Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d6fe0f1-724c-4c3e-89cd-47a1c9a0efcf.roa
File: 7d6fe0f1-724c-4c3e-89cd-47a1c9a0efcf.roa (raw, json)
Hash identifier: kY2Jh8GTdM4pes96LfsUnHLHgaYscmUArdwt5NIttuQ=
Subject key identifier: 14:A7:6A:2C:30:92:89:81:D4:B1:28:1F:83:28:B6:0E:3F:21:F7:0D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 19D898598F8E8F785C5E4727D7584D6EDA175436
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d6fe0f1-724c-4c3e-89cd-47a1c9a0efcf.roa
Signing time: Fri 31 Jan 2025 00:00:00 +0000
ROA not before: Fri 31 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:6000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:d8:98:59:8f:8e:8f:78:5c:5e:47:27:d7:58:4d:6e:da:17:54:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 31 00:00:00 2025 GMT
Not After : Mar 7 23:59:59 2025 GMT
Subject: serialNumber=b05d6746e255fa445814c26f1c44d18aa35ab73b12fa40cf7c68861e5f7b5a06, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f3:4c:cd:dc:6e:29:6c:9a:8f:f2:99:24:42:
89:fa:b9:ac:f4:04:4c:bd:8b:13:d2:de:af:2b:69:
3e:a4:aa:30:6a:79:bc:7c:6e:0b:5b:75:cb:f0:5e:
0e:82:72:62:f7:72:7e:60:97:00:6d:13:58:32:b6:
12:a6:63:e0:74:36:b2:44:6c:86:24:14:83:ee:e7:
e0:98:3f:2f:8c:8a:7b:e2:fc:2a:99:d8:dc:97:ec:
ad:9e:d8:57:da:7a:3a:8a:6e:3c:ce:cb:e4:e2:e9:
27:dd:4a:0e:7a:9d:1e:0f:14:ef:11:3b:59:97:a3:
f7:9c:ed:d3:2c:61:28:8b:9c:e9:16:1c:48:d6:fa:
c4:76:46:f9:3c:6d:bb:1b:70:cf:d4:b7:34:30:fc:
87:0a:3a:71:d8:e8:b5:cb:83:78:21:ad:38:45:80:
49:36:f2:92:b3:ca:8e:9f:c5:f1:3f:92:f4:da:95:
b6:23:01:e5:f2:ff:00:18:a6:5a:9f:b9:d9:a6:b6:
cf:62:a1:a8:d4:38:69:cb:f7:25:aa:34:87:a3:fd:
48:06:e9:44:39:89:3e:0d:90:38:10:ba:11:dd:38:
16:77:d7:27:9b:e4:9a:b6:04:64:76:18:f3:0e:e2:
3f:bc:53:6b:96:c2:40:35:3f:54:d2:70:39:5d:2d:
39:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A7:6A:2C:30:92:89:81:D4:B1:28:1F:83:28:B6:0E:3F:21:F7:0D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d6fe0f1-724c-4c3e-89cd-47a1c9a0efcf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:6000::/48
Signature Algorithm: sha256WithRSAEncryption
b1:ff:ee:fc:2a:ad:57:b7:36:0b:18:08:38:32:2c:c3:79:92:
72:ae:10:d5:2e:21:64:73:66:20:f7:92:64:be:5c:a1:52:09:
81:97:83:1e:27:7d:6a:d3:7e:37:51:24:0b:b8:22:ce:a7:2b:
e5:22:af:a5:b0:30:83:3e:bb:c9:f9:58:10:96:92:6e:e8:4a:
99:4a:f6:b7:60:d3:3a:bd:3e:4c:47:73:a1:c9:08:eb:0f:eb:
61:b7:5a:d1:bf:06:fa:b1:6e:f1:6c:78:48:09:e3:ef:ad:b1:
5f:31:4b:3b:91:bd:8e:e5:01:f2:74:62:9c:99:8e:6e:ca:c7:
10:78:1d:d2:33:57:cb:fd:25:b0:c5:a1:21:7e:c2:e6:9e:55:
20:b7:c9:ed:fa:d4:99:96:5a:69:c5:a1:7a:4c:ea:14:8e:77:
7a:f7:d0:dd:1d:79:29:67:a7:ef:8d:4c:24:a6:a8:e4:3f:fc:
3e:7c:57:b3:2c:ea:f4:73:91:68:35:22:62:e9:4d:08:25:02:
e7:62:22:ab:95:77:ce:92:78:ee:09:b5:0d:d7:a5:f0:ef:19:
7f:bb:b6:cf:d7:16:43:17:a6:3b:53:c8:73:80:42:10:b5:d7:
75:7a:a0:81:9b:a8:4f:e0:ed:22:8e:35:bf:8e:f9:94:55:9d:
de:51:54:57
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUGdiYWY+Oj3hcXkcn11hNbtoXVDYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEzMTAwMDAwMFoX
DTI1MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAYjA1ZDY3NDZlMjU1ZmE0NDU4MTRj
MjZmMWM0NGQxOGFhMzVhYjczYjEyZmE0MGNmN2M2ODg2MWU1ZjdiNWEwNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PNMzdxuKWyaj/KZJEKJ+rms9ARM
vYsT0t6vK2k+pKowanm8fG4LW3XL8F4OgnJi93J+YJcAbRNYMrYSpmPgdDayRGyG
JBSD7ufgmD8vjIp74vwqmdjcl+ytnthX2no6im48zsvk4ukn3UoOep0eDxTvETtZ
l6P3nO3TLGEoi5zpFhxI1vrEdkb5PG27G3DP1Lc0MPyHCjpx2Oi1y4N4Ia04RYBJ
NvKSs8qOn8XxP5L02pW2IwHl8v8AGKZan7nZprbPYqGo1Dhpy/clqjSHo/1IBulE
OYk+DZA4ELoR3TgWd9cnm+SatgRkdhjzDuI/vFNrlsJANT9U0nA5XS05LQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBSnaiwwkomB1LEoH4Motg4/IfcNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdkNmZlMGYxLTcyNGMtNGMzZS04OWNkLTQ3YTFjOWEwZWZjZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9mAAMA0GCSqGSIb3DQEBCwUAA4IBAQCx/+78Kq1XtzYLGAg4
MizDeZJyrhDVLiFkc2Yg95JkvlyhUgmBl4MeJ31q0343USQLuCLOpyvlIq+lsDCD
PrvJ+VgQlpJu6EqZSva3YNM6vT5MR3OhyQjrD+tht1rRvwb6sW7xbHhICePvrbFf
MUs7kb2O5QHydGKcmY5uyscQeB3SM1fL/SWwxaEhfsLmnlUgt8nt+tSZllppxaF6
TOoUjnd699DdHXkpZ6fvjUwkpqjkP/w+fFezLOr0c5FoNSJi6U0IJQLnYiKrlXfO
knjuCbUN16Xw7xl/u7bP1xZDF6Y7U8hzgEIQtdd1eqCBm6hP4O0ijjW/jvmUVZ3e
UVRX
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:29:00 2025 by rpki-client