Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd4259e-98a7-47c1-bd49-308f40e49350.roa
File: 8fd4259e-98a7-47c1-bd49-308f40e49350.roa (raw, json)
Hash identifier: RaWhQRwu+3jnp5V81NkSly9Co5n1BhWwk8OXyPB3z80=
Subject key identifier: DA:6C:22:35:A5:74:94:A7:D2:E7:BE:76:6E:3D:F9:F9:D2:E0:CA:83
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 26ED3F3107C4446050505E676E4B78D53B71B673
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd4259e-98a7-47c1-bd49-308f40e49350.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:c040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ed:3f:31:07:c4:44:60:50:50:5e:67:6e:4b:78:d5:3b:71:b6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=dfedaff3974fa50356a9ba5ef63d0a45eb7d8318ab567622710ea60d8fdb8afc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:e4:96:e4:c0:cc:4a:cc:b6:4d:7f:98:81:
52:a6:90:3f:a0:15:18:11:88:23:64:38:e6:8e:b2:
64:35:7e:fd:06:04:0e:f5:60:e3:de:03:e3:ff:f2:
3a:b6:87:74:ed:bd:bb:ac:0c:6f:eb:7f:33:82:70:
62:d9:f8:e7:70:83:15:76:96:54:27:7d:94:cc:b6:
78:ff:7f:59:ce:33:08:7e:80:c3:59:33:1b:bc:04:
c0:1e:cd:b8:16:95:a9:30:e0:d8:d8:95:b7:e2:c1:
8d:2c:6e:2d:cf:05:02:4d:c5:2a:c8:5c:c0:3b:2f:
c2:33:4f:01:d9:b1:ee:ed:1c:cd:3e:95:1a:62:c8:
9c:fc:a0:54:69:4e:89:91:29:07:fd:85:39:ce:a8:
7d:a7:22:29:75:49:4e:01:30:f2:8b:3b:d2:f0:d8:
a2:cc:8e:a0:1d:66:e6:96:a2:9d:7d:55:37:d3:38:
68:e6:8f:91:38:09:38:00:55:6a:ef:ff:3d:e4:d9:
13:23:f2:e8:97:92:67:e6:07:71:b6:15:0d:94:d6:
37:c8:9b:22:e5:20:02:5a:42:dd:ab:0b:99:ec:ee:
d7:a2:bb:02:00:99:c4:a6:80:e8:54:b2:69:ee:2d:
ef:b9:27:2b:0f:67:71:a8:b0:67:ba:f6:19:a2:7b:
a4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6C:22:35:A5:74:94:A7:D2:E7:BE:76:6E:3D:F9:F9:D2:E0:CA:83
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd4259e-98a7-47c1-bd49-308f40e49350.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:c040::/46
Signature Algorithm: sha256WithRSAEncryption
b3:e6:5c:03:66:4e:56:62:67:7e:55:32:be:2e:23:36:48:3c:
ac:e3:bb:e6:56:5d:de:17:66:03:0a:53:c7:9a:e7:3e:1f:c4:
ea:07:d9:70:ec:1b:4f:80:20:d5:4f:cb:8f:5c:a9:25:db:0f:
80:ee:da:56:97:3b:fe:d6:4f:ce:0d:fd:46:ab:48:db:a8:52:
2a:3b:e3:81:7f:5a:cc:fc:a3:c7:23:d2:d6:b7:7c:f8:db:e4:
99:6d:31:b6:bb:1e:e2:27:1b:c7:91:ae:10:3c:21:fa:26:e6:
ea:93:dd:ca:35:94:26:57:a4:9f:a2:da:f9:84:4a:8b:c5:91:
0e:71:ed:02:df:71:58:25:d8:5b:7c:34:23:c2:e9:95:d6:34:
e9:9c:6c:e9:80:fd:f4:4d:ca:e7:b0:c6:b2:6d:cd:a7:9b:de:
b0:67:42:9d:92:3f:88:13:a6:fc:a9:df:32:f3:68:f9:f3:e0:
7f:bb:ea:7c:88:70:8d:f4:21:e8:8e:5e:05:85:b1:99:95:2a:
9c:50:1c:b4:26:8e:ed:3f:b7:86:ca:fe:5d:6b:8a:90:9a:ab:
3a:fb:a9:98:5c:3a:0c:2e:c5:21:c9:77:a9:56:79:f1:e9:17:
0e:00:a4:d7:7e:66:6f:a0:e1:69:8c:cf:99:a3:56:7b:09:17:
0a:da:9c:13
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJu0/MQfERGBQUF5nbkt41TtxtnMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZGZlZGFmZjM5NzRmYTUwMzU2YTli
YTVlZjYzZDBhNDVlYjdkODMxOGFiNTY3NjIyNzEwZWE2MGQ4ZmRiOGFmYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEnkluTAzErMtk1/mIFSppA/oBUY
EYgjZDjmjrJkNX79BgQO9WDj3gPj//I6tod07b27rAxv638zgnBi2fjncIMVdpZU
J32UzLZ4/39ZzjMIfoDDWTMbvATAHs24FpWpMODY2JW34sGNLG4tzwUCTcUqyFzA
Oy/CM08B2bHu7RzNPpUaYsic/KBUaU6JkSkH/YU5zqh9pyIpdUlOATDyizvS8Nii
zI6gHWbmlqKdfVU30zho5o+ROAk4AFVq7/895NkTI/Lol5Jn5gdxthUNlNY3yJsi
5SACWkLdqwuZ7O7XorsCAJnEpoDoVLJp7i3vuScrD2dxqLBnuvYZonukhwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNpsIjWldJSn0ue+dm49+fnS4MqDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhmZDQyNTllLTk4YTctNDdjMS1iZDQ5LTMwOGY0MGU0OTM1MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+8BAMA0GCSqGSIb3DQEBCwUAA4IBAQCz5lwDZk5WYmd+VTK+
LiM2SDys47vmVl3eF2YDClPHmuc+H8TqB9lw7BtPgCDVT8uPXKkl2w+A7tpWlzv+
1k/ODf1Gq0jbqFIqO+OBf1rM/KPHI9LWt3z42+SZbTG2ux7iJxvHka4QPCH6Jubq
k93KNZQmV6Sfotr5hEqLxZEOce0C33FYJdhbfDQjwumV1jTpnGzpgP30TcrnsMay
bc2nm96wZ0Kdkj+IE6b8qd8y82j58+B/u+p8iHCN9CHojl4FhbGZlSqcUBy0Jo7t
P7eGyv5da4qQmqs6+6mYXDoMLsUhyXepVnnx6RcOAKTXfmZvoOFpjM+Zo1Z7CRcK
2pwT
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:36 2025 by rpki-client