Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa
File: 8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa (raw, json)
Hash identifier: vbnGR2+FxKU9gQSWqKbuCoWbYc48kqpakd84I+Egy4w=
Subject key identifier: 75:85:DE:E3:77:CB:2A:27:95:40:3A:DD:78:1C:90:A3:D6:8B:EE:F1
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3CC0D626174CE419D498046F876E53235CF11229
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:8020::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:c0:d6:26:17:4c:e4:19:d4:98:04:6f:87:6e:53:23:5c:f1:12:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3474386cab7df825c1aaaf990b906b43c51fc6498d2db8b71651540b82c62322, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a9:98:45:64:1c:8c:77:cd:d8:fe:51:4c:4b:
66:cf:60:8c:2b:39:78:74:a4:bc:b5:42:16:13:30:
35:d0:ca:28:3d:47:3d:f0:96:82:ab:70:d3:8a:e1:
95:ce:bc:5d:75:f3:08:83:e1:cd:26:2d:58:bd:f8:
c3:87:68:25:16:2f:7f:97:ff:75:14:6d:02:2d:04:
b4:d5:b0:85:69:31:1e:04:b1:af:cf:21:d0:65:f9:
f6:5d:5a:20:df:4b:f5:f1:83:bf:37:f6:11:38:4f:
ed:e8:01:cd:1d:df:3a:14:46:a0:a3:9c:ac:53:f9:
de:74:9a:7d:54:c6:c2:83:ca:a6:de:c7:bd:65:b0:
fd:83:81:a9:23:e9:8a:05:3b:30:db:b9:b4:dd:c4:
8a:a6:a6:4e:8a:39:73:ee:a5:f1:30:dc:5e:0d:0c:
75:cd:54:9d:d6:1b:e3:8b:81:a7:fc:ae:47:b8:f6:
26:d4:72:ab:7f:90:3b:15:a2:23:15:a8:22:38:e5:
13:09:78:d8:a3:cb:8e:9d:01:ee:66:d7:ca:e9:a3:
11:7e:47:b5:ff:4f:32:53:23:16:bf:4d:4b:ac:4f:
a7:46:9e:fe:12:a7:eb:f2:a8:4a:e6:3f:73:70:e4:
3d:ef:83:13:a1:b8:0d:b3:88:f6:70:94:1b:f8:ec:
8d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:85:DE:E3:77:CB:2A:27:95:40:3A:DD:78:1C:90:A3:D6:8B:EE:F1
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:8020::/48
Signature Algorithm: sha256WithRSAEncryption
5b:15:96:7c:93:99:45:03:f3:3a:31:87:35:24:aa:7f:a4:83:
6b:a3:3a:0a:26:17:f6:29:29:d7:45:32:07:49:a6:4d:6c:28:
ef:d2:b4:89:28:af:a5:29:c9:c1:ad:51:78:39:a9:d7:ce:d7:
dd:c2:fe:77:e1:6f:16:13:db:bd:2c:38:71:ef:1c:20:2c:48:
e9:e3:69:f2:63:3c:bd:4c:d1:02:53:a1:b3:f9:7a:35:99:b5:
25:69:53:d7:e5:c2:44:85:b4:03:93:11:e7:ae:47:f0:21:f2:
91:75:33:a3:ed:c3:e3:4c:66:ff:ad:60:46:fe:bc:bf:dd:51:
34:f0:c2:ca:58:68:25:8d:cf:8c:65:5c:95:2e:6c:2a:cc:ba:
b7:72:50:49:dc:cf:37:fa:8c:bc:87:40:5e:e6:41:56:a0:19:
a3:bf:43:8f:40:69:46:89:e0:48:c7:be:7f:77:76:fc:be:aa:
c6:01:a3:3a:46:6f:de:16:26:b7:17:c9:ae:56:64:4f:37:6b:
6d:fa:f0:a5:af:a0:4f:99:2d:a6:06:63:3e:25:26:25:83:29:
ba:4c:fb:77:27:ef:7a:52:44:31:6e:66:b6:21:b3:0d:61:96:
c1:e3:68:f1:00:b0:e9:6f:00:03:98:ee:d0:ea:48:72:f2:c9:
f9:79:a7:78
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUPMDWJhdM5BnUmARvh25TI1zxEikwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMzQ3NDM4NmNhYjdkZjgyNWMxYWFh
Zjk5MGI5MDZiNDNjNTFmYzY0OThkMmRiOGI3MTY1MTU0MGI4MmM2MjMyMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyamYRWQcjHfN2P5RTEtmz2CMKzl4
dKS8tUIWEzA10MooPUc98JaCq3DTiuGVzrxddfMIg+HNJi1YvfjDh2glFi9/l/91
FG0CLQS01bCFaTEeBLGvzyHQZfn2XVog30v18YO/N/YROE/t6AHNHd86FEago5ys
U/nedJp9VMbCg8qm3se9ZbD9g4GpI+mKBTsw27m03cSKpqZOijlz7qXxMNxeDQx1
zVSd1hvji4Gn/K5HuPYm1HKrf5A7FaIjFagiOOUTCXjYo8uOnQHuZtfK6aMRfke1
/08yUyMWv01LrE+nRp7+Eqfr8qhK5j9zcOQ974MTobgNs4j2cJQb+OyNWQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHWF3uN3yyonlUA63XgckKPWi+7xMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhjYTM3MWQ5LTIxNTMtNDA1My05OWFjLTFiZGMwYzQyOTRhYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQBbFZZ8k5lFA/M6MYc1
JKp/pINrozoKJhf2KSnXRTIHSaZNbCjv0rSJKK+lKcnBrVF4OanXztfdwv534W8W
E9u9LDhx7xwgLEjp42nyYzy9TNECU6Gz+Xo1mbUlaVPX5cJEhbQDkxHnrkfwIfKR
dTOj7cPjTGb/rWBG/ry/3VE08MLKWGgljc+MZVyVLmwqzLq3clBJ3M83+oy8h0Be
5kFWoBmjv0OPQGlGieBIx75/d3b8vqrGAaM6Rm/eFia3F8muVmRPN2tt+vClr6BP
mS2mBmM+JSYlgym6TPt3J+96UkQxbma2IbMNYZbB42jxALDpbwADmO7Q6khy8sn5
ead4
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:31:14 2025 by rpki-client