Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa
File: a91b902a-3780-4e0a-8062-46df71087b57.roa (raw, json)
Hash identifier: pWFWzyC7yPgKRq5BWptt4c2k84WUYkBJ1tP9isV8jbY=
Subject key identifier: 07:E0:F8:45:1C:CC:87:11:DF:9D:D5:84:17:C3:29:6B:E9:66:D7:73
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 221720E35957108C7893376733389EFAC08D589B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:17:20:e3:59:57:10:8c:78:93:37:67:33:38:9e:fa:c0:8d:58:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d071090968abe8e29824c94b1d9c233fe1e84b826ae9ef94aad0129622552200, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:54:eb:18:f8:f0:fa:0d:e6:f0:1c:6c:41:7c:
11:59:4c:a0:56:79:f8:8b:fe:13:92:20:88:2c:6e:
2e:e4:7d:26:f2:a9:c0:b2:88:8a:ab:71:20:cf:00:
2f:0a:94:fc:d7:5e:77:b8:6f:99:82:06:da:fd:7e:
7b:ea:b7:5c:a8:34:aa:9d:e7:41:bb:71:c4:7d:c0:
9e:e2:2c:c9:df:26:80:9c:14:2b:05:f6:41:15:49:
e1:07:ca:f1:b4:eb:15:d1:c7:ca:58:40:42:b9:ae:
94:82:65:8f:28:13:9b:73:e3:0e:8e:cd:7f:16:d0:
47:e9:44:dd:f6:87:64:38:78:cb:d6:cf:88:a9:e7:
6b:e5:7f:8f:6f:3e:a4:bb:e1:e2:a7:01:5e:aa:1a:
d9:47:f9:90:cf:3e:21:e8:31:5c:70:5a:fb:21:0c:
ad:f9:3b:e4:47:cc:44:36:2e:52:0e:4c:67:1e:d2:
32:1f:9c:68:bf:55:d9:c0:33:34:d0:cc:39:15:58:
47:86:d3:8f:a0:86:ba:a2:a4:27:9d:4c:63:3a:27:
41:86:fe:d2:c3:db:a4:61:3c:6a:b9:3a:5f:48:2a:
82:bd:33:dd:9f:e0:b4:8b:ea:0f:eb:75:01:f4:c8:
8d:d7:5c:03:f1:2a:17:13:34:d2:38:f6:74:8b:d3:
3a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E0:F8:45:1C:CC:87:11:DF:9D:D5:84:17:C3:29:6B:E9:66:D7:73
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:b000::/40
Signature Algorithm: sha256WithRSAEncryption
12:41:0d:12:9a:09:d9:cd:69:34:02:d9:52:e5:69:d9:4a:7f:
6e:75:fe:d0:90:1c:a1:85:d7:21:54:68:45:1d:2f:85:0e:25:
92:26:4d:6d:ab:af:c5:4f:73:e1:a1:94:ee:db:67:9f:2b:74:
9e:57:89:3f:d8:95:f7:72:f3:57:6d:60:b9:21:f1:3c:32:11:
ef:39:53:cf:e2:43:0c:5d:81:b9:7c:4b:06:e4:02:d5:19:9b:
e0:e1:63:ff:e6:90:1f:50:37:83:b5:8d:8d:09:02:ed:56:ed:
d0:d7:72:0b:49:0a:62:08:5d:87:9e:d2:38:eb:ad:1a:87:25:
96:99:2c:b3:4a:3b:53:85:d0:5b:bc:6a:3e:74:47:c5:d9:76:
c4:01:c5:0c:5a:3e:6a:bb:00:98:32:f5:76:83:cb:71:5a:8c:
20:24:ab:c0:e0:55:ed:00:c7:ac:bf:6e:44:eb:17:36:9f:59:
22:b5:b1:95:a1:60:10:3d:4c:96:e4:77:b1:f0:74:65:04:fd:
7d:84:d3:93:37:cd:d0:fc:d7:d3:ed:6f:01:3b:74:1b:1c:b3:
80:6b:bf:4c:06:33:d7:10:9c:81:af:a1:1f:82:e6:47:8a:f5:
28:0b:42:98:06:2a:ae:e9:b3:b8:57:ea:8f:14:1d:f2:70:05:
f1:97:33:46
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUIhcg41lXEIx4kzdnMzie+sCNWJswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZDA3MTA5MDk2OGFiZThlMjk4MjRj
OTRiMWQ5YzIzM2ZlMWU4NGI4MjZhZTllZjk0YWFkMDEyOTYyMjU1MjIwMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVTrGPjw+g3m8BxsQXwRWUygVnn4
i/4TkiCILG4u5H0m8qnAsoiKq3EgzwAvCpT81153uG+Zggba/X576rdcqDSqnedB
u3HEfcCe4izJ3yaAnBQrBfZBFUnhB8rxtOsV0cfKWEBCua6UgmWPKBObc+MOjs1/
FtBH6UTd9odkOHjL1s+Iqedr5X+Pbz6ku+HipwFeqhrZR/mQzz4h6DFccFr7IQyt
+TvkR8xENi5SDkxnHtIyH5xov1XZwDM00Mw5FVhHhtOPoIa6oqQnnUxjOidBhv7S
w9ukYTxquTpfSCqCvTPdn+C0i+oP63UB9MiN11wD8SoXEzTSOPZ0i9M6FwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAfg+EUczIcR353VhBfDKWvpZtdzMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E5MWI5MDJhLTM3ODAtNGUwYS04MDYyLTQ2ZGY3MTA4N2I1Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/7AwDQYJKoZIhvcNAQELBQADggEBABJBDRKaCdnNaTQC2VLl
adlKf251/tCQHKGF1yFUaEUdL4UOJZImTW2rr8VPc+GhlO7bZ58rdJ5XiT/Ylfdy
81dtYLkh8TwyEe85U8/iQwxdgbl8SwbkAtUZm+DhY//mkB9QN4O1jY0JAu1W7dDX
cgtJCmIIXYee0jjrrRqHJZaZLLNKO1OF0Fu8aj50R8XZdsQBxQxaPmq7AJgy9XaD
y3FajCAkq8DgVe0Ax6y/bkTrFzafWSK1sZWhYBA9TJbkd7HwdGUE/X2E05M3zdD8
19PtbwE7dBscs4Brv0wGM9cQnIGvoR+C5keK9SgLQpgGKq7ps7hX6o8UHfJwBfGX
M0Y=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:45:27 2025 by rpki-client