b7:bd:06:41:ae:f5:29:f0:
a3:25:a7:33:5c:ca:9b:a1:c0:cc:4a:ff:24:b6:2a:2f:86:24:
f5:3b:41:d4:ab:ad:be:e4:8a:40:e8:d9:6c:e7:9f:25:7c:b6:
b3:a1:c9:b5:76:f3:76:9e:b1:88:8e:84:ed:38:ff:e3:7f:a7:
a6:42:13:28:28:2c:f9:6d:75:8c:f1:aa:a5:78:06:ca:74:2a:
56:e0:5c:ae:26:b3:79:96:42:56:f1:c2:0b:89:d4:38:e5:ec:
f7:a1:67:1a:31:0d:fa:a4:26:76:2a:d7:24:d5:e7:73:4c:43:
9f:28:b2:07:4e:b6:5a:15:03:52:c3:84:96:00:0d:dd:c9:a6:
99:43:bb:fb
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUcpq6z6VsDTiXvY9iOiN9fOQIPk4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNzAwMDAwMFoX
DTI1MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAZjI0NzdkNjA0MGFkYTU2ODBlNGY3
NmEyNjk5MDc3NDQ2ODgxOWU1NDUwNDY3ZTE1ZTNjN2QxMWExYmEwNTJhMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cyAffo2W6xechm2huFJhszjTZGv
Vtxp+GP3MkLHTIUA9pCsvfcjHDPYypRCRV4WgtCBSOL9PRN6RT5NZ8AujR67joh2
w/J84A8tLm/z8BrmwySugevgUtX/uOvBZbyPlZk3EyZt269WMjscijhst320LC1i
2lN4UNTVaw18U5VKTETWUWL5qqliEO3LFloxqR8lDoTV2G5XUYefCE56Wbjoj8Av
+Lr19Nx9/HDU4bJ4azr9fxjbijqnBCWJWCpGvDSmQ9pfOkz+TKmRcASpjPu2bkAp
fn89kI5WpeZRc71+VvNp9o2l1nfxkgkKnPsqeGrlpbJhf32DYr7iZJ8grwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFUZqVac1X2LDs7jtFYdoxJP38RWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc1ZmNlNDU2LTU5MDEtNGIyMC1iZDZlLWU3OTk0NWJiNDRkMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9qAAMA0GCSqGSIb3DQEBCwUAA4IBAQAnh+6L6WR4CVjxdDvx
4FvmY+LFLJOgmNCUCgwa9mFbtOfGYBHZgsPCK+cgrvjQcot+z+0dc/XX/M4vlrPy
Ng1GYJ25Hk0aEPGUTgaHEgHnZr7sFrFsOEAHAAL7Uwri6jPJUuVgf15XTew/hzvt
wR0iIxoJVe46t70GQa71KfCjJaczXMqbocDMSv8ktiovhiT1O0HUq62+5IpA6Nls
558lfLazocm1dvN2nrGIjoTtOP/jf6emQhMoKCz5bXWM8aqleAbKdCpW4FyuJrN5
lkJW8cILidQ45ez3oWcaMQ36pCZ2Ktck1edzTEOfKLIHTrZaFQNSw4SWAA3dyaaZ
Q7v7
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:17 2025 by rpki-client