Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa
File: 8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa (raw, json)
Hash identifier: 3Vkf5NaALoN5Z7ZYVgm1BK6dTHvTzL8cFI0mJGGz3jY=
Subject key identifier: C7:99:7F:23:35:17:06:08:86:9C:20:72:5E:38:A1:58:ED:65:01:CF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 73A868AF3E122F4DB6B810804219AE49D1BD80B1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:f080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:a8:68:af:3e:12:2f:4d:b6:b8:10:80:42:19:ae:49:d1:bd:80:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=6a92f9675b157d06b9e7edbd66d24d2fc214b0c9dd6ceffa0c776414e9a492bd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:94:fd:f6:66:99:53:e4:4c:2a:7e:30:5e:8f:
a1:03:ca:ba:fa:d2:a8:56:b9:1a:86:78:28:87:97:
f1:2f:b5:b4:e4:60:c2:ed:96:60:6a:82:2d:9d:16:
3e:95:6b:3d:d4:f9:3d:fc:7f:c9:ec:b6:b2:61:23:
af:52:c1:bd:b3:b3:fb:15:1b:fc:a0:eb:95:79:40:
fe:95:7e:c2:29:36:0a:ca:93:3d:7c:8f:3f:29:a9:
31:9c:fa:4e:2c:ad:3f:b6:26:14:33:b7:aa:43:0d:
9b:f3:8e:3e:98:25:d5:8e:92:c3:28:83:f1:3b:41:
6d:50:39:22:8d:d9:f4:b5:d4:6e:1b:a8:14:cf:e4:
f1:e2:a9:ef:ab:a0:df:cc:d2:e0:db:f1:f9:20:47:
9f:87:a5:4b:d7:26:0f:d4:d3:3b:cc:f7:5e:cd:cc:
41:b2:2e:d7:9d:e6:76:92:f5:4d:95:bf:7e:88:c8:
1b:d7:98:b2:1d:7c:c3:03:4c:37:20:54:05:c6:cd:
e7:31:55:97:61:b7:5a:7e:61:3c:52:23:d1:ec:83:
0f:99:92:79:ed:f0:3c:24:df:b5:1a:94:ac:93:ba:
ec:ec:63:6c:fa:23:03:4a:ac:66:f7:14:27:4e:05:
79:46:b3:f4:b5:3b:2c:20:52:cf:a8:e0:ab:8b:05:
07:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:99:7F:23:35:17:06:08:86:9C:20:72:5E:38:A1:58:ED:65:01:CF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8585b68c-1041-463e-a5f7-1c3d0d88dc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:f080::/46
Signature Algorithm: sha256WithRSAEncryption
75:68:c8:16:80:64:e9:a9:3e:d7:b3:0d:46:91:aa:60:84:0a:
d8:f4:f6:c2:34:ce:77:2d:ed:90:cb:2b:37:b7:1e:98:bd:89:
59:8e:56:63:cd:6c:23:ec:61:be:28:f3:ee:1c:b2:61:9c:ba:
19:4d:6d:8a:23:cd:53:f0:a4:be:29:d8:db:72:f9:e5:6e:61:
dc:37:22:9a:ad:63:35:d8:82:b5:f5:5c:87:e6:d0:00:5c:c2:
d9:53:18:c5:35:d1:af:e9:09:f0:5f:2b:80:79:02:ed:1c:53:
22:48:09:80:5d:f1:a2:4a:60:d2:ee:5c:3c:cc:53:b9:84:40:
5b:50:51:83:d5:97:99:f2:34:78:14:8a:a3:a1:dc:81:e9:3f:
6b:93:f6:85:6b:4a:10:be:29:c4:37:cf:e8:6d:94:6b:04:c3:
c2:bc:39:4b:e8:cf:95:19:8b:2d:44:4a:fb:36:c9:9e:a0:68:
c5:45:8d:a1:1e:a1:7c:a2:32:84:5b:b8:27:17:db:bd:7b:1e:
5c:05:7d:3f:95:c7:e4:d1:9f:b8:8a:01:ff:e9:96:fb:89:dd:
1e:3f:84:0b:b0:32:4a:36:35:16:5e:d7:3e:c1:b0:9c:13:3a:
9c:e3:8a:c6:61:b4:89:6d:54:fa:e2:32:99:a2:a7:ea:e1:96:
bd:5c:e5:6a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUc6horz4SL022uBCAQhmuSdG9gLEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANmE5MmY5Njc1YjE1N2QwNmI5ZTdl
ZGJkNjZkMjRkMmZjMjE0YjBjOWRkNmNlZmZhMGM3NzY0MTRlOWE0OTJiZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpT99maZU+RMKn4wXo+hA8q6+tKo
Vrkahngoh5fxL7W05GDC7ZZgaoItnRY+lWs91Pk9/H/J7LayYSOvUsG9s7P7FRv8
oOuVeUD+lX7CKTYKypM9fI8/KakxnPpOLK0/tiYUM7eqQw2b844+mCXVjpLDKIPx
O0FtUDkijdn0tdRuG6gUz+Tx4qnvq6DfzNLg2/H5IEefh6VL1yYP1NM7zPdezcxB
si7XneZ2kvVNlb9+iMgb15iyHXzDA0w3IFQFxs3nMVWXYbdafmE8UiPR7IMPmZJ5
7fA8JN+1GpSsk7rs7GNs+iMDSqxm9xQnTgV5RrP0tTssIFLPqOCriwUHAwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMeZfyM1FwYIhpwgcl44oVjtZQHPMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg1ODViNjhjLTEwNDEtNDYzZS1hNWY3LTFjM2QwZDg4ZGM4NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaafCAMA0GCSqGSIb3DQEBCwUAA4IBAQB1aMgWgGTpqT7Xsw1G
kapghArY9PbCNM53Le2Qyys3tx6YvYlZjlZjzWwj7GG+KPPuHLJhnLoZTW2KI81T
8KS+KdjbcvnlbmHcNyKarWM12IK19VyH5tAAXMLZUxjFNdGv6QnwXyuAeQLtHFMi
SAmAXfGiSmDS7lw8zFO5hEBbUFGD1ZeZ8jR4FIqjodyB6T9rk/aFa0oQvinEN8/o
bZRrBMPCvDlL6M+VGYstREr7NsmeoGjFRY2hHqF8ojKEW7gnF9u9ex5cBX0/lcfk
0Z+4igH/6Zb7id0eP4QLsDJKNjUWXtc+wbCcEzqc44rGYbSJbVT64jKZoqfq4Za9
XOVq
-----END CERTIFICATE-----
Generated at Sat May 3 20:50:18 2025 by rpki-client