Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98286ddc-f06b-49d3-856d-cb91877b813e.roa
File: 98286ddc-f06b-49d3-856d-cb91877b813e.roa (raw, json)
Hash identifier: lebDEKIsTQixi9veaUJJLTbo/mHRniksY8pjN6B1HT4=
Subject key identifier: AD:67:8E:F4:2A:26:84:BF:C0:8D:73:D3:AB:0E:6C:A0:6F:73:B7:FA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 70ADFE36E2955259AC79F1EC51C7C2989E405E63
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98286ddc-f06b-49d3-856d-cb91877b813e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:a080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ad:fe:36:e2:95:52:59:ac:79:f1:ec:51:c7:c2:98:9e:40:5e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=9863b69f752b6772e1f58fb3a943aab6e41220b67df018b8b8faa0289b3ca301, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5f:62:2c:14:0c:26:46:af:67:42:84:a3:da:
d2:46:23:14:87:c4:b3:a1:d0:7f:43:5e:73:10:a8:
2d:89:81:51:dd:f7:ad:69:a4:1f:89:a2:e0:75:01:
c9:0f:ee:2e:ee:44:9c:89:8e:19:f6:1d:6b:a0:ab:
b0:29:a2:55:7e:3b:c6:c0:67:57:eb:56:c4:26:93:
f2:10:7b:a3:22:ee:0b:54:a1:90:99:f9:c5:4f:2c:
98:78:41:87:a4:a9:83:27:84:aa:63:9f:d2:52:06:
14:fc:1a:5c:5f:89:3e:66:3f:bb:a3:bd:ec:6a:fc:
01:8b:c7:7f:d5:36:72:d0:f4:5f:77:62:8d:f1:c4:
35:56:62:35:eb:4e:ef:fe:c1:b7:10:c1:16:24:b9:
66:c9:f9:85:98:82:fa:0e:99:3f:e3:25:29:4c:f5:
7d:37:d3:c8:eb:20:a6:8f:bf:e6:29:cd:5d:10:19:
31:72:a9:82:50:75:a2:53:0c:65:f7:05:33:8e:bd:
e9:be:8a:6f:ef:55:06:b1:ee:1c:72:1b:cc:54:5d:
ba:49:5e:96:09:81:b2:7a:d7:5f:1b:a2:36:40:64:
6d:21:70:06:15:a6:26:89:39:52:cc:e8:92:2e:6b:
d1:90:e5:72:6c:32:90:d3:fc:54:b5:53:c0:cf:cf:
6c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:67:8E:F4:2A:26:84:BF:C0:8D:73:D3:AB:0E:6C:A0:6F:73:B7:FA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98286ddc-f06b-49d3-856d-cb91877b813e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:a080::/48
Signature Algorithm: sha256WithRSAEncryption
8a:90:89:3c:3b:14:d9:28:75:2b:a0:32:76:f6:56:93:0c:40:
5a:94:75:10:11:59:d1:0d:2a:11:1e:d7:27:c1:71:74:54:3c:
f9:17:f8:a5:12:47:59:92:14:62:b4:fb:47:05:9b:bc:f0:81:
36:fe:2b:41:43:83:f0:5e:10:14:ab:3c:3a:51:64:15:77:14:
6c:e8:e1:45:e4:29:dd:b6:2c:4a:dc:6f:24:bd:0e:f2:5f:6a:
c1:27:99:58:f1:05:dc:a4:aa:c3:f5:f6:1d:4c:cd:0c:95:3a:
5b:df:fd:04:e3:61:03:be:9c:1a:67:86:ff:a3:bb:90:bb:ac:
88:43:c1:9c:27:23:99:98:a8:c7:5d:09:40:e8:e4:52:87:1c:
dd:e4:ae:01:2d:f2:38:07:b4:ad:82:0a:56:ef:d8:f6:04:10:
ad:5c:51:a0:ac:1b:fc:1b:06:75:3a:ee:10:0f:92:05:0f:ea:
63:1d:42:23:1b:84:6d:3e:63:a8:1f:0c:77:7d:2f:a5:d5:b5:
3e:b3:ec:df:87:d0:c7:c6:69:37:97:c1:2e:05:fe:3e:9f:0b:
0a:a9:5f:5f:c9:14:08:79:fe:2d:f9:2e:bb:48:b3:56:71:ee:
b5:58:4d:6f:d5:5c:4d:7b:67:08:de:2b:d5:5d:92:2b:c5:61:
e5:22:67:be
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUcK3+NuKVUlmsefHsUcfCmJ5AXmMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOTg2M2I2OWY3NTJiNjc3MmUxZjU4
ZmIzYTk0M2FhYjZlNDEyMjBiNjdkZjAxOGI4YjhmYWEwMjg5YjNjYTMwMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol9iLBQMJkavZ0KEo9rSRiMUh8Sz
odB/Q15zEKgtiYFR3fetaaQfiaLgdQHJD+4u7kSciY4Z9h1roKuwKaJVfjvGwGdX
61bEJpPyEHujIu4LVKGQmfnFTyyYeEGHpKmDJ4SqY5/SUgYU/BpcX4k+Zj+7o73s
avwBi8d/1TZy0PRfd2KN8cQ1VmI1607v/sG3EMEWJLlmyfmFmIL6Dpk/4yUpTPV9
N9PI6yCmj7/mKc1dEBkxcqmCUHWiUwxl9wUzjr3pvopv71UGse4cchvMVF26SV6W
CYGyetdfG6I2QGRtIXAGFaYmiTlSzOiSLmvRkOVybDKQ0/xUtVPAz89sCwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFK1njvQqJoS/wI1z06sObKBvc7f6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk4Mjg2ZGRjLWYwNmItNDlkMy04NTZkLWNiOTE4NzdiODEzZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9KCAMA0GCSqGSIb3DQEBCwUAA4IBAQCKkIk8OxTZKHUroDJ2
9laTDEBalHUQEVnRDSoRHtcnwXF0VDz5F/ilEkdZkhRitPtHBZu88IE2/itBQ4Pw
XhAUqzw6UWQVdxRs6OFF5CndtixK3G8kvQ7yX2rBJ5lY8QXcpKrD9fYdTM0MlTpb
3/0E42EDvpwaZ4b/o7uQu6yIQ8GcJyOZmKjHXQlA6ORShxzd5K4BLfI4B7StggpW
79j2BBCtXFGgrBv8GwZ1Ou4QD5IFD+pjHUIjG4RtPmOoHwx3fS+l1bU+s+zfh9DH
xmk3l8EuBf4+nwsKqV9fyRQIef4t+S67SLNWce61WE1v1VxNe2cI3ivVXZIrxWHl
Ime+
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:25:19 2025 by rpki-client