Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa
File: 768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa (raw, json)
Hash identifier: FGoH4Xxd6mLOb7JelwzK8cxFiprfM3QVsao5Wr9gujA=
Subject key identifier: BA:65:68:C3:93:C0:BA:E2:15:24:5F:B6:DF:C3:E5:13:84:86:F8:09
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 18092D2254DE05ED9779CE501330537A5335DBAD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:b0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:09:2d:22:54:de:05:ed:97:79:ce:50:13:30:53:7a:53:35:db:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3e07dd28cac10e72705058c257670cf1d997a85ae640acdf2cea4795867c04ef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:87:8d:e3:2e:dc:d4:23:bf:9d:79:80:db:50:
92:76:3e:d7:1b:d2:85:dd:4d:c2:70:2e:db:16:5a:
08:c8:7f:61:63:24:f5:9b:ff:de:11:8c:f7:04:17:
23:10:1d:14:6b:27:9a:79:d4:41:73:8b:fd:d9:e0:
20:95:37:76:12:19:40:a4:03:6e:db:1c:90:1e:4b:
0e:ce:1f:3e:58:ce:40:c9:6c:66:7b:56:62:2d:d5:
1f:52:55:f3:5a:61:56:e2:62:7a:16:5d:a3:bd:c9:
19:18:d2:d3:31:20:bd:84:0e:5e:f0:bd:06:c5:7a:
b2:4a:97:40:eb:af:36:51:b3:ae:09:7d:e3:8d:91:
ac:27:20:31:b2:3e:c1:8a:38:84:ee:75:43:90:35:
25:5b:2b:db:f9:6c:df:3c:b9:4d:55:84:ca:9e:35:
99:ee:6f:67:c4:87:1e:a6:9d:d1:ad:ff:d4:f7:a8:
38:74:15:e7:f2:14:6c:be:31:cb:17:62:6a:c3:bf:
29:52:22:f7:7e:02:83:bf:9a:37:6d:4a:98:e2:a4:
35:99:a9:df:8b:f4:88:2a:4e:e3:20:d2:d9:bb:c5:
08:51:2e:cf:f2:77:49:cf:1b:b0:3a:99:48:3b:39:
83:bd:0d:f5:fe:db:d2:a0:bc:45:40:12:9b:82:d6:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:65:68:C3:93:C0:BA:E2:15:24:5F:B6:DF:C3:E5:13:84:86:F8:09
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:b0c0::/48
Signature Algorithm: sha256WithRSAEncryption
23:27:63:fe:82:4e:e5:13:55:47:61:75:d5:8b:a2:8e:f4:43:
68:49:51:ce:45:05:c3:52:24:df:0c:25:57:79:f2:56:8c:16:
19:cc:fd:57:56:6d:ca:d6:80:7c:94:dc:98:08:89:2c:d6:be:
88:48:62:d7:80:d7:8b:7a:9f:f7:6f:49:22:2a:35:42:51:65:
2a:66:b1:ec:4d:de:97:9c:1e:94:1d:62:ba:7f:6c:e1:0c:20:
93:37:b2:04:77:f3:fd:5f:33:db:47:43:94:cc:95:70:77:4f:
3a:e2:96:78:04:97:d9:0c:11:ef:28:31:4a:ee:0d:e3:de:d2:
34:34:dc:5d:56:98:d1:aa:0b:63:d3:36:da:5b:4c:5f:c0:46:
2d:fd:43:b8:47:8b:a8:32:89:d5:2d:39:0f:15:eb:4a:3d:db:
a1:71:96:d9:6d:21:67:af:77:7c:b9:89:27:e9:35:6a:f0:bb:
d9:45:4f:62:d1:7d:bb:f4:6b:bf:98:01:bd:4d:b0:8b:15:12:
5d:ce:e1:6d:f0:cd:02:7b:3b:c8:83:b2:ac:17:df:98:9d:5b:
30:49:39:2b:2f:8e:f8:2d:9b:8e:ea:cb:4c:01:86:a4:07:c5:
8d:1e:a0:59:f4:d2:88:11:5c:2f:61:5a:20:cd:7c:35:39:cc:
e6:aa:56:92
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUGAktIlTeBe2Xec5QEzBTelM1260wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAM2UwN2RkMjhjYWMxMGU3MjcwNTA1
OGMyNTc2NzBjZjFkOTk3YTg1YWU2NDBhY2RmMmNlYTQ3OTU4NjdjMDRlZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YeN4y7c1CO/nXmA21CSdj7XG9KF
3U3CcC7bFloIyH9hYyT1m//eEYz3BBcjEB0UayeaedRBc4v92eAglTd2EhlApANu
2xyQHksOzh8+WM5AyWxme1ZiLdUfUlXzWmFW4mJ6Fl2jvckZGNLTMSC9hA5e8L0G
xXqySpdA6682UbOuCX3jjZGsJyAxsj7BijiE7nVDkDUlWyvb+WzfPLlNVYTKnjWZ
7m9nxIcepp3Rrf/U96g4dBXn8hRsvjHLF2Jqw78pUiL3fgKDv5o3bUqY4qQ1manf
i/SIKk7jINLZu8UIUS7P8ndJzxuwOplIOzmDvQ31/tvSoLxFQBKbgtbQNwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLplaMOTwLriFSRftt/D5ROEhvgJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc2OGExZDM1LWRjYjAtNDk3Mi1iNWVlLTMzNzA4YjhlMDJkMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8rDAMA0GCSqGSIb3DQEBCwUAA4IBAQAjJ2P+gk7lE1VHYXXV
i6KO9ENoSVHORQXDUiTfDCVXefJWjBYZzP1XVm3K1oB8lNyYCIks1r6ISGLXgNeL
ep/3b0kiKjVCUWUqZrHsTd6XnB6UHWK6f2zhDCCTN7IEd/P9XzPbR0OUzJVwd086
4pZ4BJfZDBHvKDFK7g3j3tI0NNxdVpjRqgtj0zbaW0xfwEYt/UO4R4uoMonVLTkP
FetKPduhcZbZbSFnr3d8uYkn6TVq8LvZRU9i0X279Gu/mAG9TbCLFRJdzuFt8M0C
ezvIg7KsF9+YnVswSTkrL474LZuO6stMAYakB8WNHqBZ9NKIEVwvYVogzXw1Oczm
qlaS
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:33:51 2025 by rpki-client