Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa
File: a78bbd2b-4153-482f-a036-7e819539104c.roa (raw, json)
Hash identifier: lwaUkKO7iM6mckpLwRy/P5YIADPyftbiRrDbst3N5Zw=
Subject key identifier: 16:72:8D:C0:91:60:74:49:92:8D:17:B5:43:0B:E8:77:BB:58:A4:79
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 31558778579CC151F34045674AD364921A5AE46D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:4800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:55:87:78:57:9c:c1:51:f3:40:45:67:4a:d3:64:92:1a:5a:e4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=9e34a27d2c2a7f57f6aaa9b930641120b65a7546eebba8d4ee10a2455dec0177, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cd:85:e5:a9:83:fe:60:62:38:64:58:4a:a0:
81:a3:1c:67:92:30:28:3f:6d:05:56:9f:21:06:13:
7c:d0:91:f5:d5:11:64:17:e8:f7:2d:37:95:64:af:
f1:f7:c9:eb:cd:8b:6b:a1:89:b2:2a:3e:2b:77:22:
4c:16:d6:7f:5d:00:bb:9a:48:4b:41:12:aa:97:32:
3e:ce:eb:95:07:e4:af:f0:05:49:d4:64:2d:4c:28:
4f:86:42:31:9a:38:62:48:f9:6f:51:c0:81:0a:72:
b3:ce:2f:b5:a0:c5:d9:1b:23:05:bb:a3:c7:c8:01:
79:fb:76:e8:68:80:1a:35:3a:e7:fa:db:26:21:6f:
c2:ed:09:b1:ab:d2:40:45:18:59:72:06:5b:9b:99:
a3:49:87:e3:01:77:7f:a1:bf:ec:27:31:c9:37:8e:
52:93:77:65:7a:0e:16:5e:72:e3:95:b4:af:09:09:
ab:d6:bd:6f:de:f1:eb:d2:bd:cb:86:72:f4:94:3c:
d7:fd:af:86:75:52:ca:96:c1:6f:54:7a:63:d0:8a:
78:a7:92:b6:1b:04:ba:9b:f4:be:9f:b5:3e:5c:9a:
6f:41:8f:82:f7:80:e7:ac:33:83:34:5c:3e:14:62:
25:23:e7:a6:85:b9:0c:ff:aa:b6:dc:30:f7:92:9e:
f4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:72:8D:C0:91:60:74:49:92:8D:17:B5:43:0B:E8:77:BB:58:A4:79
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:4800::/40
Signature Algorithm: sha256WithRSAEncryption
2e:ed:3b:5b:88:d7:19:d0:36:a6:39:a0:01:fb:8f:6b:26:85:
19:15:c3:3f:ea:bd:bd:69:75:58:0b:16:23:26:b6:a2:73:91:
e2:5c:11:36:84:8d:44:49:2b:63:73:61:4a:f0:e2:88:63:c1:
ac:33:6b:28:ba:02:d8:81:b6:c8:fb:ae:df:f7:ff:80:74:2f:
ab:0c:cb:d9:a5:af:ed:42:90:fb:c5:0b:8c:6e:c4:c5:e5:0b:
2c:72:c1:4a:73:ef:1a:25:35:a8:a4:d3:56:94:a8:ee:c8:96:
c1:0f:b9:c4:72:bf:af:03:c4:f6:c3:95:a1:21:6c:dd:85:47:
b1:b4:b8:8f:1c:47:40:f3:4c:8e:4f:69:6f:5b:9b:69:c3:38:
ee:8b:54:b9:b9:df:60:ab:08:d5:79:7f:72:47:58:7d:8d:5d:
49:05:e9:e5:46:56:65:0d:2c:a8:e4:db:c2:55:fd:97:88:ae:
e5:62:0d:8b:1e:39:ed:96:45:ce:38:3d:09:a8:a8:10:ca:71:
25:ba:cf:ee:8e:c3:08:62:d4:06:0c:a9:a3:4e:92:77:5e:4f:
91:44:53:63:53:cf:35:08:4c:63:71:59:36:3c:73:0d:bc:58:
fd:8f:75:f8:55:01:b7:5f:90:04:76:66:ff:d0:a2:69:1b:9f:
1e:41:53:e6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMVWHeFecwVHzQEVnStNkkhpa5G0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOWUzNGEyN2QyYzJhN2Y1N2Y2YWFh
OWI5MzA2NDExMjBiNjVhNzU0NmVlYmJhOGQ0ZWUxMGEyNDU1ZGVjMDE3NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt82F5amD/mBiOGRYSqCBoxxnkjAo
P20FVp8hBhN80JH11RFkF+j3LTeVZK/x98nrzYtroYmyKj4rdyJMFtZ/XQC7mkhL
QRKqlzI+zuuVB+Sv8AVJ1GQtTChPhkIxmjhiSPlvUcCBCnKzzi+1oMXZGyMFu6PH
yAF5+3boaIAaNTrn+tsmIW/C7Qmxq9JARRhZcgZbm5mjSYfjAXd/ob/sJzHJN45S
k3dleg4WXnLjlbSvCQmr1r1v3vHr0r3LhnL0lDzX/a+GdVLKlsFvVHpj0Ip4p5K2
GwS6m/S+n7U+XJpvQY+C94DnrDODNFw+FGIlI+emhbkM/6q23DD3kp708wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBZyjcCRYHRJko0XtUML6He7WKR5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E3OGJiZDJiLTQxNTMtNDgyZi1hMDM2LTdlODE5NTM5MTA0Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8kgwDQYJKoZIhvcNAQELBQADggEBAC7tO1uI1xnQNqY5oAH7
j2smhRkVwz/qvb1pdVgLFiMmtqJzkeJcETaEjURJK2NzYUrw4ohjwawzayi6AtiB
tsj7rt/3/4B0L6sMy9mlr+1CkPvFC4xuxMXlCyxywUpz7xolNaik01aUqO7IlsEP
ucRyv68DxPbDlaEhbN2FR7G0uI8cR0DzTI5PaW9bm2nDOO6LVLm532CrCNV5f3JH
WH2NXUkF6eVGVmUNLKjk28JV/ZeIruViDYseOe2WRc44PQmoqBDKcSW6z+6Owwhi
1AYMqaNOkndeT5FEU2NTzzUITGNxWTY8cw28WP2PdfhVAbdfkAR2Zv/Qomkbnx5B
U+Y=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:44 2025 by rpki-client