Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a70bac7-1fe2-4277-8de7-58400dca08bb.roa
File: 8a70bac7-1fe2-4277-8de7-58400dca08bb.roa (raw, json)
Hash identifier: jSrKLh6Jm4t5QReY1rndN9wpsZrrQlQyUEj4B6xgJE8=
Subject key identifier: 6B:5A:6F:30:58:B1:DA:51:38:66:93:D0:E2:57:5C:00:52:AA:9F:75
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 56BD18BBAF81D98B1E1440F5845EE64EBDFF4A7D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a70bac7-1fe2-4277-8de7-58400dca08bb.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:b0c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:bd:18:bb:af:81:d9:8b:1e:14:40:f5:84:5e:e6:4e:bd:ff:4a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=46e29b03a71953b96668d1aadf3267c61757d38dc04a39cace3914eb935685e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1e:3b:93:81:05:32:11:fe:94:16:fd:7d:0e:
fc:c0:66:11:0d:cd:7e:a0:eb:77:d4:a3:45:e0:3d:
2f:8e:c4:2a:9e:ac:6f:8e:92:b2:58:3d:a3:89:bc:
26:ac:87:8e:aa:e7:d2:85:7b:cb:1d:30:62:68:86:
da:fc:42:47:99:ea:29:e8:42:51:8d:fe:9b:29:45:
da:22:8f:23:57:67:b9:83:f2:46:86:21:28:6e:ad:
69:aa:1a:40:8c:3e:9e:2a:80:e7:ac:99:1d:3e:2b:
2e:9e:d1:9a:a8:3b:be:62:9d:a6:04:bc:34:a6:66:
08:db:ff:4d:6d:c9:f1:0f:26:21:9a:69:41:d9:76:
02:48:c6:67:b3:47:71:e7:44:c3:61:cc:bf:ba:2b:
4b:59:13:a9:ee:7e:46:2f:8e:16:87:2d:94:d2:0e:
57:60:84:87:7c:67:83:76:56:4e:33:28:c4:bb:ce:
8a:c6:d5:30:2c:55:df:c5:9e:6d:b3:34:bd:48:fd:
61:9e:63:d3:2c:94:1b:56:61:96:79:c3:18:0b:96:
c2:bf:5e:fb:21:98:67:ce:7f:47:85:1b:72:02:57:
d6:63:f1:d5:4d:8f:fa:ca:16:de:ce:30:69:f0:b6:
c7:92:e9:52:0a:07:df:39:08:c7:7a:da:f8:aa:d1:
54:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5A:6F:30:58:B1:DA:51:38:66:93:D0:E2:57:5C:00:52:AA:9F:75
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a70bac7-1fe2-4277-8de7-58400dca08bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:b0c0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:09:29:57:cd:4b:72:04:1e:3c:3c:e5:23:5f:3d:6f:b5:68:
21:56:10:69:5e:20:90:63:3a:27:c6:33:2f:24:17:92:03:09:
5c:11:e4:bc:4e:ab:3f:e5:45:99:e1:a5:cd:fc:62:56:3e:51:
69:b2:22:97:ed:6a:41:f5:68:84:59:10:61:ab:0d:79:e3:eb:
d5:62:87:07:12:e5:23:3d:e3:54:fc:f7:d5:60:38:b4:72:4c:
1e:1c:3c:69:45:12:6c:f5:9c:29:0c:4c:aa:0e:e3:19:cd:97:
3f:1f:04:11:08:59:49:01:72:f0:0b:03:41:77:31:ba:a9:01:
60:ac:42:2e:60:70:29:fd:2b:af:4c:23:0a:41:ad:d0:12:d5:
eb:30:bd:52:eb:c2:98:23:5d:46:cc:39:26:40:4b:1f:5a:05:
da:23:45:6d:95:b5:bd:26:b5:13:0c:bb:d6:d2:a1:72:f7:e5:
3d:f0:de:73:f6:76:ad:01:15:0b:a1:d3:35:5d:90:b9:49:b9:
a3:aa:75:eb:0d:06:fa:f1:02:aa:b1:39:4c:bb:b5:8b:f7:58:
d3:3c:40:e4:91:3f:7b:7f:bc:52:70:e9:85:82:af:30:12:c1:
73:df:c0:51:58:10:e2:b9:6c:e1:93:71:dc:c5:a0:6f:8a:ff:
d2:33:94:2c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUVr0Yu6+B2YseFED1hF7mTr3/Sn0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDZlMjliMDNhNzE5NTNiOTY2Njhk
MWFhZGYzMjY3YzYxNzU3ZDM4ZGMwNGEzOWNhY2UzOTE0ZWI5MzU2ODVlNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR47k4EFMhH+lBb9fQ78wGYRDc1+
oOt31KNF4D0vjsQqnqxvjpKyWD2jibwmrIeOqufShXvLHTBiaIba/EJHmeop6EJR
jf6bKUXaIo8jV2e5g/JGhiEobq1pqhpAjD6eKoDnrJkdPisuntGaqDu+Yp2mBLw0
pmYI2/9NbcnxDyYhmmlB2XYCSMZns0dx50TDYcy/uitLWROp7n5GL44Why2U0g5X
YISHfGeDdlZOMyjEu86KxtUwLFXfxZ5tszS9SP1hnmPTLJQbVmGWecMYC5bCv177
IZhnzn9HhRtyAlfWY/HVTY/6yhbezjBp8LbHkulSCgffOQjHetr4qtFUXwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGtabzBYsdpROGaT0OJXXABSqp91MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhhNzBiYWM3LTFmZTItNDI3Ny04ZGU3LTU4NDAwZGNhMDhiYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9LDAMA0GCSqGSIb3DQEBCwUAA4IBAQALCSlXzUtyBB48POUj
Xz1vtWghVhBpXiCQYzonxjMvJBeSAwlcEeS8Tqs/5UWZ4aXN/GJWPlFpsiKX7WpB
9WiEWRBhqw154+vVYocHEuUjPeNU/PfVYDi0ckweHDxpRRJs9ZwpDEyqDuMZzZc/
HwQRCFlJAXLwCwNBdzG6qQFgrEIuYHAp/SuvTCMKQa3QEtXrML1S68KYI11GzDkm
QEsfWgXaI0VtlbW9JrUTDLvW0qFy9+U98N5z9natARULodM1XZC5SbmjqnXrDQb6
8QKqsTlMu7WL91jTPEDkkT97f7xScOmFgq8wEsFz38BRWBDiuWzhk3HcxaBviv/S
M5Qs
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:13 2025 by rpki-client