Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d169e7-ca97-4c4c-ae07-24f80d2cb31a.roa
File: a9d169e7-ca97-4c4c-ae07-24f80d2cb31a.roa (raw, json)
Hash identifier: tJ82H/I364KfkVJ7NJ0gdJ2UgWDWSGhu0zMhr0Lj6oc=
Subject key identifier: A9:16:1B:79:87:F8:59:7B:88:73:A3:45:2C:E8:5F:95:DE:65:3F:0B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4E76B74D58665590976B86D777D715185FD2E9E3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d169e7-ca97-4c4c-ae07-24f80d2cb31a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:48c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:76:b7:4d:58:66:55:90:97:6b:86:d7:77:d7:15:18:5f:d2:e9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=50561370aa20482e1a2dc38bd320f15388b1467ffd24b398421421696862c970, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:1b:d6:ea:29:21:da:01:70:6c:20:a7:36:
30:d0:59:dc:c2:70:98:c4:6b:8a:4a:bb:50:46:08:
63:ff:98:c0:f9:20:7b:91:fd:d0:1b:e3:f6:cf:0c:
1d:43:e0:ed:68:6c:26:46:54:fd:f2:6e:68:00:57:
37:15:18:7c:92:22:15:e2:57:d8:40:a0:2c:03:10:
2d:c8:17:93:b9:c6:64:fb:50:44:be:db:1c:82:20:
60:73:eb:bd:b5:80:aa:c7:b6:0b:2d:83:1b:9c:64:
e8:f5:d7:3d:43:97:d8:23:4a:b0:a9:2f:fe:c8:4e:
31:c7:76:ce:34:39:69:cd:5b:cb:e0:3c:45:46:af:
12:0a:c3:02:5c:ce:81:f1:49:07:e9:69:50:03:6a:
63:2b:32:63:b7:bd:80:ed:62:e0:43:9f:11:a7:51:
c0:0d:3f:81:15:cb:d6:3e:fe:2c:ec:91:35:ab:ff:
85:30:61:e3:5e:04:e1:05:0b:c6:a8:85:2d:31:ab:
a1:0b:85:87:e0:00:99:a7:52:f2:bb:ae:be:64:ee:
fe:a5:96:91:e2:be:a6:ab:60:59:4d:7c:92:c7:91:
bd:ad:1d:18:21:47:f9:3e:7f:3b:a3:de:36:0f:c2:
6a:03:cc:21:a8:03:60:b6:34:9e:b8:b6:56:00:4d:
47:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:16:1B:79:87:F8:59:7B:88:73:A3:45:2C:E8:5F:95:DE:65:3F:0B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d169e7-ca97-4c4c-ae07-24f80d2cb31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:48c0::/48
Signature Algorithm: sha256WithRSAEncryption
44:fa:b2:b3:77:f1:c0:dc:a4:9a:3d:f9:3f:55:32:c1:58:0d:
a4:18:09:38:29:09:83:75:75:aa:10:cf:76:ab:b7:66:6d:31:
f7:fd:b8:f9:1c:88:1b:5c:ee:59:8f:f2:91:b1:3c:c6:e6:f8:
1f:14:98:58:36:e1:a0:63:66:84:ca:5b:9a:22:f9:84:54:aa:
ff:7b:f8:82:84:e1:d4:51:a3:d5:d5:e0:4c:cf:67:f0:ff:d5:
77:d4:ff:15:da:bb:4e:29:c7:87:ea:98:9a:58:22:31:bb:a0:
75:e8:f9:6a:f1:7c:fe:92:d4:95:f2:89:11:a3:f8:87:01:c5:
6c:cc:61:59:e9:f1:2c:d9:26:6d:9e:38:01:7d:31:04:58:8b:
ab:af:aa:e2:5a:43:9a:6c:9f:e0:08:86:24:3b:bc:24:4f:1e:
ee:d6:0d:66:8e:75:ff:41:9c:d2:58:e5:9d:3a:d3:7d:2e:69:
d0:b2:2c:35:34:bf:56:25:75:24:54:df:27:58:04:88:0b:0b:
d5:aa:24:8a:08:cf:fe:81:2e:cc:cd:fe:79:49:a3:af:8b:82:
d3:e9:2f:b6:f1:95:cf:b4:44:6e:1b:3e:7a:7e:06:ee:f8:5f:
e1:f0:f0:a0:b9:e3:33:7d:5a:a4:10:f8:fb:12:18:9f:0a:a8:
ef:e4:a9:3f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUTna3TVhmVZCXa4bXd9cVGF/S6eMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANTA1NjEzNzBhYTIwNDgyZTFhMmRj
MzhiZDMyMGYxNTM4OGIxNDY3ZmZkMjRiMzk4NDIxNDIxNjk2ODYyYzk3MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshwb1uopIdoBcGwgpzYw0FncwnCY
xGuKSrtQRghj/5jA+SB7kf3QG+P2zwwdQ+DtaGwmRlT98m5oAFc3FRh8kiIV4lfY
QKAsAxAtyBeTucZk+1BEvtscgiBgc+u9tYCqx7YLLYMbnGTo9dc9Q5fYI0qwqS/+
yE4xx3bONDlpzVvL4DxFRq8SCsMCXM6B8UkH6WlQA2pjKzJjt72A7WLgQ58Rp1HA
DT+BFcvWPv4s7JE1q/+FMGHjXgThBQvGqIUtMauhC4WH4ACZp1Lyu66+ZO7+pZaR
4r6mq2BZTXySx5G9rR0YIUf5Pn87o942D8JqA8whqANgtjSeuLZWAE1HBQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKkWG3mH+Fl7iHOjRSzoX5XeZT8LMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E5ZDE2OWU3LWNhOTctNGM0Yy1hZTA3LTI0ZjgwZDJjYjMxYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9EjAMA0GCSqGSIb3DQEBCwUAA4IBAQBE+rKzd/HA3KSaPfk/
VTLBWA2kGAk4KQmDdXWqEM92q7dmbTH3/bj5HIgbXO5Zj/KRsTzG5vgfFJhYNuGg
Y2aEyluaIvmEVKr/e/iChOHUUaPV1eBMz2fw/9V31P8V2rtOKceH6piaWCIxu6B1
6Plq8Xz+ktSV8okRo/iHAcVszGFZ6fEs2SZtnjgBfTEEWIurr6riWkOabJ/gCIYk
O7wkTx7u1g1mjnX/QZzSWOWdOtN9LmnQsiw1NL9WJXUkVN8nWASICwvVqiSKCM/+
gS7Mzf55SaOvi4LT6S+28ZXPtERuGz56fgbu+F/h8PCgueMzfVqkEPj7EhifCqjv
5Kk/
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:30:16 2025 by rpki-client