Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f7f81d5-9939-43d6-b333-dd2d090500da.roa
File: 9f7f81d5-9939-43d6-b333-dd2d090500da.roa (raw, json)
Hash identifier: 9x02BV9H+LB16QwcIzItyv2rEPqtdLVR4ZyWIisH0rY=
Subject key identifier: D6:BD:A0:8A:58:7F:6F:B7:70:FC:A2:E5:74:79:C4:EF:30:6E:C1:91
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2B0EB7C875D499AB62F6C9AC4E521A685F99A554
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f7f81d5-9939-43d6-b333-dd2d090500da.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:8800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:0e:b7:c8:75:d4:99:ab:62:f6:c9:ac:4e:52:1a:68:5f:99:a5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a65f3335a96fb64413dcfbcf130e5337daa88e3bf0ace2e81130d8f81e95bc15, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:26:83:1e:8b:e3:30:01:be:eb:7f:e4:0b:
2a:d5:7e:46:c4:8f:e5:84:cb:9f:83:c6:7a:6b:08:
d5:9c:75:fe:c4:9a:c3:d2:15:68:87:62:dd:0c:10:
de:05:06:91:f4:36:1d:3e:6f:6a:fa:23:de:7d:65:
4f:9a:40:5f:84:a0:ae:91:4d:c5:97:97:63:83:52:
77:83:01:0f:4d:74:d1:bd:84:b9:b4:74:04:14:50:
7f:1f:cf:10:c9:53:47:b1:5a:c9:19:fa:7c:51:00:
e7:de:07:a4:60:77:d9:3c:59:22:19:c4:95:f0:b0:
ac:80:2b:93:dc:2d:2d:24:b4:f9:1b:4d:e1:bd:24:
da:43:3a:86:f0:40:a9:4c:c6:10:2b:7b:7a:fc:5d:
6f:6a:e9:16:1f:2a:da:77:15:b5:a5:6a:1f:c1:ad:
bb:6f:3e:7f:bd:ec:2c:8c:9b:2b:d9:c0:8a:d8:73:
de:4f:9f:21:be:74:ef:72:20:af:3a:e2:e3:26:94:
6b:e7:9f:26:70:d6:c7:d1:af:d0:6c:3d:bb:21:e1:
82:df:7b:1f:54:e9:1f:82:20:cb:40:a6:64:ac:97:
c1:c8:89:7d:33:21:79:ca:35:c2:c7:f8:4c:57:f9:
4c:c5:98:d4:6d:e1:c3:8f:7e:a2:d3:2b:b1:64:32:
96:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BD:A0:8A:58:7F:6F:B7:70:FC:A2:E5:74:79:C4:EF:30:6E:C1:91
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f7f81d5-9939-43d6-b333-dd2d090500da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:8800::/40
Signature Algorithm: sha256WithRSAEncryption
2e:1f:58:0a:5a:f0:78:2b:81:11:6b:2b:b4:f3:0e:df:04:6f:
73:31:9f:1c:74:54:75:74:4b:81:62:6f:19:d9:fe:45:8b:ea:
b6:61:e4:43:0e:b5:2f:80:a5:a0:58:57:8a:13:77:6e:15:2b:
b5:fc:d9:41:48:fb:4c:19:0e:e3:ef:84:4f:05:a6:74:a6:76:
33:cb:0e:ac:e3:95:d4:22:41:b8:db:03:56:f8:a8:9e:a4:ff:
8d:ad:32:7f:3b:f3:93:a2:f8:13:0f:cb:65:01:d5:f6:ab:24:
cd:ea:82:49:95:ef:0c:f2:e1:7e:64:53:b9:5a:43:7b:63:33:
61:e4:fa:e6:4c:52:4b:d0:39:1c:3d:d0:57:32:06:27:e7:d3:
66:1d:49:32:60:51:fa:26:f7:08:75:63:31:1f:e8:52:d0:0b:
cd:95:fa:30:7a:c1:4d:94:0d:83:3e:82:e2:17:da:43:52:08:
fd:46:87:64:5d:15:48:b1:3b:e8:6f:a7:bf:d4:de:84:76:c1:
73:50:df:bd:6d:e6:36:fc:a3:fd:47:15:7d:87:81:28:d8:ee:
2e:20:e4:ef:ed:56:bd:3c:98:63:a9:e6:b6:35:19:52:c5:4d:
63:28:68:56:06:85:aa:53:66:c2:37:5d:2d:c6:d5:bb:43:2b:
24:f0:16:b8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKw63yHXUmati9smsTlIaaF+ZpVQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTY1ZjMzMzVhOTZmYjY0NDEzZGNm
YmNmMTMwZTUzMzdkYWE4OGUzYmYwYWNlMmU4MTEzMGQ4ZjgxZTk1YmMxNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc8mgx6L4zABvut/5Asq1X5GxI/l
hMufg8Z6awjVnHX+xJrD0hVoh2LdDBDeBQaR9DYdPm9q+iPefWVPmkBfhKCukU3F
l5djg1J3gwEPTXTRvYS5tHQEFFB/H88QyVNHsVrJGfp8UQDn3gekYHfZPFkiGcSV
8LCsgCuT3C0tJLT5G03hvSTaQzqG8ECpTMYQK3t6/F1vaukWHyradxW1pWofwa27
bz5/vewsjJsr2cCK2HPeT58hvnTvciCvOuLjJpRr558mcNbH0a/QbD27IeGC33sf
VOkfgiDLQKZkrJfByIl9MyF5yjXCx/hMV/lMxZjUbeHDj36i0yuxZDKWuQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNa9oIpYf2+3cPyi5XR5xO8wbsGRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlmN2Y4MWQ1LTk5MzktNDNkNi1iMzMzLWRkMmQwOTA1MDBkYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacIgwDQYJKoZIhvcNAQELBQADggEBAC4fWApa8HgrgRFrK7Tz
Dt8Eb3Mxnxx0VHV0S4FibxnZ/kWL6rZh5EMOtS+ApaBYV4oTd24VK7X82UFI+0wZ
DuPvhE8FpnSmdjPLDqzjldQiQbjbA1b4qJ6k/42tMn8785Oi+BMPy2UB1farJM3q
gkmV7wzy4X5kU7laQ3tjM2Hk+uZMUkvQORw90FcyBifn02YdSTJgUfom9wh1YzEf
6FLQC82V+jB6wU2UDYM+guIX2kNSCP1Gh2RdFUixO+hvp7/U3oR2wXNQ371t5jb8
o/1HFX2HgSjY7i4g5O/tVr08mGOp5rY1GVLFTWMoaFYGhapTZsI3XS3G1btDKyTw
Frg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:16:45 2025 by rpki-client