Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ad80375d-e709-447c-8867-372df16e6e62.roa
File: ad80375d-e709-447c-8867-372df16e6e62.roa (raw, json)
Hash identifier: TgIBhgt6pLeWNNUR7HyZjFxB7Pa5d5SuEpl5iSrXDYs=
Subject key identifier: 72:97:4A:A6:89:7B:55:43:E5:43:E4:4F:F5:3C:E7:65:DC:9B:11:E9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6F2C61EC5F3E0E57F3A9BA4A23267043EB1D120A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ad80375d-e709-447c-8867-372df16e6e62.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:8000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:2c:61:ec:5f:3e:0e:57:f3:a9:ba:4a:23:26:70:43:eb:1d:12:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=69dbe75d9e138b753382a3b3a312841b614436adaf2af50e27417837cfd042d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:75:9d:69:fc:d8:96:14:33:91:31:46:7c:
ea:bf:74:be:3c:96:6b:01:86:91:ef:b8:4b:c7:e0:
e3:4e:49:5f:80:05:64:21:e9:e8:97:1a:b2:fe:31:
97:9c:76:4e:55:16:a5:a6:fc:9a:48:90:5b:96:4d:
98:c7:d0:7f:2c:b6:74:ec:40:98:89:45:8f:5e:d3:
d8:7c:6b:b1:09:28:94:74:19:63:13:1c:6c:ae:d9:
92:0e:e2:5a:23:43:a2:24:54:51:de:de:21:b5:7a:
68:ea:b8:ad:37:9c:1f:00:49:7c:ae:79:e2:96:4d:
33:92:96:e8:cc:94:0b:11:da:a6:ef:d2:b1:5f:5a:
33:15:bb:df:b6:9b:3f:48:63:9f:45:43:ca:20:b4:
a2:ac:0b:68:f3:e5:83:43:1b:71:93:72:c9:8d:32:
ef:59:12:10:ab:eb:f8:a6:19:97:3a:26:c2:c7:29:
e7:66:c2:b6:78:ee:bc:4d:00:75:18:ad:82:17:c4:
58:5f:48:e7:49:be:0f:09:e3:d6:92:a1:3a:69:c6:
2a:2d:e0:b4:99:5e:cb:c1:cc:ef:1c:a0:e1:a0:40:
12:35:ef:2b:7f:ad:71:0e:68:85:57:97:1c:5a:d2:
3c:a0:bc:e8:3f:62:aa:57:c5:b0:13:74:ac:81:70:
46:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:97:4A:A6:89:7B:55:43:E5:43:E4:4F:F5:3C:E7:65:DC:9B:11:E9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ad80375d-e709-447c-8867-372df16e6e62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:8000::/40
Signature Algorithm: sha256WithRSAEncryption
02:e3:10:59:ff:be:68:3c:42:49:1f:aa:5b:1d:bb:8f:0e:54:
1e:39:5a:85:33:3b:37:75:c1:12:e5:00:2b:3f:c0:d8:7a:86:
a4:47:60:3f:ca:8f:ce:9d:c4:f5:42:08:92:d4:bf:74:93:35:
d2:f1:6f:a2:da:21:ec:c5:ee:b6:e5:0c:16:7a:9c:29:6f:96:
a2:e9:6a:cc:d0:96:13:f7:6a:a4:31:15:66:e5:e2:13:ca:aa:
7c:d1:11:18:15:12:a8:0a:af:95:34:69:46:bc:e9:5a:a8:48:
aa:e1:c1:67:0d:d2:7f:96:ce:12:15:3c:48:0f:c9:eb:af:84:
7c:88:ca:f4:34:db:3d:0c:71:7f:20:cb:f0:af:0f:60:56:05:
49:d6:06:ee:ca:ec:5c:49:da:2a:a7:d2:70:70:f7:87:6d:8b:
1d:f9:9b:68:cb:30:60:11:66:61:9d:b7:ad:44:f0:f1:bc:26:
91:ee:cd:ed:df:df:e3:81:bf:5c:5d:13:fa:65:4b:28:82:1a:
d0:22:6f:f8:5b:6e:2c:6c:70:a7:f9:ed:55:f0:07:06:8c:29:
16:15:3c:8d:13:62:96:28:60:31:0e:32:b9:7d:08:2a:dd:6c:
a7:1b:70:e4:8b:cf:59:71:bf:1c:47:8f:c4:ac:1a:83:43:42:
ab:a1:03:60
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbyxh7F8+DlfzqbpKIyZwQ+sdEgowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANjlkYmU3NWQ5ZTEzOGI3NTMzODJh
M2IzYTMxMjg0MWI2MTQ0MzZhZGFmMmFmNTBlMjc0MTc4MzdjZmQwNDJkOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqZ1nWn82JYUM5ExRnzqv3S+PJZr
AYaR77hLx+DjTklfgAVkIenolxqy/jGXnHZOVRalpvyaSJBblk2Yx9B/LLZ07ECY
iUWPXtPYfGuxCSiUdBljExxsrtmSDuJaI0OiJFRR3t4htXpo6ritN5wfAEl8rnni
lk0zkpbozJQLEdqm79KxX1ozFbvftps/SGOfRUPKILSirAto8+WDQxtxk3LJjTLv
WRIQq+v4phmXOibCxynnZsK2eO68TQB1GK2CF8RYX0jnSb4PCePWkqE6acYqLeC0
mV7LwczvHKDhoEASNe8rf61xDmiFV5ccWtI8oLzoP2KqV8WwE3SsgXBGKwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHKXSqaJe1VD5UPkT/U852XcmxHpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FkODAzNzVkLWU3MDktNDQ3Yy04ODY3LTM3MmRmMTZlNmU2Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAIAwDQYJKoZIhvcNAQELBQADggEBAALjEFn/vmg8Qkkfqlsd
u48OVB45WoUzOzd1wRLlACs/wNh6hqRHYD/Kj86dxPVCCJLUv3STNdLxb6LaIezF
7rblDBZ6nClvlqLpaszQlhP3aqQxFWbl4hPKqnzRERgVEqgKr5U0aUa86VqoSKrh
wWcN0n+WzhIVPEgPyeuvhHyIyvQ02z0McX8gy/CvD2BWBUnWBu7K7FxJ2iqn0nBw
94dtix35m2jLMGARZmGdt61E8PG8JpHuze3f3+OBv1xdE/plSyiCGtAib/hbbixs
cKf57VXwBwaMKRYVPI0TYpYoYDEOMrl9CCrdbKcbcOSLz1lxvxxHj8SsGoNDQquh
A2A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:20:35 2025 by rpki-client