Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8061a4d0-99ec-4f38-b1a0-ed013b6bbc5f.roa
File: 8061a4d0-99ec-4f38-b1a0-ed013b6bbc5f.roa (raw, json)
Hash identifier: apDRTo92z09rn0K1qAc0rhsTb8u2RAI0HZbmQCcKC/4=
Subject key identifier: F2:1A:D4:AE:33:8A:59:F9:25:95:8A:B1:94:EE:E4:B3:A0:02:D4:88
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6059542AC130D219A10CF2F0BEB1128B9B6C62D8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8061a4d0-99ec-4f38-b1a0-ed013b6bbc5f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:60c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:59:54:2a:c1:30:d2:19:a1:0c:f2:f0:be:b1:12:8b:9b:6c:62:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2f81db1b3cde43f7791ec9b38959379cf89a7e78797ee19931ee546bb46a921a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fe:1b:17:1b:93:81:51:90:f6:07:72:3e:83:
3a:1c:c0:82:4c:92:3a:d8:3f:98:66:a4:51:dc:b3:
75:79:e6:cf:bd:78:35:de:f5:6b:a6:40:b9:c5:0c:
f9:72:1a:cf:82:64:f4:c7:65:02:f9:59:97:da:f4:
8b:94:2a:1e:86:43:e0:78:16:66:cd:aa:46:2f:5f:
3e:a2:c5:5e:8c:67:37:84:da:f6:e0:10:9a:4c:bf:
ac:89:f4:c4:33:21:eb:76:33:b6:00:d5:f8:a4:01:
f0:af:67:ec:91:9e:76:dc:a4:87:0d:55:9e:49:36:
ae:6d:94:0f:10:69:39:cf:7b:e9:2d:bd:5f:c1:43:
ad:0a:72:33:ca:c2:b7:65:c8:c7:e5:53:5e:bb:8c:
b1:a5:4a:81:77:46:aa:70:cd:36:a2:4b:d1:4f:4d:
8e:74:46:88:92:d7:e9:b7:8b:64:df:d9:f0:2f:61:
b4:22:cc:f4:0e:e2:88:92:bb:2f:a7:d0:0f:62:71:
83:aa:57:a2:d7:6c:7c:e9:33:73:c5:06:83:99:ae:
53:92:3c:3f:3e:14:ff:97:ee:86:c4:b7:69:03:33:
f4:6e:c6:fe:07:5d:2c:d6:95:2b:ee:f1:21:94:a9:
bd:35:53:4d:9e:11:b1:03:42:1a:0f:66:ea:35:0b:
e4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1A:D4:AE:33:8A:59:F9:25:95:8A:B1:94:EE:E4:B3:A0:02:D4:88
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8061a4d0-99ec-4f38-b1a0-ed013b6bbc5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
59:3e:46:7d:01:c5:3b:08:cb:e1:dc:1b:2d:31:ad:bc:87:3c:
4f:b9:39:0a:6a:dc:9d:a1:6c:52:e7:40:96:e7:75:95:a0:f9:
fc:17:d5:31:56:b2:f0:65:27:3f:bc:64:aa:16:ac:d0:44:bf:
98:7b:b1:32:84:68:0d:12:26:bf:17:ad:e6:7b:82:8f:67:67:
cb:1a:e4:85:ee:8c:8d:4f:b3:56:b0:e0:2d:41:e4:de:3c:0c:
12:82:af:07:9b:83:48:db:49:a1:5d:4b:b4:3b:9a:87:8f:d3:
4a:c0:5f:5d:e5:cb:5c:8d:6b:52:3f:5a:cb:e8:b0:e8:31:13:
7c:72:ca:88:31:46:d0:35:fa:ae:13:ec:54:0d:6e:fd:07:fa:
19:fb:d7:84:3b:e8:fa:90:91:2d:d5:38:82:c7:03:58:f5:74:
0c:ef:4b:9b:07:77:d6:e4:68:58:52:f8:aa:31:6b:bf:4c:ac:
42:82:e5:68:47:a5:fe:f4:0b:78:a3:14:bb:a0:9e:20:7b:be:
45:77:ed:52:7c:f9:61:08:9c:a2:46:5a:d7:6f:59:0b:5a:e7:
a6:e4:20:d0:4f:6f:4f:fa:f4:10:43:1d:f0:8a:d4:ce:17:dd:
53:e8:10:87:08:d8:56:ac:19:96:f4:09:ac:cc:91:24:04:7c:
1b:3d:6d:42
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUYFlUKsEw0hmhDPLwvrESi5tsYtgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMmY4MWRiMWIzY2RlNDNmNzc5MWVj
OWIzODk1OTM3OWNmODlhN2U3ODc5N2VlMTk5MzFlZTU0NmJiNDZhOTIxYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv4bFxuTgVGQ9gdyPoM6HMCCTJI6
2D+YZqRR3LN1eebPvXg13vVrpkC5xQz5chrPgmT0x2UC+VmX2vSLlCoehkPgeBZm
zapGL18+osVejGc3hNr24BCaTL+sifTEMyHrdjO2ANX4pAHwr2fskZ523KSHDVWe
STaubZQPEGk5z3vpLb1fwUOtCnIzysK3ZcjH5VNeu4yxpUqBd0aqcM02okvRT02O
dEaIktfpt4tk39nwL2G0Isz0DuKIkrsvp9APYnGDqlei12x86TNzxQaDma5Tkjw/
PhT/l+6GxLdpAzP0bsb+B10s1pUr7vEhlKm9NVNNnhGxA0IaD2bqNQvkIwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPIa1K4ziln5JZWKsZTu5LOgAtSIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgwNjFhNGQwLTk5ZWMtNGYzOC1iMWEwLWVkMDEzYjZiYmM1Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba92DAMA0GCSqGSIb3DQEBCwUAA4IBAQBZPkZ9AcU7CMvh3Bst
Ma28hzxPuTkKatydoWxS50CW53WVoPn8F9UxVrLwZSc/vGSqFqzQRL+Ye7EyhGgN
Eia/F63me4KPZ2fLGuSF7oyNT7NWsOAtQeTePAwSgq8Hm4NI20mhXUu0O5qHj9NK
wF9d5ctcjWtSP1rL6LDoMRN8csqIMUbQNfquE+xUDW79B/oZ+9eEO+j6kJEt1TiC
xwNY9XQM70ubB3fW5GhYUviqMWu/TKxCguVoR6X+9At4oxS7oJ4ge75Fd+1SfPlh
CJyiRlrXb1kLWuem5CDQT29P+vQQQx3witTOF91T6BCHCNhWrBmW9AmszJEkBHwb
PW1C
-----END CERTIFICATE-----
Generated at Sat May 10 05:28:34 2025 by rpki-client