Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa
File: 9b072caa-75fc-4171-a003-7c2d34288af7.roa (raw, json)
Hash identifier: z3w2P+38hfYF2uZ5scMNKIhJyv6wsroukVrOHXogncE=
Subject key identifier: A5:A6:4D:08:21:0A:38:E3:15:86:09:AA:2D:BA:86:D5:47:0F:CE:77
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 16621AC6D236C8CD1F17DB60DFC54822F686738C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da18::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:62:1a:c6:d2:36:c8:cd:1f:17:db:60:df:c5:48:22:f6:86:73:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=9e56940a6b1efdc4dca52f11b196ba67eea0c44f47ed8f3cce22f8dc11a86f77, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:12:08:73:74:ab:bd:dd:8e:01:de:73:01:
24:e1:c3:1a:6d:22:48:03:6e:a7:64:a1:c0:dc:5d:
fb:35:3b:40:63:3b:12:36:b5:8f:6c:72:14:e4:b5:
07:c2:35:3e:1f:07:3d:ce:f4:44:cf:4a:8c:41:ac:
55:32:6f:6c:c9:3b:82:35:0a:b5:41:66:31:d1:75:
6d:4a:b9:91:55:ec:8e:6c:a8:33:02:8a:55:a6:11:
17:5e:ff:5c:05:dd:0c:8f:98:03:0f:f2:94:2f:d0:
10:53:e4:32:9b:36:5b:94:b1:3e:08:a3:cd:27:5c:
b8:1f:c0:26:c2:e0:0d:0b:ab:b4:20:8e:97:19:2e:
83:3a:c7:9b:93:e0:5f:bd:bc:8f:dd:0c:8c:77:f5:
80:7f:ee:8f:7b:44:9e:41:b7:16:33:5c:27:8d:22:
b1:a1:fd:a3:83:75:99:67:6d:af:c7:23:6f:a3:8a:
9b:07:b2:f8:0d:fa:30:41:bf:f5:3e:28:f3:0c:f6:
93:c4:25:06:ec:a7:78:83:c2:c2:97:11:a8:0f:76:
fb:74:5c:a9:61:b3:19:14:aa:9f:50:6c:55:0e:6b:
94:ec:e3:26:e4:1b:eb:cc:8b:96:af:3e:5c:eb:84:
f0:fe:58:0b:11:0f:22:3e:a0:54:c8:8b:31:cb:93:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A6:4D:08:21:0A:38:E3:15:86:09:AA:2D:BA:86:D5:47:0F:CE:77
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da18::/38
Signature Algorithm: sha256WithRSAEncryption
1c:12:be:a6:b5:a5:c4:07:bb:54:1f:3a:94:9a:12:76:bf:53:
f1:fa:d8:6f:31:06:c3:d6:0a:2c:ee:65:ee:20:fa:0c:fa:a7:
62:7e:74:59:ba:f5:0a:fc:68:53:c6:80:ad:23:f7:48:c6:d5:
e1:12:37:11:7d:9e:82:08:10:38:23:d1:72:65:ee:4a:4e:46:
ee:85:ab:0c:9e:d1:78:0a:c3:42:fb:5b:66:f7:ff:7e:d9:97:
30:bd:78:71:be:5b:1a:d9:6a:b7:26:ef:75:a5:2c:5c:23:df:
ad:1d:c3:e8:e7:b8:d9:e2:7c:26:07:0b:04:06:8c:05:ed:5c:
4c:8a:4f:7c:38:0f:a3:da:9d:de:d1:c8:b7:ad:22:34:44:16:
2e:ac:5b:3c:1e:e9:20:14:c8:35:41:04:4b:84:60:f4:85:6e:
7c:94:02:b8:c9:cd:51:09:d8:9c:92:19:46:2a:0e:fe:dc:07:
5f:d9:28:c4:66:2e:f9:1c:e6:08:90:1f:1e:10:28:f8:97:02:
21:b9:30:73:95:f0:af:b8:03:2b:06:b9:1c:e1:0c:01:4c:e1:
b4:a1:1a:76:fb:fc:f3:80:db:d1:ad:1e:12:99:85:6d:93:20:
aa:40:f2:c8:00:7e:78:24:e6:80:02:df:a8:dd:80:15:b7:39:
27:18:a2:68
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFmIaxtI2yM0fF9tg38VIIvaGc4wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOWU1Njk0MGE2YjFlZmRjNGRjYTUy
ZjExYjE5NmJhNjdlZWEwYzQ0ZjQ3ZWQ4ZjNjY2UyMmY4ZGMxMWE4NmY3NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLUSCHN0q73djgHecwEk4cMabSJI
A26nZKHA3F37NTtAYzsSNrWPbHIU5LUHwjU+Hwc9zvREz0qMQaxVMm9syTuCNQq1
QWYx0XVtSrmRVeyObKgzAopVphEXXv9cBd0Mj5gDD/KUL9AQU+QymzZblLE+CKPN
J1y4H8AmwuANC6u0II6XGS6DOsebk+BfvbyP3QyMd/WAf+6Pe0SeQbcWM1wnjSKx
of2jg3WZZ22vxyNvo4qbB7L4DfowQb/1PijzDPaTxCUG7Kd4g8LClxGoD3b7dFyp
YbMZFKqfUGxVDmuU7OMm5BvrzIuWrz5c64Tw/lgLEQ8iPqBUyIsxy5P02QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKWmTQghCjjjFYYJqi26htVHD853MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzliMDcyY2FhLTc1ZmMtNDE3MS1hMDAzLTdjMmQzNDI4OGFmNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaGAAwDQYJKoZIhvcNAQELBQADggEBABwSvqa1pcQHu1QfOpSa
Ena/U/H62G8xBsPWCizuZe4g+gz6p2J+dFm69Qr8aFPGgK0j90jG1eESNxF9noII
EDgj0XJl7kpORu6Fqwye0XgKw0L7W2b3/37ZlzC9eHG+WxrZarcm73WlLFwj360d
w+jnuNnifCYHCwQGjAXtXEyKT3w4D6Pand7RyLetIjREFi6sWzwe6SAUyDVBBEuE
YPSFbnyUArjJzVEJ2JySGUYqDv7cB1/ZKMRmLvkc5giQHx4QKPiXAiG5MHOV8K+4
AysGuRzhDAFM4bShGnb7/POA29GtHhKZhW2TIKpA8sgAfngk5oAC36jdgBW3OScY
omg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:28:14 2025 by rpki-client