Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa
File: 9066b298-522a-482d-91c6-4b7ad82c743d.roa (raw, json)
Hash identifier: TL+maVnTN0amJobSsvzUOjhm4m0UoGwxXzxepHN3hcc=
Subject key identifier: AB:A4:C7:1A:87:31:FB:9F:F5:5E:3F:05:5A:3D:FF:4A:8B:B1:56:48
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1BFBBFCFE4D60FAB304D5FFB2EA2BD13E79834BD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:fb:bf:cf:e4:d6:0f:ab:30:4d:5f:fb:2e:a2:bd:13:e7:98:34:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=12e63b9709a20e7724618bf89e4f1bd35d4afb6dc7d4b23197dab5dfd36e1692, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6c:13:34:76:be:0a:25:3a:ea:63:44:5d:6a:
59:84:34:c6:86:00:27:07:ce:e6:0d:b4:6f:fe:b1:
1d:ce:90:d5:18:c3:7f:10:08:97:ed:51:00:cf:c2:
c1:f7:0c:86:9b:48:e9:1a:c9:98:d3:86:df:83:08:
8c:33:86:b6:ac:6b:bf:dd:f9:a5:b7:57:a6:ac:b1:
82:12:92:c2:71:b9:df:7c:61:d6:14:ce:b4:73:82:
4b:ca:f0:9f:b8:91:08:f9:e2:d2:80:de:5f:f0:4b:
fe:d5:ee:a5:ba:bd:3f:3c:15:3e:57:bc:96:f8:fb:
26:73:e0:db:7b:ae:e0:2e:1e:b6:4d:f5:c5:62:b4:
ae:46:e3:27:cd:1e:0e:f9:bf:58:f9:56:9f:0a:a1:
0f:49:1b:28:22:82:17:bf:23:bc:b6:78:49:c4:6b:
dd:7f:7d:58:b4:ac:4b:3e:7a:c9:19:0d:05:12:5f:
e9:93:d6:ee:ce:b9:da:6f:91:7d:68:7d:77:e9:86:
c1:af:fc:38:a3:44:d6:77:24:d4:46:9c:8a:a6:78:
80:e6:9b:01:75:0d:a4:1c:a9:bd:94:2a:b7:e4:a4:
07:00:aa:6e:76:d9:0e:48:7b:59:46:f1:65:c5:b2:
f7:a4:e5:ac:a7:e1:a2:44:3c:5a:35:d7:6c:48:7a:
9a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A4:C7:1A:87:31:FB:9F:F5:5E:3F:05:5A:3D:FF:4A:8B:B1:56:48
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9066b298-522a-482d-91c6-4b7ad82c743d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:800::/40
Signature Algorithm: sha256WithRSAEncryption
5b:9c:8a:ef:3e:a5:36:83:b5:00:fb:f1:88:93:4d:30:93:b3:
5c:76:5a:65:93:e4:ee:02:3f:d3:f6:a6:17:08:cc:40:78:06:
7a:66:1d:a7:0f:f4:1d:15:da:b1:18:3d:b9:b9:19:dd:99:19:
3a:9b:ab:28:18:fb:3c:c3:d4:13:0b:a6:68:97:21:d7:7a:cf:
04:f7:19:ea:2b:47:20:a3:cf:55:d3:53:2d:e8:28:c3:40:50:
bb:8d:ae:0b:9c:9a:04:67:5c:e6:e5:44:3e:86:25:fd:18:b3:
91:48:00:5a:45:7f:e7:a0:8b:60:1d:c4:73:f4:bd:5a:25:c9:
9b:01:85:40:93:93:11:3b:3f:06:3e:4b:04:13:de:25:d9:95:
20:b5:3c:28:21:45:3a:60:9b:69:50:96:e2:87:c0:1f:75:0a:
03:28:d3:e7:a9:21:3a:80:35:33:f4:bc:4a:e2:ad:2a:19:6b:
76:31:b7:ca:2f:3a:18:d2:b8:63:72:00:97:e6:3e:b5:25:af:
f7:35:ea:47:ef:2c:1b:96:36:3e:48:54:fa:16:5a:47:f0:a0:
54:68:c9:fe:a9:08:a1:b9:d0:b7:60:d9:b2:c8:7e:e5:54:d3:
12:e6:72:46:8f:28:60:b9:16:57:19:dd:ae:c6:dc:e8:3c:04:
3f:17:74:ef
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUG/u/z+TWD6swTV/7LqK9E+eYNL0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTJlNjNiOTcwOWEyMGU3NzI0NjE4
YmY4OWU0ZjFiZDM1ZDRhZmI2ZGM3ZDRiMjMxOTdkYWI1ZGZkMzZlMTY5MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmwTNHa+CiU66mNEXWpZhDTGhgAn
B87mDbRv/rEdzpDVGMN/EAiX7VEAz8LB9wyGm0jpGsmY04bfgwiMM4a2rGu/3fml
t1emrLGCEpLCcbnffGHWFM60c4JLyvCfuJEI+eLSgN5f8Ev+1e6lur0/PBU+V7yW
+Psmc+Dbe67gLh62TfXFYrSuRuMnzR4O+b9Y+VafCqEPSRsoIoIXvyO8tnhJxGvd
f31YtKxLPnrJGQ0FEl/pk9buzrnab5F9aH136YbBr/w4o0TWdyTURpyKpniA5psB
dQ2kHKm9lCq35KQHAKpudtkOSHtZRvFlxbL3pOWsp+GiRDxaNddsSHqavQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKukxxqHMfuf9V4/BVo9/0qLsVZIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkwNjZiMjk4LTUyMmEtNDgyZC05MWM2LTRiN2FkODJjNzQzZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYQgwDQYJKoZIhvcNAQELBQADggEBAFuciu8+pTaDtQD78YiT
TTCTs1x2WmWT5O4CP9P2phcIzEB4BnpmHacP9B0V2rEYPbm5Gd2ZGTqbqygY+zzD
1BMLpmiXIdd6zwT3GeorRyCjz1XTUy3oKMNAULuNrgucmgRnXOblRD6GJf0Ys5FI
AFpFf+egi2AdxHP0vVolyZsBhUCTkxE7PwY+SwQT3iXZlSC1PCghRTpgm2lQluKH
wB91CgMo0+epITqANTP0vErirSoZa3Yxt8ovOhjSuGNyAJfmPrUlr/c16kfvLBuW
Nj5IVPoWWkfwoFRoyf6pCKG50Ldg2bLIfuVU0xLmckaPKGC5FlcZ3a7G3Og8BD8X
dO8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:30:40 2025 by rpki-client