Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e642a03-5f13-42f1-a402-f293b203265d.roa
File: 7e642a03-5f13-42f1-a402-f293b203265d.roa (raw, json)
Hash identifier: EC9cW3JHLwa8XlVMkSpNDgNK8fr7r0BUfWTVvDf0j9s=
Subject key identifier: C8:FF:D0:78:8B:00:50:9E:C6:E5:60:33:AB:0D:3C:5D:69:70:13:10
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 53C7F805B4B097686E4C4AC1F4F823590829BE18
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e642a03-5f13-42f1-a402-f293b203265d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:c800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c7:f8:05:b4:b0:97:68:6e:4c:4a:c1:f4:f8:23:59:08:29:be:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=40f949763a055666697303ad5c7a3c3ee9898af8a260f2b14d8c6041272d62ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:79:8b:77:3a:6e:eb:c4:00:25:6b:04:38:a9:
ea:3f:48:fb:c5:a9:02:83:5e:cb:e6:5c:ff:e6:93:
d4:dc:22:a2:e3:e3:d8:e7:36:f2:9f:2e:c5:ba:06:
b3:5f:eb:70:63:3c:bb:96:8d:5b:c6:2c:b6:fa:18:
12:3c:82:45:57:f6:74:dd:3d:76:0f:66:ef:70:c6:
77:de:c6:ef:1e:8d:ea:ff:6e:74:11:3a:26:1d:af:
18:9c:a1:91:03:c0:86:2c:91:f5:d6:41:b3:43:cd:
9a:5b:00:b5:a8:19:77:5b:9e:47:55:89:ca:f7:20:
ea:14:96:4e:bb:3e:e8:9a:92:bf:c8:ca:df:26:54:
70:27:8a:b2:24:2a:80:22:8a:56:cb:3a:44:93:70:
e7:31:bb:e4:40:2f:fc:59:51:b1:e4:81:9a:e0:f2:
c6:f2:b3:f2:16:fb:b7:c2:f1:a5:b6:c3:e8:4c:f2:
56:c4:a0:09:e1:e6:71:bd:a9:9b:f5:5b:0f:a2:ca:
d0:1d:09:83:ff:36:89:ab:85:69:d1:f1:9d:ba:1f:
2c:fa:99:ec:66:33:09:39:60:f0:07:df:17:9e:13:
a9:a3:28:a7:36:f9:87:f2:97:15:06:cc:0b:55:3f:
3b:d6:cb:fc:4c:22:e2:fd:ab:6b:5f:46:d0:bf:ea:
4c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FF:D0:78:8B:00:50:9E:C6:E5:60:33:AB:0D:3C:5D:69:70:13:10
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e642a03-5f13-42f1-a402-f293b203265d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:c800::/40
Signature Algorithm: sha256WithRSAEncryption
8b:92:62:d4:4c:82:44:79:ae:d3:db:37:d8:6f:96:7e:b3:89:
0b:42:68:68:ce:75:8f:3a:6b:42:3b:82:3a:ca:f0:ba:fe:65:
64:17:d5:89:49:ab:07:cc:d0:79:0c:09:95:99:d8:bb:9f:be:
43:c7:a5:5b:2d:eb:c9:9f:e1:3c:a2:ae:c4:7c:d0:25:50:00:
c8:82:9f:d3:79:da:55:95:aa:75:25:87:83:bb:79:96:a8:d6:
7f:0f:14:e3:b0:f2:76:7e:1f:9c:37:07:ae:50:8b:fa:be:6b:
f8:b8:a4:75:60:b1:fd:08:6b:13:30:1b:90:c6:2d:c6:85:e1:
58:27:6f:7f:b3:c3:c2:38:e3:d7:87:8c:57:5f:81:41:f9:f8:
c1:af:2b:a4:04:b6:87:5f:e7:f2:ce:e4:b4:1f:55:d8:4a:62:
16:4a:a0:ba:a3:30:0a:3e:e8:8b:d9:1f:81:02:00:3a:f3:e7:
bb:5a:a5:f9:45:04:a3:ee:c0:17:cb:96:40:36:3b:cc:b0:b9:
40:73:83:32:38:8b:62:c5:64:46:f5:08:f8:7e:e6:2e:ab:0f:
c7:08:65:c1:e8:d2:44:bb:9e:81:b7:36:ff:b8:54:26:c5:8c:
41:f4:8a:40:6f:43:dd:44:8d:31:b2:07:0d:84:c4:23:bf:1b:
d3:bf:a5:5f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUU8f4BbSwl2huTErB9PgjWQgpvhgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDBmOTQ5NzYzYTA1NTY2NjY5NzMw
M2FkNWM3YTNjM2VlOTg5OGFmOGEyNjBmMmIxNGQ4YzYwNDEyNzJkNjJhZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnmLdzpu68QAJWsEOKnqP0j7xakC
g17L5lz/5pPU3CKi4+PY5zbyny7FugazX+twYzy7lo1bxiy2+hgSPIJFV/Z03T12
D2bvcMZ33sbvHo3q/250ETomHa8YnKGRA8CGLJH11kGzQ82aWwC1qBl3W55HVYnK
9yDqFJZOuz7ompK/yMrfJlRwJ4qyJCqAIopWyzpEk3DnMbvkQC/8WVGx5IGa4PLG
8rPyFvu3wvGltsPoTPJWxKAJ4eZxvamb9VsPosrQHQmD/zaJq4Vp0fGduh8s+pns
ZjMJOWDwB98XnhOpoyinNvmH8pcVBswLVT871sv8TCLi/atrX0bQv+pMawIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMj/0HiLAFCexuVgM6sNPF1pcBMQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdlNjQyYTAzLTVmMTMtNDJmMS1hNDAyLWYyOTNiMjAzMjY1ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba98gwDQYJKoZIhvcNAQELBQADggEBAIuSYtRMgkR5rtPbN9hv
ln6ziQtCaGjOdY86a0I7gjrK8Lr+ZWQX1YlJqwfM0HkMCZWZ2LufvkPHpVst68mf
4TyirsR80CVQAMiCn9N52lWVqnUlh4O7eZao1n8PFOOw8nZ+H5w3B65Qi/q+a/i4
pHVgsf0IaxMwG5DGLcaF4Vgnb3+zw8I449eHjFdfgUH5+MGvK6QEtodf5/LO5LQf
VdhKYhZKoLqjMAo+6IvZH4ECADrz57tapflFBKPuwBfLlkA2O8ywuUBzgzI4i2LF
ZEb1CPh+5i6rD8cIZcHo0kS7noG3Nv+4VCbFjEH0ikBvQ91EjTGyBw2ExCO/G9O/
pV8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:13:47 2025 by rpki-client