Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/895b2a47-a7bc-4846-b76a-991d71e1a6b7.roa
File: 895b2a47-a7bc-4846-b76a-991d71e1a6b7.roa (raw, json)
Hash identifier: HzpnKwZ2N64Hg6c49n0gcqu/IsvDeMxeVaky0KCdaWc=
Subject key identifier: F5:91:0E:A2:1F:FD:52:06:0F:A7:91:CC:E6:D6:F4:F2:FA:DA:3C:C8
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 16BEA4A0BE37731B62DEC98A10128317C187D9FC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/895b2a47-a7bc-4846-b76a-991d71e1a6b7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:f080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:be:a4:a0:be:37:73:1b:62:de:c9:8a:10:12:83:17:c1:87:d9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=0a4e2af3128c5cc371577d873387280e45ea75b095acf2af084c573dbee2012d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3d:29:27:cf:7b:b6:78:bf:01:04:d7:b4:df:
0f:39:73:42:8a:ea:1a:ae:e1:44:2b:99:7f:49:5c:
39:bb:f8:b1:67:64:5f:e4:ec:a8:98:cc:43:b7:d5:
78:15:70:8e:c6:7a:ff:12:04:c8:a4:b7:ed:dd:f9:
ca:e4:27:78:41:d1:42:6c:bc:b2:25:cb:db:12:2f:
2e:76:34:a6:2a:f9:38:f5:8f:f1:3e:24:c6:59:c7:
73:c7:4a:04:fe:66:9a:e6:74:e6:8c:77:07:94:ff:
8b:3f:fb:f1:64:0e:50:80:c5:df:fe:a9:86:49:1d:
8a:98:b1:bd:48:5d:15:ed:be:ab:66:13:b0:73:74:
15:c2:a0:68:10:01:3e:7b:a2:60:15:51:d3:a9:99:
58:93:1a:51:15:2a:80:97:1d:4f:3c:1b:fd:e2:d1:
22:aa:c9:b8:30:e6:49:c4:aa:af:aa:e0:86:e2:f3:
2f:f7:f6:56:1e:77:6e:f1:09:62:73:bd:79:52:b0:
f6:1e:e0:db:d3:c7:75:af:3b:fe:7a:ee:97:b4:01:
0b:5f:98:eb:95:29:02:e9:3a:cb:b5:67:b9:e9:56:
6d:40:fa:f4:80:ab:48:94:92:4c:05:70:48:20:7d:
7c:9e:ad:31:49:1e:f1:ab:13:2f:c6:b5:ad:aa:3d:
46:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:91:0E:A2:1F:FD:52:06:0F:A7:91:CC:E6:D6:F4:F2:FA:DA:3C:C8
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/895b2a47-a7bc-4846-b76a-991d71e1a6b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:f080::/48
Signature Algorithm: sha256WithRSAEncryption
99:60:b4:23:16:cc:f1:cb:19:31:d6:7d:da:ea:a0:c2:e8:65:
48:e6:79:c7:98:33:0c:c8:7e:b0:56:da:17:a9:bb:44:d0:ad:
1f:6b:9c:ab:84:e0:b8:1b:48:59:f8:8b:16:a7:68:32:69:e4:
d3:bb:eb:11:fa:0f:d8:e2:66:56:7d:73:15:5c:21:5f:a0:a3:
6a:85:b2:63:71:72:26:8d:3a:c1:44:8a:84:00:c3:16:53:f4:
00:f4:1c:f7:0e:67:e5:b2:ab:63:73:f5:1c:b6:99:21:88:99:
05:22:b3:1e:41:1c:fe:da:9e:e4:71:c8:0c:f3:15:e1:67:e8:
3c:32:8b:d3:d0:48:f8:b1:91:d1:dd:0f:aa:de:53:bf:af:c4:
93:ce:50:39:8b:7d:02:39:54:d3:ce:4a:8d:8b:46:d5:ec:fb:
d2:d8:95:75:d5:78:17:b3:98:80:9a:16:17:9f:84:d8:85:33:
97:6d:c7:0a:de:ca:a8:f2:58:ca:5c:21:e9:db:a2:72:e2:72:
6a:43:bd:a1:ff:ec:f5:7d:38:06:bc:38:41:e4:70:6c:56:2f:
5d:54:27:69:1f:f6:5e:d9:29:c5:72:78:69:6d:34:12:9b:1b:
78:4f:1f:6d:b9:e0:1f:62:77:e7:88:fd:cb:0a:cf:d7:30:af:
b7:3f:01:7f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUFr6koL43cxti3smKEBKDF8GH2fwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMGE0ZTJhZjMxMjhjNWNjMzcxNTc3
ZDg3MzM4NzI4MGU0NWVhNzViMDk1YWNmMmFmMDg0YzU3M2RiZWUyMDEyZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz0pJ897tni/AQTXtN8POXNCiuoa
ruFEK5l/SVw5u/ixZ2Rf5OyomMxDt9V4FXCOxnr/EgTIpLft3fnK5Cd4QdFCbLyy
JcvbEi8udjSmKvk49Y/xPiTGWcdzx0oE/maa5nTmjHcHlP+LP/vxZA5QgMXf/qmG
SR2KmLG9SF0V7b6rZhOwc3QVwqBoEAE+e6JgFVHTqZlYkxpRFSqAlx1PPBv94tEi
qsm4MOZJxKqvquCG4vMv9/ZWHndu8Qlic715UrD2HuDb08d1rzv+eu6XtAELX5jr
lSkC6TrLtWe56VZtQPr0gKtIlJJMBXBIIH18nq0xSR7xqxMvxrWtqj1GdwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPWRDqIf/VIGD6eRzObW9PL62jzIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg5NWIyYTQ3LWE3YmMtNDg0Ni1iNzZhLTk5MWQ3MWUxYTZiNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8vCAMA0GCSqGSIb3DQEBCwUAA4IBAQCZYLQjFszxyxkx1n3a
6qDC6GVI5nnHmDMMyH6wVtoXqbtE0K0fa5yrhOC4G0hZ+IsWp2gyaeTTu+sR+g/Y
4mZWfXMVXCFfoKNqhbJjcXImjTrBRIqEAMMWU/QA9Bz3Dmflsqtjc/UctpkhiJkF
IrMeQRz+2p7kccgM8xXhZ+g8MovT0Ej4sZHR3Q+q3lO/r8STzlA5i30COVTTzkqN
i0bV7PvS2JV11XgXs5iAmhYXn4TYhTOXbccK3sqo8ljKXCHp26Jy4nJqQ72h/+z1
fTgGvDhB5HBsVi9dVCdpH/Ze2SnFcnhpbTQSmxt4Tx9tueAfYnfniP3LCs/XMK+3
PwF/
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:36:01 2025 by rpki-client