Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e573a93-0df9-4209-b0ce-0c793b0859d9.roa
File: 7e573a93-0df9-4209-b0ce-0c793b0859d9.roa (raw, json)
Hash identifier: g4w6HDBp5BErbSWoesSEAlm0vTPeAXmSQMzq44hWvzw=
Subject key identifier: F8:9A:9D:C3:4E:8D:7E:7F:6A:D5:3F:AC:F5:F3:6B:96:32:DF:34:2D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 196456D34BF8C0B3447450C1A1E7B8171CFD158D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e573a93-0df9-4209-b0ce-0c793b0859d9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:a000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:64:56:d3:4b:f8:c0:b3:44:74:50:c1:a1:e7:b8:17:1c:fd:15:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=bde41bbeee9390ae9d0b97c33ec24982b574312ea32617a1f0b2d28702287a74, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:87:77:30:d5:b5:e0:87:d4:9c:3f:1f:d7:27:
bd:9e:9a:0e:70:75:1e:37:e3:d9:55:aa:cd:84:a5:
aa:65:7e:d7:72:38:e1:5a:03:1e:19:23:b0:40:cf:
b2:81:26:ff:6a:30:cc:5b:51:28:d8:17:7a:a7:c7:
16:da:99:b4:27:34:0c:e8:46:78:24:23:77:16:46:
65:1d:f2:68:aa:42:50:be:07:06:8a:4a:2b:96:37:
86:e1:97:62:a5:46:78:8f:48:0b:46:76:03:50:ad:
60:ab:f3:47:88:d2:87:8b:27:0f:d1:93:d7:15:b3:
c7:0b:39:3f:df:2c:c9:cf:fd:00:e0:e0:aa:67:cf:
a6:c6:88:39:3d:fa:d2:e6:7d:b2:1d:dd:60:1b:a7:
74:fd:53:ad:3f:16:c4:3d:b4:20:cb:ec:e2:17:0c:
73:33:78:40:37:dc:c8:aa:10:08:b6:be:85:70:30:
1d:cf:4f:4c:5c:0a:eb:2c:d3:53:bf:4f:27:d1:5a:
11:2a:76:86:2c:42:ed:61:4c:bf:4e:be:a7:f7:5d:
cf:e6:a8:2a:74:87:da:0b:18:1a:e0:0c:36:9f:08:
a6:53:c3:04:10:ce:15:10:95:b4:17:fb:4e:28:8a:
9f:36:76:d6:6c:bc:74:0a:15:23:d8:38:82:35:ca:
b2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9A:9D:C3:4E:8D:7E:7F:6A:D5:3F:AC:F5:F3:6B:96:32:DF:34:2D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e573a93-0df9-4209-b0ce-0c793b0859d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:a000::/40
Signature Algorithm: sha256WithRSAEncryption
26:12:b8:3a:f9:49:79:6d:b9:ad:9a:4e:b3:a7:ef:58:02:d2:
6d:d4:13:9e:41:02:b9:0f:86:26:66:80:d9:f4:1a:52:e7:bf:
1c:a5:75:d5:21:cd:38:2d:22:ad:ec:48:ab:78:3c:2d:ac:5e:
75:0f:22:14:04:21:ec:9a:50:e2:75:92:73:50:42:21:c4:d8:
98:78:c5:2e:e6:a0:63:23:23:1c:44:03:57:4a:17:11:a0:69:
0b:99:0a:35:57:14:88:9b:db:f7:d5:04:e4:8e:8d:61:e5:12:
25:92:96:0f:82:cd:4d:c8:eb:a2:8f:6a:ef:8d:8f:60:a5:09:
4f:5d:5e:1c:c0:ea:26:bc:1a:c2:20:9b:d1:3c:34:b5:e7:bd:
9e:e7:40:9f:d6:72:c5:fc:a7:99:80:a9:5a:c9:6f:10:d1:41:
17:be:b6:4f:42:5e:2e:50:90:c8:a5:3b:e2:24:e0:4c:76:4b:
04:72:6a:dc:a1:e7:8f:26:98:d5:b7:7c:26:57:2b:52:66:ef:
b4:53:f3:40:7f:84:72:51:4a:94:cc:04:b1:1a:9c:94:d3:d2:
3b:a0:3f:57:95:29:d8:cd:78:20:7c:06:e9:2f:67:5b:1b:17:
ee:ce:23:99:b1:fa:9c:3f:6b:1e:8a:cf:cb:9d:03:fa:28:f3:
f3:44:e9:3c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGWRW00v4wLNEdFDBoee4Fxz9FY0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYmRlNDFiYmVlZTkzOTBhZTlkMGI5
N2MzM2VjMjQ5ODJiNTc0MzEyZWEzMjYxN2ExZjBiMmQyODcwMjI4N2E3NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Id3MNW14IfUnD8f1ye9npoOcHUe
N+PZVarNhKWqZX7XcjjhWgMeGSOwQM+ygSb/ajDMW1Eo2Bd6p8cW2pm0JzQM6EZ4
JCN3FkZlHfJoqkJQvgcGikorljeG4ZdipUZ4j0gLRnYDUK1gq/NHiNKHiycP0ZPX
FbPHCzk/3yzJz/0A4OCqZ8+mxog5PfrS5n2yHd1gG6d0/VOtPxbEPbQgy+ziFwxz
M3hAN9zIqhAItr6FcDAdz09MXArrLNNTv08n0VoRKnaGLELtYUy/Tr6n913P5qgq
dIfaCxga4Aw2nwimU8MEEM4VEJW0F/tOKIqfNnbWbLx0ChUj2DiCNcqyBQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPiancNOjX5/atU/rPXza5Yy3zQtMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdlNTczYTkzLTBkZjktNDIwOS1iMGNlLTBjNzkzYjA4NTlkOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9KAwDQYJKoZIhvcNAQELBQADggEBACYSuDr5SXltua2aTrOn
71gC0m3UE55BArkPhiZmgNn0GlLnvxylddUhzTgtIq3sSKt4PC2sXnUPIhQEIeya
UOJ1knNQQiHE2Jh4xS7moGMjIxxEA1dKFxGgaQuZCjVXFIib2/fVBOSOjWHlEiWS
lg+CzU3I66KPau+Nj2ClCU9dXhzA6ia8GsIgm9E8NLXnvZ7nQJ/WcsX8p5mAqVrJ
bxDRQRe+tk9CXi5QkMilO+Ik4Ex2SwRyatyh548mmNW3fCZXK1Jm77RT80B/hHJR
SpTMBLEanJTT0jugP1eVKdjNeCB8BukvZ1sbF+7OI5mx+pw/ax6Kz8udA/oo8/NE
6Tw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:43:47 2025 by rpki-client