Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8602e8cf-ec3c-4331-9668-a4ecf6830436.roa
File: 8602e8cf-ec3c-4331-9668-a4ecf6830436.roa (raw, json)
Hash identifier: e1/2YLZJDqzVe2sjHN3Yd1BT581AcQR4B98nBQQ8k7A=
Subject key identifier: 94:8F:1D:12:BB:A1:CA:75:6D:C9:90:21:36:17:95:5F:C8:C1:3E:93
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4C22D9004C219B9FF6EDE459634834582EC094BE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8602e8cf-ec3c-4331-9668-a4ecf6830436.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:9080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:22:d9:00:4c:21:9b:9f:f6:ed:e4:59:63:48:34:58:2e:c0:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5fcda30f54dc5424316a0cdedd5f07e95d664f993c166faf51ff8541509ab033, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:98:26:f3:24:2f:f5:bf:51:97:f3:33:e4:
59:25:b0:35:85:2d:d2:4a:d9:5a:ae:ab:32:f1:ee:
0a:d5:0e:15:3e:51:5b:ea:13:9e:af:b9:4e:6d:16:
54:50:35:12:af:fa:46:a1:b5:04:f8:30:4d:20:bb:
06:a1:17:25:ae:26:48:06:f3:5b:83:c6:00:84:fa:
42:0d:28:b6:24:c0:f5:66:cb:3b:6d:2d:b8:65:ac:
ce:f3:e1:7e:81:9d:97:c3:b1:b6:6d:21:28:58:c0:
6d:c8:5b:d0:60:69:fb:98:65:ad:ed:f4:73:f0:ed:
d2:5a:3b:04:25:d3:58:53:eb:8c:b4:26:fd:55:4f:
ad:da:99:88:43:56:a1:f9:3c:c3:fe:2e:02:d3:32:
d2:e6:dd:75:00:ea:b5:f8:c0:71:35:93:86:07:20:
54:91:a7:87:e2:43:58:b0:db:3a:70:86:76:82:e2:
a8:4d:8f:50:7d:fc:a5:2b:48:20:1e:9d:2b:fd:f5:
8d:7a:f3:a6:36:de:e8:a2:1a:28:a7:97:f0:e6:49:
f9:76:eb:d6:f8:77:f3:36:03:8d:94:5a:6d:39:24:
57:2d:42:ac:e3:62:c4:04:bc:f1:ec:38:c6:d7:3e:
e3:ea:1b:7b:b7:63:42:ca:e8:c4:2b:bf:bf:c0:d5:
d3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8F:1D:12:BB:A1:CA:75:6D:C9:90:21:36:17:95:5F:C8:C1:3E:93
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8602e8cf-ec3c-4331-9668-a4ecf6830436.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:9080::/48
Signature Algorithm: sha256WithRSAEncryption
a1:1b:16:90:09:d7:71:5c:61:2e:4d:d0:0a:4a:46:78:ca:26:
c0:4d:41:e1:ef:ec:6b:78:da:54:bb:4a:4f:6d:09:3b:fe:77:
36:af:d4:0c:93:f8:bc:3d:91:eb:4b:b9:3c:f5:d9:58:38:6d:
8f:38:a1:cc:5a:ef:ac:4e:a8:5a:68:d8:08:e5:26:dd:26:8f:
55:0f:f0:ce:7b:2e:b3:96:40:39:e3:ac:ce:34:e7:72:00:64:
96:77:cf:11:6d:a6:89:c0:86:05:52:c7:55:c5:63:16:00:80:
52:f8:26:8d:18:9a:60:3f:06:d7:ac:5c:51:84:40:e8:cf:0f:
71:c7:4b:09:b6:d5:fd:ef:d8:c9:75:da:81:a2:ce:03:ca:18:
c3:77:dc:bf:9b:74:10:58:89:97:d9:c7:98:78:7e:fb:1d:69:
16:18:1f:08:2a:6a:72:c2:5b:d3:9a:ff:e9:89:18:44:b5:08:
66:4d:d2:33:3b:31:c1:63:a8:e5:77:94:97:e3:52:24:99:9c:
27:9c:d9:aa:b5:74:e6:26:b9:88:7b:ae:ee:9b:e7:b8:5a:ec:
01:13:64:24:cf:15:1e:4c:e4:bc:74:3a:0d:b6:e3:cb:24:5a:
9e:70:98:5d:a1:d5:f9:fd:ec:52:64:0c:e7:98:d5:cd:13:8f:
be:9f:64:9d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUTCLZAEwhm5/27eRZY0g0WC7AlL4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWZjZGEzMGY1NGRjNTQyNDMxNmEw
Y2RlZGQ1ZjA3ZTk1ZDY2NGY5OTNjMTY2ZmFmNTFmZjg1NDE1MDlhYjAzMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMqYJvMkL/W/UZfzM+RZJbA1hS3S
Stlarqsy8e4K1Q4VPlFb6hOer7lObRZUUDUSr/pGobUE+DBNILsGoRclriZIBvNb
g8YAhPpCDSi2JMD1Zss7bS24ZazO8+F+gZ2Xw7G2bSEoWMBtyFvQYGn7mGWt7fRz
8O3SWjsEJdNYU+uMtCb9VU+t2pmIQ1ah+TzD/i4C0zLS5t11AOq1+MBxNZOGByBU
kaeH4kNYsNs6cIZ2guKoTY9QffylK0ggHp0r/fWNevOmNt7oohoop5fw5kn5duvW
+HfzNgONlFptOSRXLUKs42LEBLzx7DjG1z7j6ht7t2NCyujEK7+/wNXTswIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJSPHRK7ocp1bcmQITYXlV/IwT6TMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg2MDJlOGNmLWVjM2MtNDMzMS05NjY4LWE0ZWNmNjgzMDQzNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9JCAMA0GCSqGSIb3DQEBCwUAA4IBAQChGxaQCddxXGEuTdAK
SkZ4yibATUHh7+xreNpUu0pPbQk7/nc2r9QMk/i8PZHrS7k89dlYOG2POKHMWu+s
TqhaaNgI5SbdJo9VD/DOey6zlkA546zONOdyAGSWd88RbaaJwIYFUsdVxWMWAIBS
+CaNGJpgPwbXrFxRhEDozw9xx0sJttX979jJddqBos4DyhjDd9y/m3QQWImX2ceY
eH77HWkWGB8IKmpywlvTmv/piRhEtQhmTdIzOzHBY6jld5SX41IkmZwnnNmqtXTm
JrmIe67um+e4WuwBE2QkzxUeTOS8dDoNtuPLJFqecJhdodX5/exSZAznmNXNE4++
n2Sd
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:16:25 2025 by rpki-client