Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa
File: 7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa (raw, json)
Hash identifier: K+Y29VC6kGIAWqxiccdZM6XYxWqr3eWlyPY7BDAm/7E=
Subject key identifier: 84:76:3E:43:5D:92:D7:1D:D7:13:64:33:69:16:BC:AD:15:79:BC:F4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1D59D182DAB0DF3AF212C73260835E731721E0B0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:c800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:59:d1:82:da:b0:df:3a:f2:12:c7:32:60:83:5e:73:17:21:e0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=bd52c4a3155acb1734495a7037583ac1cdc1258e3e65a329422823419e67d090, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:8f:d0:f9:ba:4a:66:88:41:08:73:a5:76:
9c:58:23:ed:e0:9c:34:c9:be:60:11:0a:fd:60:94:
2a:d4:4e:fe:30:02:4a:94:26:2b:50:ff:61:19:fc:
45:c8:67:1c:a9:75:c8:c6:59:1d:f4:da:04:60:7a:
e7:6c:37:50:a5:89:74:ee:80:58:eb:1b:46:24:1f:
cd:4f:f5:23:38:26:1f:16:45:9a:fd:62:f5:16:e1:
0c:2f:fc:7d:04:39:6a:67:90:6e:dd:e7:ef:34:55:
dc:d6:19:33:39:3b:8c:31:29:39:b1:8e:13:3a:ee:
6e:62:f0:f7:ef:19:a8:bb:f3:1e:fa:99:c3:ae:f7:
88:a3:2b:f8:47:21:a3:6e:d3:bd:5b:7a:52:ac:d3:
0a:6c:5a:0c:3d:51:71:a8:f4:b3:30:21:e9:8f:f9:
4c:9e:5e:bf:6e:35:e2:8b:00:a6:fb:8f:7e:17:54:
59:20:fb:69:b8:9e:3b:00:29:a0:82:da:cc:2d:f8:
72:39:55:a6:61:69:8b:71:0a:c3:90:ad:a7:ff:70:
88:6b:0f:f2:c4:dc:d6:aa:c6:ca:24:f3:3d:2c:cc:
dc:1a:5f:d4:c9:96:e5:6d:65:ae:92:61:f6:9a:af:
c1:89:c2:06:f2:e9:1f:e5:1e:4d:ca:4c:83:11:fa:
d9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:76:3E:43:5D:92:D7:1D:D7:13:64:33:69:16:BC:AD:15:79:BC:F4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:c800::/40
Signature Algorithm: sha256WithRSAEncryption
58:85:05:fa:23:da:65:10:ce:e5:02:21:8d:8c:cb:2c:a7:95:
c5:9c:00:a9:04:0f:96:a2:30:45:ba:33:a2:93:cb:89:f7:4b:
26:06:00:83:43:44:ac:97:9e:57:58:19:c7:a3:0e:e1:74:fc:
93:f8:20:e1:5a:7b:4e:1f:de:ca:2a:74:4b:d8:7b:5a:72:8e:
e2:9b:e9:c3:b9:db:37:42:98:74:59:05:39:88:ca:0a:8b:b1:
1e:95:b9:05:17:be:9a:89:e6:db:80:49:ab:04:4c:eb:54:62:
b3:96:57:1f:91:ba:a3:98:5a:19:a0:ae:74:e2:dd:51:bf:b2:
b9:e4:f3:59:53:bd:7e:18:1e:21:59:10:dd:1b:a6:42:50:85:
5b:4f:49:04:43:3d:90:53:51:39:72:50:a9:f7:11:89:b8:e7:
bb:65:dc:83:96:62:33:d0:78:f8:8e:80:00:9a:99:60:08:2a:
fc:f1:20:6d:99:d9:ab:3c:03:75:c2:d9:b5:e7:19:ed:9f:1b:
97:99:e6:8e:1d:a5:19:f9:31:f1:fe:70:6d:b0:15:aa:62:8c:
07:e5:84:38:86:d3:a2:0f:9d:62:1a:26:03:34:53:61:8f:07:
73:8b:21:12:ec:ca:b5:c7:91:fa:0c:86:6c:f8:02:c9:0c:ff:
1d:ec:9f:97
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHVnRgtqw3zryEscyYINecxch4LAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYmQ1MmM0YTMxNTVhY2IxNzM0NDk1
YTcwMzc1ODNhYzFjZGMxMjU4ZTNlNjVhMzI5NDIyODIzNDE5ZTY3ZDA5MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyOP0Pm6SmaIQQhzpXacWCPt4Jw0
yb5gEQr9YJQq1E7+MAJKlCYrUP9hGfxFyGccqXXIxlkd9NoEYHrnbDdQpYl07oBY
6xtGJB/NT/UjOCYfFkWa/WL1FuEML/x9BDlqZ5Bu3efvNFXc1hkzOTuMMSk5sY4T
Ou5uYvD37xmou/Me+pnDrveIoyv4RyGjbtO9W3pSrNMKbFoMPVFxqPSzMCHpj/lM
nl6/bjXiiwCm+49+F1RZIPtpuJ47ACmggtrMLfhyOVWmYWmLcQrDkK2n/3CIaw/y
xNzWqsbKJPM9LMzcGl/UyZblbWWukmH2mq/BicIG8ukf5R5NykyDEfrZjQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIR2PkNdktcd1xNkM2kWvK0Vebz0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdjNTM0ZDJjLTkxY2EtNDVmNy04ZmZjLTgxZTRjYTdmNDczZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/8gwDQYJKoZIhvcNAQELBQADggEBAFiFBfoj2mUQzuUCIY2M
yyynlcWcAKkED5aiMEW6M6KTy4n3SyYGAINDRKyXnldYGcejDuF0/JP4IOFae04f
3soqdEvYe1pyjuKb6cO52zdCmHRZBTmIygqLsR6VuQUXvpqJ5tuASasETOtUYrOW
Vx+RuqOYWhmgrnTi3VG/srnk81lTvX4YHiFZEN0bpkJQhVtPSQRDPZBTUTlyUKn3
EYm457tl3IOWYjPQePiOgACamWAIKvzxIG2Z2as8A3XC2bXnGe2fG5eZ5o4dpRn5
MfH+cG2wFapijAflhDiG06IPnWIaJgM0U2GPB3OLIRLsyrXHkfoMhmz4AskM/x3s
n5c=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:38:47 2025 by rpki-client