Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa
File: 85858219-71cc-46f9-9c59-e75c9c1f8098.roa (raw, json)
Hash identifier: vD+Wobcz9Iw/8+vqIKqPu6kgs0amF1cpdNY6egh8fEM=
Subject key identifier: B0:6A:80:DB:0F:42:13:EA:A8:FF:95:27:FE:57:CC:DA:A8:F7:34:55
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4A3D927DFEEFC806E86443C5A60B689A1638C4E6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:c800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3d:92:7d:fe:ef:c8:06:e8:64:43:c5:a6:0b:68:9a:16:38:c4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a2aaed34473a20dd8c5f4b8bfa6c0f8f6ec04431e285cd7f671aea91538c637f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f7:cb:a0:fc:3f:5f:9c:8d:50:07:29:9f:ac:
23:f2:d0:23:e8:0b:64:01:5c:57:a1:e8:3c:ec:de:
88:d4:29:7c:5d:4c:47:ba:58:2d:16:0c:44:95:cc:
e1:72:01:93:d9:c6:c9:ad:97:4b:f2:6c:b7:42:6c:
54:a8:aa:48:ed:cb:9d:3f:d1:86:fc:b0:e9:02:0d:
61:2f:38:c3:57:cc:69:f1:29:89:59:76:cc:ff:ec:
47:b0:d8:ad:c3:d4:9c:44:0b:40:17:d4:48:e3:07:
b5:fe:82:37:3f:ae:23:44:2a:96:d3:e7:ff:d8:2f:
7a:f1:94:75:b2:67:d8:de:21:b6:15:82:a9:f1:d0:
5e:9f:d0:62:5e:42:86:db:8c:44:b4:38:a1:a1:47:
f8:ae:4f:3c:32:a1:bc:5f:66:b2:85:f7:1a:db:60:
0f:26:ce:2c:22:77:6f:28:46:75:89:06:0c:3c:9a:
99:fe:d5:e2:64:4f:be:de:04:83:ca:dd:8e:b7:24:
93:10:fe:70:08:c1:10:8f:d7:52:cf:e8:fb:b5:c0:
fb:1c:95:c1:cf:70:ae:3c:d2:7e:d6:c1:38:f5:fa:
8e:8d:35:97:2a:2a:9f:7d:0d:8d:ee:7c:50:6e:98:
66:33:e0:f3:3e:65:67:98:9c:c4:70:b2:df:eb:cf:
e2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:6A:80:DB:0F:42:13:EA:A8:FF:95:27:FE:57:CC:DA:A8:F7:34:55
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:c800::/40
Signature Algorithm: sha256WithRSAEncryption
70:72:10:7e:bf:e1:97:82:de:ed:f4:0d:31:53:66:04:4f:f4:
a9:77:d6:b8:dc:17:81:54:3d:9d:5c:b2:c7:41:f5:04:fe:f9:
e9:d1:75:ad:e6:a3:69:0a:7f:d5:ae:50:b2:0c:6d:4f:50:4e:
17:ee:0d:c9:45:47:14:33:2c:7b:c0:d6:35:0e:e4:33:1c:21:
8a:dc:1c:66:26:de:1c:ac:75:56:ea:dc:f2:ca:95:4c:d4:39:
d6:b7:6a:b6:e5:3f:2a:5f:a2:1b:dc:93:9f:5b:d9:a5:a7:45:
fb:06:ea:a5:22:47:48:62:e4:75:73:ab:83:c8:31:3e:a8:37:
8b:a6:04:7e:03:91:87:0b:7d:13:16:5d:6a:5b:30:d2:1f:47:
bd:13:74:03:f6:4b:8b:7c:21:8e:67:a6:37:27:39:f5:35:da:
5f:20:38:3d:c7:f1:49:5d:8d:66:68:98:a1:c2:e8:70:9a:60:
20:7a:e8:b3:d9:cf:ce:71:b8:5a:2d:7a:5d:aa:33:97:c4:c2:
cc:0d:a1:56:f6:fb:7f:9f:4d:bc:1a:4a:31:d8:d0:5c:09:4d:
3e:92:61:cf:6a:2a:15:68:32:1c:61:09:14:03:cb:73:2b:f0:
dc:b9:6c:22:74:b5:e2:b6:7f:b4:42:8a:08:bc:39:2c:1b:01:
3e:fa:54:9e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSj2Sff7vyAboZEPFpgtomhY4xOYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTJhYWVkMzQ0NzNhMjBkZDhjNWY0
YjhiZmE2YzBmOGY2ZWMwNDQzMWUyODVjZDdmNjcxYWVhOTE1MzhjNjM3ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPfLoPw/X5yNUAcpn6wj8tAj6Atk
AVxXoeg87N6I1Cl8XUxHulgtFgxElczhcgGT2cbJrZdL8my3QmxUqKpI7cudP9GG
/LDpAg1hLzjDV8xp8SmJWXbM/+xHsNitw9ScRAtAF9RI4we1/oI3P64jRCqW0+f/
2C968ZR1smfY3iG2FYKp8dBen9BiXkKG24xEtDihoUf4rk88MqG8X2ayhfca22AP
Js4sIndvKEZ1iQYMPJqZ/tXiZE++3gSDyt2OtySTEP5wCMEQj9dSz+j7tcD7HJXB
z3CuPNJ+1sE49fqOjTWXKiqffQ2N7nxQbphmM+DzPmVnmJzEcLLf68/iFwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLBqgNsPQhPqqP+VJ/5XzNqo9zRVMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg1ODU4MjE5LTcxY2MtNDZmOS05YzU5LWU3NWM5YzFmODA5OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAMgwDQYJKoZIhvcNAQELBQADggEBAHByEH6/4ZeC3u30DTFT
ZgRP9Kl31rjcF4FUPZ1cssdB9QT++enRda3mo2kKf9WuULIMbU9QThfuDclFRxQz
LHvA1jUO5DMcIYrcHGYm3hysdVbq3PLKlUzUOda3arblPypfohvck59b2aWnRfsG
6qUiR0hi5HVzq4PIMT6oN4umBH4DkYcLfRMWXWpbMNIfR70TdAP2S4t8IY5npjcn
OfU12l8gOD3H8UldjWZomKHC6HCaYCB66LPZz85xuFotel2qM5fEwswNoVb2+3+f
TbwaSjHY0FwJTT6SYc9qKhVoMhxhCRQDy3Mr8Ny5bCJ0teK2f7RCigi8OSwbAT76
VJ4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:47:48 2025 by rpki-client