Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3cc8748-96a9-452c-8dd1-2c8700ec038b.roa
File: a3cc8748-96a9-452c-8dd1-2c8700ec038b.roa (raw, json)
Hash identifier: 2wx+txzEhONSfwP3WRBQpcxuTyNZoPcnSkIq0cW4xAU=
Subject key identifier: D3:4C:FB:20:25:21:62:8A:4A:A5:2B:94:DE:25:AE:BF:CB:77:87:10
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 590109F2CE821629EEA969F1B6A4B835FBDDB7AE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3cc8748-96a9-452c-8dd1-2c8700ec038b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:4080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:01:09:f2:ce:82:16:29:ee:a9:69:f1:b6:a4:b8:35:fb:dd:b7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e8550903b542890f1e632eefd6ec6525f6d3e01fc00592858f6e56485d7b4efb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:59:10:7b:c7:75:b0:f6:af:dd:7b:87:80:bc:
50:6e:ba:91:18:14:86:29:b7:90:2a:76:05:ba:6d:
7b:6a:55:17:35:0d:c4:ae:cf:b8:53:67:43:5a:43:
92:25:24:a0:b6:df:90:f1:c2:cd:c1:eb:55:8d:3c:
ae:43:9e:20:1e:ba:2d:39:5c:ad:a5:a2:8d:fc:df:
69:4a:b9:9d:c5:38:59:e1:b3:96:42:7b:b1:88:39:
98:15:2e:15:c5:1a:1b:23:c1:be:03:84:b4:50:af:
5f:3e:ff:71:b0:68:25:7c:99:64:bb:6a:f4:28:4a:
b5:8b:39:9f:a4:83:af:29:d5:c6:e6:61:70:15:ed:
a6:ba:39:b4:c7:14:63:2e:20:26:b5:86:29:aa:03:
e0:3c:b4:d0:33:3b:39:57:73:06:81:1d:53:2d:d2:
3e:3f:f7:4e:36:b2:ba:6c:bb:07:55:f4:cb:11:23:
bc:fa:25:60:fe:50:35:50:f9:85:e9:31:ae:2b:c5:
fd:28:da:9a:ab:de:87:58:a7:55:24:f9:a5:36:aa:
ad:d1:b6:c7:23:3b:68:19:fa:66:64:1e:1f:1a:2e:
70:83:e1:35:20:f8:4e:3e:69:21:05:93:d7:16:76:
94:5f:3e:2f:76:a1:d6:6b:fd:5d:80:5d:23:88:f3:
68:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:4C:FB:20:25:21:62:8A:4A:A5:2B:94:DE:25:AE:BF:CB:77:87:10
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3cc8748-96a9-452c-8dd1-2c8700ec038b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:4080::/48
Signature Algorithm: sha256WithRSAEncryption
6c:4a:8b:50:d1:76:2a:b7:da:52:f9:5e:98:6e:94:7c:57:82:
b5:ee:27:37:69:34:e0:09:6b:a9:83:90:0d:41:1f:b5:64:c7:
a1:93:cf:23:d7:a8:ea:bd:b7:31:da:f9:1d:21:28:cd:3b:a2:
7b:3c:96:5e:9f:c4:7a:03:1f:af:5b:64:74:2f:9d:06:15:7d:
a1:47:51:90:76:66:d5:64:b0:d2:3e:52:da:44:44:97:e3:f7:
ea:e9:75:4e:fc:db:40:39:23:4d:ae:62:ca:cd:a4:28:17:75:
a8:6d:18:0e:92:a6:9f:b7:22:71:56:58:09:8d:e4:8e:a2:6d:
80:6f:76:37:d9:e6:0f:2e:1f:e1:f7:1e:ef:44:ff:de:48:f7:
fc:0a:4f:9a:7c:6d:1a:a2:58:33:7e:eb:01:92:c4:03:9b:1c:
41:f3:cd:f0:b2:19:d9:8f:e9:55:e1:16:08:8c:92:0b:4c:33:
b9:7b:a8:fc:52:05:92:fe:29:83:48:69:49:7c:fa:3d:59:d1:
9a:43:47:11:48:42:00:a7:d3:3b:db:57:3c:4f:14:d5:48:eb:
1c:da:d7:f4:cc:25:58:34:0a:1c:5d:74:01:17:28:94:05:a7:
89:8c:7b:1d:19:39:5c:3c:ad:a4:9e:62:80:1f:a4:51:a1:78:
19:10:34:8a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWQEJ8s6CFinuqWnxtqS4Nfvdt64wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZTg1NTA5MDNiNTQyODkwZjFlNjMy
ZWVmZDZlYzY1MjVmNmQzZTAxZmMwMDU5Mjg1OGY2ZTU2NDg1ZDdiNGVmYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVkQe8d1sPav3XuHgLxQbrqRGBSG
KbeQKnYFum17alUXNQ3Ers+4U2dDWkOSJSSgtt+Q8cLNwetVjTyuQ54gHrotOVyt
paKN/N9pSrmdxThZ4bOWQnuxiDmYFS4VxRobI8G+A4S0UK9fPv9xsGglfJlku2r0
KEq1izmfpIOvKdXG5mFwFe2mujm0xxRjLiAmtYYpqgPgPLTQMzs5V3MGgR1TLdI+
P/dONrK6bLsHVfTLESO8+iVg/lA1UPmF6TGuK8X9KNqaq96HWKdVJPmlNqqt0bbH
IztoGfpmZB4fGi5wg+E1IPhOPmkhBZPXFnaUXz4vdqHWa/1dgF0jiPNonQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNNM+yAlIWKKSqUrlN4lrr/Ld4cQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EzY2M4NzQ4LTk2YTktNDUyYy04ZGQxLTJjODcwMGVjMDM4Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYUCAMA0GCSqGSIb3DQEBCwUAA4IBAQBsSotQ0XYqt9pS+V6Y
bpR8V4K17ic3aTTgCWupg5ANQR+1ZMehk88j16jqvbcx2vkdISjNO6J7PJZen8R6
Ax+vW2R0L50GFX2hR1GQdmbVZLDSPlLaRESX4/fq6XVO/NtAOSNNrmLKzaQoF3Wo
bRgOkqaftyJxVlgJjeSOom2Ab3Y32eYPLh/h9x7vRP/eSPf8Ck+afG0aolgzfusB
ksQDmxxB883wshnZj+lV4RYIjJILTDO5e6j8UgWS/imDSGlJfPo9WdGaQ0cRSEIA
p9M721c8TxTVSOsc2tf0zCVYNAocXXQBFyiUBaeJjHsdGTlcPK2knmKAH6RRoXgZ
EDSK
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:13 2025 by rpki-client