Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f53e144-6602-423c-9146-4441340a43ed.roa
File: 9f53e144-6602-423c-9146-4441340a43ed.roa (raw, json)
Hash identifier: WDP9QCSPbdGqQnmsYJRZRf1BqkemhcfHuSvDWAK4tUA=
Subject key identifier: D6:84:6B:FA:0B:57:52:C2:45:AB:13:77:68:23:EE:39:77:C8:D6:AC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 49090A5B30C62375DBA1C56FE77D14FCDA3FF4AE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f53e144-6602-423c-9146-4441340a43ed.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:8840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:09:0a:5b:30:c6:23:75:db:a1:c5:6f:e7:7d:14:fc:da:3f:f4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=94ce961ec0382df588f62a70c953860b37a55632dacce002a9da10dbad05fd42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:b3:a7:ff:88:aa:3c:57:34:62:4f:b1:35:ab:
23:e9:3d:06:8d:ca:d1:6d:05:4d:6c:71:b6:73:66:
9d:cb:bd:fd:a6:68:31:3c:54:31:75:ed:cf:17:cc:
d6:43:48:88:43:5b:ce:7c:6f:1a:bc:e1:0f:ac:0c:
a7:a9:90:33:68:c7:74:14:74:7a:9e:05:b8:0d:9e:
20:86:d1:18:50:21:62:37:27:f0:30:f2:1c:80:4b:
47:80:d7:8a:85:af:39:b9:74:58:6b:ae:d0:a4:03:
8c:2e:fa:5d:5f:d2:b0:90:58:ba:cf:7e:03:1b:0c:
af:ce:d0:91:7b:1b:78:48:ea:4c:19:3e:51:6c:65:
2a:8a:4c:c5:62:64:3c:45:09:b0:19:4e:47:3b:74:
64:33:05:5f:c2:59:c4:5c:ac:b1:d7:c2:e4:82:1a:
e5:ff:a0:5e:5a:2f:ad:1e:2e:0e:be:35:24:53:da:
52:9f:50:77:8a:c1:fd:8a:67:63:1a:11:27:4d:69:
f0:f2:1a:5a:18:85:fa:38:2e:fb:22:1d:bf:c3:65:
96:a6:b2:30:ee:6f:af:3c:f4:31:dc:d9:51:3c:5f:
ab:2e:36:08:0e:6e:6a:6f:9c:2a:6d:b3:01:64:9a:
8d:dd:2a:7a:65:2f:e2:a8:51:b8:c8:ae:30:40:2e:
8b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:84:6B:FA:0B:57:52:C2:45:AB:13:77:68:23:EE:39:77:C8:D6:AC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f53e144-6602-423c-9146-4441340a43ed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:8840::/46
Signature Algorithm: sha256WithRSAEncryption
b2:c5:9c:d5:c4:a1:6c:dd:f5:9a:59:87:de:81:6f:64:83:51:
21:66:eb:66:58:66:93:81:71:4e:f3:f9:14:41:a5:65:c7:84:
df:df:8e:7e:cb:f5:44:59:0b:e5:73:98:04:b2:c9:4e:ad:ed:
76:34:49:4b:15:6b:19:3f:eb:aa:5c:33:a0:84:80:9b:6d:b0:
f9:38:fa:63:7d:18:ba:fd:bd:23:af:62:87:a2:10:bc:32:e1:
7f:d0:93:f5:8c:32:4d:eb:f0:51:d0:03:6b:ff:33:6b:6a:b9:
7c:f9:77:16:94:18:73:02:4e:25:c6:93:5c:0e:7a:2b:f0:0e:
49:5b:49:57:3b:94:62:3f:6a:c3:57:fd:4e:3c:25:f0:92:3e:
98:27:6b:d7:15:eb:7e:6e:93:cf:17:6f:da:77:0e:cf:43:87:
75:56:ca:05:31:7f:d5:ad:eb:4d:69:07:9f:2b:c9:22:e4:4f:
24:c2:a0:29:8d:ac:0e:a3:a6:03:a0:46:b5:a9:9c:32:d8:5c:
3f:64:f8:61:b6:f6:73:a8:b9:f8:39:f8:e7:a7:b9:b3:58:8e:
1c:36:cd:fa:30:c7:0b:de:7d:e1:96:94:9b:20:ae:40:7d:c4:
5a:65:60:cf:54:49:55:03:70:98:53:6c:66:9e:4d:a4:cb:f9:
b8:5b:84:5e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUSQkKWzDGI3XbocVv530U/No/9K4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOTRjZTk2MWVjMDM4MmRmNTg4ZjYy
YTcwYzk1Mzg2MGIzN2E1NTYzMmRhY2NlMDAyYTlkYTEwZGJhZDA1ZmQ0MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9bOn/4iqPFc0Yk+xNasj6T0GjcrR
bQVNbHG2c2ady739pmgxPFQxde3PF8zWQ0iIQ1vOfG8avOEPrAynqZAzaMd0FHR6
ngW4DZ4ghtEYUCFiNyfwMPIcgEtHgNeKha85uXRYa67QpAOMLvpdX9KwkFi6z34D
GwyvztCRext4SOpMGT5RbGUqikzFYmQ8RQmwGU5HO3RkMwVfwlnEXKyx18Lkghrl
/6BeWi+tHi4OvjUkU9pSn1B3isH9imdjGhEnTWnw8hpaGIX6OC77Ih2/w2WWprIw
7m+vPPQx3NlRPF+rLjYIDm5qb5wqbbMBZJqN3Sp6ZS/iqFG4yK4wQC6LzQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNaEa/oLV1LCRasTd2gj7jl3yNasMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlmNTNlMTQ0LTY2MDItNDIzYy05MTQ2LTQ0NDEzNDBhNDNlZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaYhAMA0GCSqGSIb3DQEBCwUAA4IBAQCyxZzVxKFs3fWaWYfe
gW9kg1EhZutmWGaTgXFO8/kUQaVlx4Tf345+y/VEWQvlc5gEsslOre12NElLFWsZ
P+uqXDOghICbbbD5OPpjfRi6/b0jr2KHohC8MuF/0JP1jDJN6/BR0ANr/zNrarl8
+XcWlBhzAk4lxpNcDnor8A5JW0lXO5RiP2rDV/1OPCXwkj6YJ2vXFet+bpPPF2/a
dw7PQ4d1VsoFMX/VretNaQefK8ki5E8kwqApjawOo6YDoEa1qZwy2Fw/ZPhhtvZz
qLn4Ofjnp7mzWI4cNs36MMcL3n3hlpSbIK5AfcRaZWDPVElVA3CYU2xmnk2ky/m4
W4Re
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:29:10 2025 by rpki-client