Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c0f8903-7305-4902-a6b4-6607ce10e298.roa
File: 7c0f8903-7305-4902-a6b4-6607ce10e298.roa (raw, json)
Hash identifier: Q9qijRBmP1HUE9ljj8lYmWGDYLX6dAUJj4nvYGj23io=
Subject key identifier: B8:CC:A2:45:A1:45:6C:01:59:26:73:BD:D1:C4:20:69:AF:9C:8F:29
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 324AFB879E6FF2C40CD8C7FD5B3734AB7945C6D3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c0f8903-7305-4902-a6b4-6607ce10e298.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:2020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:4a:fb:87:9e:6f:f2:c4:0c:d8:c7:fd:5b:37:34:ab:79:45:c6:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=542a137c05077a6d097faadd97c0dab50ba7c31e4d4bde5068de220fa782d43a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e3:5e:f3:ef:8b:2d:9f:2b:e2:d5:14:48:37:
a1:33:d3:3c:fc:76:97:ae:61:ad:55:67:cb:dd:35:
5e:f6:4a:87:d2:be:b1:42:09:36:30:c7:84:a3:cf:
e1:b7:42:ea:3e:7f:3b:91:ab:ad:f6:85:c5:e7:d0:
07:ae:59:40:68:f5:16:5d:f6:62:94:90:fa:e3:fa:
6e:49:7d:83:44:89:df:86:e9:00:84:69:3f:fc:7a:
42:e5:8f:9a:bc:4f:48:10:e9:b4:2d:44:7d:24:78:
ea:c0:23:af:52:e4:d3:d6:7f:8f:a4:e5:fd:6b:6b:
c3:d8:fe:51:1b:0b:b2:41:2f:63:ed:75:fe:43:6c:
de:af:47:29:e0:b6:53:74:3f:2c:7f:79:33:5c:31:
7a:f6:d2:29:18:c8:26:0e:7f:91:1d:75:45:60:9b:
05:8d:1f:22:27:eb:d2:5f:4d:80:04:6a:00:4a:2d:
0c:f2:58:6f:d5:52:a0:5d:96:4f:ed:b1:10:d6:f2:
6e:0b:5a:5f:2b:97:0f:d7:5f:01:9a:bd:84:96:dc:
60:4a:0d:a5:8e:cb:69:e5:5b:20:b9:c8:ea:bc:f1:
7e:54:3e:d6:bc:88:49:e6:43:d1:96:b2:33:86:d7:
62:4c:c4:05:8b:10:fb:13:7a:ee:90:1c:84:ed:04:
37:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CC:A2:45:A1:45:6C:01:59:26:73:BD:D1:C4:20:69:AF:9C:8F:29
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c0f8903-7305-4902-a6b4-6607ce10e298.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:2020::/48
Signature Algorithm: sha256WithRSAEncryption
21:fe:18:b0:65:43:48:07:4c:83:19:4a:90:0d:c4:78:da:6e:
85:a2:88:81:47:39:d0:19:68:18:57:0f:40:58:d7:e8:63:e3:
76:01:42:f1:09:76:3c:61:21:8e:32:f7:cd:47:8a:fe:ba:58:
36:33:27:d6:de:26:74:51:6c:66:af:bc:2e:b1:b5:6c:25:4e:
1e:70:ff:f9:9d:a4:94:06:a7:b0:ba:0a:d5:d0:30:dc:94:30:
4b:92:21:ad:8b:ad:1b:1a:7d:db:f7:07:04:28:04:f2:57:bd:
0b:92:1b:37:5d:28:d4:38:d5:52:bd:dc:b2:12:ca:63:20:08:
89:7d:e5:e9:44:07:6a:88:a2:3c:cb:f0:31:6b:c6:12:17:fe:
be:b2:48:e4:04:02:b7:a8:1a:96:a7:a9:55:3d:a0:6c:c3:0b:
a7:b5:a7:14:40:4b:20:c7:e0:e3:0b:98:af:1b:44:63:7c:99:
97:b3:07:d3:8d:3c:7a:01:9e:07:e0:cf:a1:38:d4:59:72:4f:
12:82:de:fc:d6:91:65:6b:6f:8f:87:9a:48:b4:cd:8e:88:99:
37:a2:ad:65:e1:3e:bd:b7:78:5c:0f:91:19:6a:60:db:45:16:
6c:21:c5:f4:4f:7a:cb:30:6c:b9:4f:89:2b:0e:b0:de:b9:07:
89:e8:02:65
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUMkr7h55v8sQM2Mf9Wzc0q3lFxtMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANTQyYTEzN2MwNTA3N2E2ZDA5N2Zh
YWRkOTdjMGRhYjUwYmE3YzMxZTRkNGJkZTUwNjhkZTIyMGZhNzgyZDQzYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Ne8++LLZ8r4tUUSDehM9M8/HaX
rmGtVWfL3TVe9kqH0r6xQgk2MMeEo8/ht0LqPn87kaut9oXF59AHrllAaPUWXfZi
lJD64/puSX2DRInfhukAhGk//HpC5Y+avE9IEOm0LUR9JHjqwCOvUuTT1n+PpOX9
a2vD2P5RGwuyQS9j7XX+Q2zer0cp4LZTdD8sf3kzXDF69tIpGMgmDn+RHXVFYJsF
jR8iJ+vSX02ABGoASi0M8lhv1VKgXZZP7bEQ1vJuC1pfK5cP118Bmr2EltxgSg2l
jstp5VsgucjqvPF+VD7WvIhJ5kPRlrIzhtdiTMQFixD7E3rukByE7QQ32wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLjMokWhRWwBWSZzvdHEIGmvnI8pMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdjMGY4OTAzLTczMDUtNDkwMi1hNmI0LTY2MDdjZTEwZTI5OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba/yAgMA0GCSqGSIb3DQEBCwUAA4IBAQAh/hiwZUNIB0yDGUqQ
DcR42m6FooiBRznQGWgYVw9AWNfoY+N2AULxCXY8YSGOMvfNR4r+ulg2MyfW3iZ0
UWxmr7wusbVsJU4ecP/5naSUBqewugrV0DDclDBLkiGti60bGn3b9wcEKATyV70L
khs3XSjUONVSvdyyEspjIAiJfeXpRAdqiKI8y/Axa8YSF/6+skjkBAK3qBqWp6lV
PaBswwuntacUQEsgx+DjC5ivG0RjfJmXswfTjTx6AZ4H4M+hONRZck8Sgt781pFl
a2+Ph5pItM2OiJk3oq1l4T69t3hcD5EZamDbRRZsIcX0T3rLMGy5T4krDrDeuQeJ
6AJl
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:39 2025 by rpki-client