Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e7391c5-2e41-4005-97dd-32e5f11569cb.roa
File: 9e7391c5-2e41-4005-97dd-32e5f11569cb.roa (raw, json)
Hash identifier: hoTRhxCmRpshKDSs1aOqZLFfJ6gbFhOeVe777KWchas=
Subject key identifier: 2A:DD:F4:A1:BA:44:F8:10:6E:A6:E8:44:6E:19:B7:09:08:D0:0C:78
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 68A1C957D726AFD67A60A2D3AAD5937418610180
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e7391c5-2e41-4005-97dd-32e5f11569cb.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:f0c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a1:c9:57:d7:26:af:d6:7a:60:a2:d3:aa:d5:93:74:18:61:01:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=895fb4a181bf2d713448004d4a12d263361d10b62da8354ebe215ab77a1de2f9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bc:f9:53:18:67:b8:a1:b0:99:4b:28:e2:53:
f9:68:95:63:73:22:17:df:f2:11:77:ac:2b:2a:09:
00:47:e2:3f:9d:79:00:c4:09:e7:45:48:49:15:d2:
b6:5f:70:de:20:27:86:8b:51:3b:f5:bf:bc:39:75:
f7:21:9b:64:31:19:be:0d:1d:b9:d9:26:39:ff:3d:
0c:d3:27:4b:36:5c:76:0b:76:d5:2c:cb:a2:c5:7d:
aa:54:16:61:a7:bb:82:c5:ba:b0:72:50:b2:ab:f5:
a2:d7:05:00:66:88:3e:d6:c7:6c:7b:5e:8d:96:ba:
53:d6:95:4c:77:5f:c5:1e:05:dd:78:5c:0c:ce:24:
0a:4a:0d:30:f4:be:63:6b:56:b4:83:e5:f9:ad:9d:
c4:a2:15:a8:ea:46:24:83:1e:a8:a7:b6:f5:bd:45:
d1:e1:b0:51:30:9a:20:45:2c:75:87:2f:36:27:82:
a8:47:41:2e:f1:79:bf:1b:43:33:f9:6e:37:c6:73:
a3:8e:37:ec:6e:06:58:67:ea:71:71:2d:e5:92:4e:
20:1e:5b:e6:ed:11:b9:d3:5c:d9:8f:c7:59:1d:90:
2d:eb:9a:74:fb:8e:3f:80:12:53:15:63:0c:d7:da:
05:54:be:b5:bf:06:ca:61:f7:92:c1:8c:01:85:4c:
80:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DD:F4:A1:BA:44:F8:10:6E:A6:E8:44:6E:19:B7:09:08:D0:0C:78
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e7391c5-2e41-4005-97dd-32e5f11569cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:f0c0::/46
Signature Algorithm: sha256WithRSAEncryption
2f:ab:12:01:a5:11:d0:e4:f8:23:f3:b5:7e:07:6a:68:75:3e:
95:de:c5:7e:1b:de:8c:21:21:20:03:6c:e5:b9:4b:0f:1d:d3:
16:e0:ee:7f:93:dd:4c:01:fa:19:43:ab:1e:41:f5:80:c1:2f:
30:6e:da:97:b5:52:ce:1e:44:b7:91:15:98:b2:4d:60:01:5e:
08:1c:a2:5c:75:c8:dd:7d:0b:63:84:52:b5:d7:b1:3c:7a:c3:
f8:ae:6e:09:17:21:d1:64:4b:98:21:4e:0f:d0:9c:48:0b:83:
d3:0d:f7:6b:1e:db:e3:a0:7c:3b:c4:95:13:ba:13:8d:45:00:
2d:60:97:c2:5e:c1:81:30:f9:78:8e:16:93:83:a0:d3:59:c3:
25:86:5b:f4:71:85:1e:fb:07:ec:18:cf:a0:c1:03:9c:81:39:
0c:f5:c0:ba:f5:ec:63:e4:ef:f8:17:31:79:45:76:bd:ef:66:
b6:18:17:03:2a:ea:7d:85:eb:92:a1:7e:17:b7:47:b0:2b:63:
f6:8c:09:ea:e6:cc:e0:d2:ac:85:a5:95:3a:30:86:15:79:fa:
72:bc:b1:15:94:fa:a2:de:b5:fb:84:0e:2a:ae:84:1b:4c:14:
00:87:71:4a:b3:1e:10:d0:7b:97:43:f6:f7:ec:6f:86:a6:29:
1d:7c:ae:15
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUaKHJV9cmr9Z6YKLTqtWTdBhhAYAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAODk1ZmI0YTE4MWJmMmQ3MTM0NDgw
MDRkNGExMmQyNjMzNjFkMTBiNjJkYTgzNTRlYmUyMTVhYjc3YTFkZTJmOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLz5UxhnuKGwmUso4lP5aJVjcyIX
3/IRd6wrKgkAR+I/nXkAxAnnRUhJFdK2X3DeICeGi1E79b+8OXX3IZtkMRm+DR25
2SY5/z0M0ydLNlx2C3bVLMuixX2qVBZhp7uCxbqwclCyq/Wi1wUAZog+1sdse16N
lrpT1pVMd1/FHgXdeFwMziQKSg0w9L5ja1a0g+X5rZ3EohWo6kYkgx6op7b1vUXR
4bBRMJogRSx1hy82J4KoR0Eu8Xm/G0Mz+W43xnOjjjfsbgZYZ+pxcS3lkk4gHlvm
7RG501zZj8dZHZAt65p0+44/gBJTFWMM19oFVL61vwbKYfeSwYwBhUyAvQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCrd9KG6RPgQbqboRG4ZtwkI0Ax4MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzllNzM5MWM1LTJlNDEtNDAwNS05N2RkLTMyZTVmMTE1NjljYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+/DAMA0GCSqGSIb3DQEBCwUAA4IBAQAvqxIBpRHQ5Pgj87V+
B2podT6V3sV+G96MISEgA2zluUsPHdMW4O5/k91MAfoZQ6seQfWAwS8wbtqXtVLO
HkS3kRWYsk1gAV4IHKJcdcjdfQtjhFK117E8esP4rm4JFyHRZEuYIU4P0JxIC4PT
DfdrHtvjoHw7xJUTuhONRQAtYJfCXsGBMPl4jhaTg6DTWcMlhlv0cYUe+wfsGM+g
wQOcgTkM9cC69exj5O/4FzF5RXa972a2GBcDKup9heuSoX4Xt0ewK2P2jAnq5szg
0qyFpZU6MIYVefpyvLEVlPqi3rX7hA4qroQbTBQAh3FKsx4Q0HuXQ/b37G+Gpikd
fK4V
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:31:06 2025 by rpki-client