Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa
File: 7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa (raw, json)
Hash identifier: 4H/VRdaG1jzs4JZssszOybFgQYj55swI9I2iJ8f9yVo=
Subject key identifier: 96:3D:FC:B2:4A:83:2C:B1:21:65:9D:5A:33:77:DF:FC:12:A0:43:2A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7BB84B59CD8540837EC9FD48BB54E9ACDEB3F21C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:8840::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:b8:4b:59:cd:85:40:83:7e:c9:fd:48:bb:54:e9:ac:de:b3:f2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=8e4f2741765c58d29590ffc85e9e9c1d292b79c492ae360240e6d448701ae4d1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c5:2e:2e:8f:d3:2d:b2:5a:e9:ba:9d:e5:92:
45:99:5e:48:5c:e8:01:77:e5:01:25:14:8b:b6:df:
b5:09:70:04:7d:21:0d:c6:4f:60:04:7b:18:55:f7:
23:cf:23:b6:eb:38:30:45:35:64:e5:ed:7d:ea:c5:
d9:7d:b6:b1:0c:d1:60:4b:fe:73:34:8b:6d:10:6e:
95:0b:b5:4d:9f:ac:40:dd:0f:f2:45:ca:e0:0c:d3:
a9:cb:b4:91:9c:dd:06:d9:89:73:0a:9c:28:6f:8c:
c8:07:b6:ab:2d:5a:e2:b3:a1:3f:1b:de:fa:d8:9b:
78:a2:da:39:89:33:90:a8:2c:0c:76:02:08:47:f9:
a5:a9:9e:ef:06:89:a1:c7:93:59:78:af:a7:21:b2:
10:16:53:71:06:85:8c:92:e6:40:40:2b:f8:ca:43:
dc:ff:19:eb:1e:77:bd:c9:b3:fe:24:7a:91:33:40:
b7:f0:8b:8a:8a:36:6a:92:8b:a9:8d:9e:6a:d6:57:
d5:f5:17:a6:5c:cf:12:d1:1d:14:a4:b4:13:1c:0b:
bb:db:bc:5d:0a:a9:ea:92:4f:dd:9b:00:37:d6:52:
46:f2:ce:34:f8:c0:63:f8:06:be:5a:96:14:97:2f:
5c:be:43:3c:57:da:6d:4b:fc:28:8e:ae:69:17:ed:
5e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3D:FC:B2:4A:83:2C:B1:21:65:9D:5A:33:77:DF:FC:12:A0:43:2A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7676a4ae-69f1-4600-8f79-2d24ed7e0307.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:8840::/48
Signature Algorithm: sha256WithRSAEncryption
bd:a2:41:c5:6f:49:e4:d1:0b:ad:3c:85:08:af:8d:cf:00:be:
d0:2d:e2:1c:89:38:4a:18:7b:e6:35:f2:4a:44:52:46:be:7a:
91:3b:d1:19:f9:ae:0b:fd:b3:02:41:86:74:6f:49:1f:9b:28:
ab:6a:92:41:56:60:ac:ff:e0:ef:ab:2d:ef:06:9e:e3:98:3e:
39:b7:00:55:84:02:1e:a9:93:f2:24:18:11:e9:c4:6f:90:93:
10:f1:d5:73:bb:11:cd:ee:18:b5:02:a2:bc:eb:96:da:77:98:
77:3f:51:b1:ea:91:20:ef:a3:9b:da:22:03:1c:2a:37:ac:64:
a2:1d:9a:db:31:25:8a:34:83:4b:eb:9f:80:82:19:f7:31:3d:
0d:2e:2a:25:eb:84:6e:2b:f9:f0:54:93:ac:f7:6e:1a:77:2b:
10:be:76:97:96:ba:bb:29:ee:3a:47:66:62:98:b9:8e:f7:03:
d4:10:1c:49:5e:fd:1e:bb:bf:0e:ff:5f:cf:3d:fc:0c:7a:59:
46:3e:9b:24:07:53:73:d4:1e:0f:1b:9a:e5:e6:37:b1:95:b8:
ae:9f:0a:5d:db:9b:04:9d:79:32:a0:53:95:f7:7d:b4:f5:f7:
47:30:b4:ae:1e:d5:8d:17:34:85:89:dc:d4:b1:8f:1c:da:92:
76:9b:df:f4
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUe7hLWc2FQIN+yf1Iu1TprN6z8hwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOGU0ZjI3NDE3NjVjNThkMjk1OTBm
ZmM4NWU5ZTljMWQyOTJiNzljNDkyYWUzNjAyNDBlNmQ0NDg3MDFhZTRkMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMUuLo/TLbJa6bqd5ZJFmV5IXOgB
d+UBJRSLtt+1CXAEfSENxk9gBHsYVfcjzyO26zgwRTVk5e196sXZfbaxDNFgS/5z
NIttEG6VC7VNn6xA3Q/yRcrgDNOpy7SRnN0G2YlzCpwob4zIB7arLVris6E/G976
2Jt4oto5iTOQqCwMdgIIR/mlqZ7vBomhx5NZeK+nIbIQFlNxBoWMkuZAQCv4ykPc
/xnrHne9ybP+JHqRM0C38IuKijZqkoupjZ5q1lfV9RemXM8S0R0UpLQTHAu727xd
Cqnqkk/dmwA31lJG8s40+MBj+Aa+WpYUly9cvkM8V9ptS/wojq5pF+1egQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJY9/LJKgyyxIWWdWjN33/wSoEMqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc2NzZhNGFlLTY5ZjEtNDYwMC04Zjc5LTJkMjRlZDdlMDMwNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8ohAMA0GCSqGSIb3DQEBCwUAA4IBAQC9okHFb0nk0QutPIUI
r43PAL7QLeIciThKGHvmNfJKRFJGvnqRO9EZ+a4L/bMCQYZ0b0kfmyirapJBVmCs
/+Dvqy3vBp7jmD45twBVhAIeqZPyJBgR6cRvkJMQ8dVzuxHN7hi1AqK865bad5h3
P1Gx6pEg76Ob2iIDHCo3rGSiHZrbMSWKNINL65+Aghn3MT0NLiol64RuK/nwVJOs
924adysQvnaXlrq7Ke46R2ZimLmO9wPUEBxJXv0eu78O/1/PPfwMellGPpskB1Nz
1B4PG5rl5jexlbiunwpd25sEnXkyoFOV93209fdHMLSuHtWNFzSFidzUsY8c2pJ2
m9/0
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:26:33 2025 by rpki-client