Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/77745ad7-44b5-44a8-9e13-4096720b7c90.roa
File: 77745ad7-44b5-44a8-9e13-4096720b7c90.roa (raw, json)
Hash identifier: ieFSQ3hhuwzZy5A5grvLnu4NKELATjjb+x5Jrvhj26M=
Subject key identifier: DC:69:88:58:0A:12:21:60:B6:CC:01:1B:30:92:7C:5C:4D:F7:E5:61
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 552C42633A59E0896BD38CAFC08ED35166C6C4D0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/77745ad7-44b5-44a8-9e13-4096720b7c90.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:9080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:2c:42:63:3a:59:e0:89:6b:d3:8c:af:c0:8e:d3:51:66:c6:c4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=408caed0da8f04517b69232c722c65a5d51c1e45c39567b219eee882665c5946, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5f:ae:c4:0d:91:e9:89:39:94:ff:25:29:3b:
c6:8e:29:99:57:24:b0:56:c3:c6:05:a8:63:0c:30:
42:fe:f9:26:1a:84:55:ff:82:a4:b6:0f:12:8a:b4:
21:d3:95:89:12:17:61:7f:ee:4c:87:f8:2e:78:e7:
c6:03:84:1e:aa:2e:af:8f:b3:db:ee:25:57:58:f0:
94:85:e3:fc:da:5e:3b:be:2e:2f:1b:da:79:3d:40:
fd:2d:fe:fb:72:1c:4b:cb:29:65:fd:27:bd:fa:10:
0d:db:6e:db:f4:86:f8:7b:16:12:ec:2e:56:62:63:
7d:f7:72:98:d1:03:3e:55:2e:a3:72:f5:75:55:ea:
4f:b9:fa:ee:0e:dd:e3:eb:24:64:57:a5:54:16:9e:
9f:a5:0b:52:68:43:fa:95:c5:78:79:d5:8e:36:d6:
f2:c7:f9:91:dd:b8:35:8c:d0:c5:4e:ad:cc:c7:d6:
ea:ab:cf:63:c7:6e:43:d5:39:83:19:ed:99:87:48:
ae:14:c8:7b:7a:86:b5:36:ce:7c:31:bd:88:cb:81:
2a:39:77:a4:38:28:fa:c8:94:7a:34:f9:bb:61:1d:
bd:f7:d9:81:be:a1:e9:5e:87:4f:c1:d3:a3:fc:d8:
18:42:c1:9a:40:cd:e4:89:cc:b9:32:fb:5d:04:61:
6d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:69:88:58:0A:12:21:60:B6:CC:01:1B:30:92:7C:5C:4D:F7:E5:61
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/77745ad7-44b5-44a8-9e13-4096720b7c90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:9080::/48
Signature Algorithm: sha256WithRSAEncryption
b5:9e:03:7d:89:77:61:41:2e:93:2d:58:ee:b7:05:bd:4c:be:
2a:2e:48:db:25:c4:03:59:91:da:4f:59:99:25:58:70:28:eb:
54:66:85:6a:9e:ca:65:3e:02:3d:5b:94:a8:3f:e3:81:d0:72:
f2:ae:0b:01:c5:1f:d0:e3:5f:69:db:99:e0:7e:c2:dd:97:a3:
6d:28:44:df:60:0c:d1:43:58:db:22:10:fd:a1:b1:e2:f5:d3:
b5:b1:5b:49:bc:c8:28:16:5b:32:05:50:b5:65:67:57:cb:c1:
5f:b2:22:ae:6a:4f:b2:42:49:fe:aa:2c:eb:ae:d7:23:6c:26:
24:d5:2e:8f:ec:d5:0d:88:e6:40:1e:61:50:80:a5:56:07:6f:
fc:d7:45:e8:6c:13:d0:65:ed:36:4e:70:77:ed:8c:8f:6d:b7:
86:1d:41:47:04:7e:65:0b:41:d2:81:b4:02:75:c0:9f:dd:8e:
14:38:11:47:e2:ab:1c:0b:2d:c4:19:ef:f9:cb:3c:8b:f2:aa:
b8:4e:40:12:6c:e7:35:a1:67:57:05:98:76:e5:2e:25:30:65:
a9:21:04:ff:d2:b4:8b:f9:ee:61:0d:ae:c3:2f:41:e2:3e:da:
6f:be:1d:a3:d5:fa:91:3f:57:87:0e:26:ac:cd:ef:29:c6:78:
e2:ac:3a:90
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUVSxCYzpZ4Ilr04yvwI7TUWbGxNAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDA4Y2FlZDBkYThmMDQ1MTdiNjky
MzJjNzIyYzY1YTVkNTFjMWU0NWMzOTU2N2IyMTllZWU4ODI2NjVjNTk0NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21+uxA2R6Yk5lP8lKTvGjimZVySw
VsPGBahjDDBC/vkmGoRV/4Kktg8SirQh05WJEhdhf+5Mh/gueOfGA4Qeqi6vj7Pb
7iVXWPCUheP82l47vi4vG9p5PUD9Lf77chxLyyll/Se9+hAN227b9Ib4exYS7C5W
YmN993KY0QM+VS6jcvV1VepPufruDt3j6yRkV6VUFp6fpQtSaEP6lcV4edWONtby
x/mR3bg1jNDFTq3Mx9bqq89jx25D1TmDGe2Zh0iuFMh7eoa1Ns58Mb2Iy4EqOXek
OCj6yJR6NPm7YR2999mBvqHpXodPwdOj/NgYQsGaQM3kicy5MvtdBGFt0wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNxpiFgKEiFgtswBGzCSfFxN9+VhMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc3NzQ1YWQ3LTQ0YjUtNDRhOC05ZTEzLTQwOTY3MjBiN2M5MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba/5CAMA0GCSqGSIb3DQEBCwUAA4IBAQC1ngN9iXdhQS6TLVju
twW9TL4qLkjbJcQDWZHaT1mZJVhwKOtUZoVqnsplPgI9W5SoP+OB0HLyrgsBxR/Q
419p25ngfsLdl6NtKETfYAzRQ1jbIhD9obHi9dO1sVtJvMgoFlsyBVC1ZWdXy8Ff
siKuak+yQkn+qizrrtcjbCYk1S6P7NUNiOZAHmFQgKVWB2/810XobBPQZe02TnB3
7YyPbbeGHUFHBH5lC0HSgbQCdcCf3Y4UOBFH4qscCy3EGe/5yzyL8qq4TkASbOc1
oWdXBZh25S4lMGWpIQT/0rSL+e5hDa7DL0HiPtpvvh2j1fqRP1eHDiasze8pxnji
rDqQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:15:00 2025 by rpki-client