Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/998b0117-a2c5-4243-88eb-295661753c25.roa
File: 998b0117-a2c5-4243-88eb-295661753c25.roa (raw, json)
Hash identifier: 7IDGWUrAm+mT0mXXwITfy0L8erRdoAASLiodnWgOFlM=
Subject key identifier: D0:3D:BD:76:71:35:3E:14:93:07:A4:BA:54:4A:CC:A2:CD:9C:B5:6E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3538F777B3FFBEE9A6C3B580217096A188F03377
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/998b0117-a2c5-4243-88eb-295661753c25.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:38:f7:77:b3:ff:be:e9:a6:c3:b5:80:21:70:96:a1:88:f0:33:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=4d9826f7f69abbd1d4723341b33523a487a78971be8e9569807dfeb45ef0852c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fe:4c:6c:3d:f5:20:ac:30:52:ed:36:f0:dc:
b4:7d:67:a4:ac:f1:b1:b8:77:08:e6:de:70:e4:43:
c1:69:1b:c1:45:82:31:c4:c3:53:10:b7:71:98:95:
1f:4e:c1:61:6b:38:4a:d3:de:9a:f3:37:6b:e2:69:
04:5e:c8:2f:fe:cd:21:4f:63:2d:41:29:3d:3d:7f:
69:ac:43:55:c5:13:2a:15:06:b4:8d:2a:97:41:eb:
15:1e:7b:b1:60:26:18:15:aa:ef:8b:df:86:26:89:
10:ea:50:a6:72:aa:47:26:86:20:69:e1:6f:57:9e:
52:b4:74:61:e3:d6:e8:f4:53:21:f1:36:a1:23:0a:
c4:f4:5b:6b:7b:2f:6a:4a:1a:bb:05:69:11:c8:7f:
a8:40:98:9a:83:52:b2:52:35:4b:bc:28:da:ba:14:
00:c9:b8:f1:43:34:4d:55:21:70:fd:36:61:ae:1f:
8f:71:e8:b4:93:09:15:70:33:0f:82:50:69:f2:a6:
a5:ef:84:b6:fd:29:34:89:02:f9:dd:08:48:fe:2f:
5e:ce:cd:59:9c:4f:ae:87:0f:90:ab:25:94:09:cf:
93:b3:91:32:02:dc:d0:af:da:2f:3a:cc:aa:77:24:
77:54:99:5c:96:30:2e:b7:aa:2b:1f:c2:09:a6:f4:
cf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3D:BD:76:71:35:3E:14:93:07:A4:BA:54:4A:CC:A2:CD:9C:B5:6E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/998b0117-a2c5-4243-88eb-295661753c25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2040::/46
Signature Algorithm: sha256WithRSAEncryption
69:23:22:b4:bd:c2:fa:1a:41:9d:68:c8:47:09:95:4b:fe:3c:
c3:26:26:95:0c:a2:db:ce:f4:6a:86:12:9b:eb:93:11:cc:99:
f9:f4:9e:8d:30:cd:0f:35:2d:d9:6f:e6:4a:fe:37:a3:2b:71:
1f:d6:67:22:14:3c:67:8f:6d:57:58:dc:56:49:d6:7a:e3:a8:
35:26:2f:2e:b9:32:36:5b:ee:4b:38:eb:b9:e5:15:87:1f:d5:
03:62:db:0a:7c:e0:a2:01:d8:d7:5c:fc:1e:2c:26:3d:82:0b:
95:f5:c0:21:ba:ca:be:77:15:8c:b9:b0:26:a0:1a:6e:84:27:
ab:db:fc:a0:8f:6a:b6:4e:9f:6e:9c:72:99:ae:e5:69:3b:52:
4c:58:8a:5a:0a:d5:08:44:85:04:34:66:9c:60:75:b8:a1:ca:
78:a0:42:5a:7c:a1:ea:16:e6:b2:90:19:32:b8:f1:7a:51:a6:
c2:e2:1d:ff:ce:8f:3a:37:bd:55:33:5e:cc:80:f5:85:06:9a:
f4:90:51:9b:ef:d4:fe:49:90:fe:b5:a5:a8:e4:c1:3e:39:6f:
53:40:f9:71:d3:0c:11:63:d4:47:ea:5c:1c:6e:7b:53:b4:e7:
2d:a9:8a:ef:2f:ce:4f:17:99:6a:3c:cf:6c:49:a0:e7:8d:51:
2f:bc:3c:fc
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUNTj3d7P/vummw7WAIXCWoYjwM3cwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANGQ5ODI2ZjdmNjlhYmJkMWQ0NzIz
MzQxYjMzNTIzYTQ4N2E3ODk3MWJlOGU5NTY5ODA3ZGZlYjQ1ZWYwODUyYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv5MbD31IKwwUu028Ny0fWekrPGx
uHcI5t5w5EPBaRvBRYIxxMNTELdxmJUfTsFhazhK096a8zdr4mkEXsgv/s0hT2Mt
QSk9PX9prENVxRMqFQa0jSqXQesVHnuxYCYYFarvi9+GJokQ6lCmcqpHJoYgaeFv
V55StHRh49bo9FMh8TahIwrE9Ftrey9qShq7BWkRyH+oQJiag1KyUjVLvCjauhQA
ybjxQzRNVSFw/TZhrh+Pcei0kwkVcDMPglBp8qal74S2/Sk0iQL53QhI/i9ezs1Z
nE+uhw+QqyWUCc+Ts5EyAtzQr9ovOsyqdyR3VJlcljAut6orH8IJpvTPDwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNA9vXZxNT4UkwekulRKzKLNnLVuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk5OGIwMTE3LWEyYzUtNDI0My04OGViLTI5NTY2MTc1M2MyNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+yBAMA0GCSqGSIb3DQEBCwUAA4IBAQBpIyK0vcL6GkGdaMhH
CZVL/jzDJiaVDKLbzvRqhhKb65MRzJn59J6NMM0PNS3Zb+ZK/jejK3Ef1mciFDxn
j21XWNxWSdZ646g1Ji8uuTI2W+5LOOu55RWHH9UDYtsKfOCiAdjXXPweLCY9gguV
9cAhusq+dxWMubAmoBpuhCer2/ygj2q2Tp9unHKZruVpO1JMWIpaCtUIRIUENGac
YHW4ocp4oEJafKHqFuaykBkyuPF6UabC4h3/zo86N71VM17MgPWFBpr0kFGb79T+
SZD+taWo5ME+OW9TQPlx0wwRY9RH6lwcbntTtOctqYrvL85PF5lqPM9sSaDnjVEv
vDz8
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:20:41 2025 by rpki-client