Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa
File: a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa (raw, json)
Hash identifier: 6onQL2HcHQIltVnHPYjcJ1XO8nscdMP9XvZ2Iox9t5A=
Subject key identifier: C8:EB:76:17:D3:B6:89:96:F6:BF:D2:14:4B:95:13:88:E0:F5:9E:EB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 47AD6874599CC1C98E5800DF0DA43E7B21615010
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:4010::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ad:68:74:59:9c:c1:c9:8e:58:00:df:0d:a4:3e:7b:21:61:50:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a789ba1ea5a2118e4fd4031b0b2a11a9f35ff62e7ee6f8ac5570b4af72288778, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bb:9f:c7:99:76:25:ee:dc:8a:d6:3b:b7:5e:
5f:f3:cd:d9:8c:b5:92:86:65:6a:af:ec:73:3b:f1:
0d:2b:84:6b:ad:e2:be:d7:84:f5:f0:04:ea:8b:13:
1a:fe:9b:03:ef:52:82:68:60:a7:ac:91:0f:11:c4:
05:f1:21:aa:9e:4b:3f:7c:eb:c9:d1:0a:d3:0f:e2:
2b:07:6c:90:01:94:23:52:95:8e:db:78:84:47:8b:
5a:ce:74:d7:85:88:6c:1d:72:bc:73:d4:04:55:53:
0f:a2:6b:37:e4:78:e0:80:b6:8e:d4:bc:03:d4:14:
34:3f:54:8a:67:99:48:e0:e9:eb:e1:2a:3d:c2:d8:
c1:2f:ec:92:be:ad:60:36:79:dc:00:f6:77:c3:9e:
39:dd:24:83:9a:7b:3c:73:a4:ba:90:c9:36:69:d5:
2c:56:ef:b6:21:cb:db:d6:0c:7f:84:d6:55:f6:a5:
22:01:d3:88:d1:25:51:25:f0:25:99:7c:22:d6:5e:
da:0d:a4:d1:b6:5d:d6:39:70:b6:21:30:b8:20:df:
04:62:1b:2d:01:ed:26:16:ce:70:f0:de:b3:c0:fe:
a3:6c:d9:44:b9:41:90:a3:4d:64:a9:34:e6:57:48:
b8:02:ea:0f:39:d0:4d:ce:fa:05:ec:4d:f9:88:09:
fa:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EB:76:17:D3:B6:89:96:F6:BF:D2:14:4B:95:13:88:E0:F5:9E:EB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:4010::/48
Signature Algorithm: sha256WithRSAEncryption
4f:f4:c2:e2:b6:34:4f:28:4c:99:5e:8b:e7:7c:88:ac:e9:88:
bb:62:79:0a:55:e2:6d:f3:64:0f:0c:cb:b6:8a:12:28:25:60:
a8:f0:b2:3a:db:10:b7:32:fe:37:77:20:db:be:1c:82:85:13:
a1:a1:d6:84:f8:b0:d3:48:47:6d:78:0c:27:d4:9c:9e:37:83:
50:5e:ed:b6:3d:72:07:7b:ff:84:ff:34:6f:c1:d7:d5:87:fc:
e3:2d:33:e8:bb:bf:8b:de:90:c9:b0:bd:76:77:98:ad:78:94:
f7:d2:4c:d3:90:04:40:f7:ed:7a:fa:9a:66:77:b6:2b:48:15:
1a:85:99:ca:e7:c8:61:5c:26:35:d0:69:1f:bd:1b:17:f5:0a:
df:b4:4b:3d:d5:cb:2e:21:d4:c8:ca:6d:8f:ca:93:35:d6:f3:
d7:29:86:41:5b:dc:64:a1:03:98:95:41:cf:4b:4c:07:5b:50:
0c:3f:3f:48:59:cd:4c:d4:46:36:8d:3f:e7:a4:30:79:bf:bd:
70:a1:f1:fc:d0:c9:dc:f3:4d:a9:af:ff:4a:9c:95:39:bb:3c:
c9:ff:78:32:87:5e:e5:1a:37:ec:93:16:37:11:26:88:d4:65:
17:9f:6f:ed:41:90:d3:87:c8:53:14:a6:6c:ff:98:bd:99:0c:
42:b0:6f:23
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUR61odFmcwcmOWADfDaQ+eyFhUBAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTc4OWJhMWVhNWEyMTE4ZTRmZDQw
MzFiMGIyYTExYTlmMzVmZjYyZTdlZTZmOGFjNTU3MGI0YWY3MjI4ODc3ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrufx5l2Je7citY7t15f883ZjLWS
hmVqr+xzO/ENK4RrreK+14T18ATqixMa/psD71KCaGCnrJEPEcQF8SGqnks/fOvJ
0QrTD+IrB2yQAZQjUpWO23iER4taznTXhYhsHXK8c9QEVVMPoms35HjggLaO1LwD
1BQ0P1SKZ5lI4Onr4So9wtjBL+ySvq1gNnncAPZ3w5453SSDmns8c6S6kMk2adUs
Vu+2Icvb1gx/hNZV9qUiAdOI0SVRJfAlmXwi1l7aDaTRtl3WOXC2ITC4IN8EYhst
Ae0mFs5w8N6zwP6jbNlEuUGQo01kqTTmV0i4AuoPOdBNzvoF7E35iAn6CQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMjrdhfTtomW9r/SFEuVE4jg9Z7rMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EyZTBmOWZmLTViOGItNGI1OS04YmRlLTlmODYxN2NhZGMwNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAEAQMA0GCSqGSIb3DQEBCwUAA4IBAQBP9MLitjRPKEyZXovn
fIis6Yi7YnkKVeJt82QPDMu2ihIoJWCo8LI62xC3Mv43dyDbvhyChROhodaE+LDT
SEdteAwn1JyeN4NQXu22PXIHe/+E/zRvwdfVh/zjLTPou7+L3pDJsL12d5iteJT3
0kzTkARA9+16+ppmd7YrSBUahZnK58hhXCY10GkfvRsX9QrftEs91csuIdTIym2P
ypM11vPXKYZBW9xkoQOYlUHPS0wHW1AMPz9IWc1M1EY2jT/npDB5v71wofH80Mnc
802pr/9KnJU5uzzJ/3gyh17lGjfskxY3ESaI1GUXn2/tQZDTh8hTFKZs/5i9mQxC
sG8j
-----END CERTIFICATE-----
Generated at Sat May 3 23:57:37 2025 by rpki-client