Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa
File: ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa (raw, json)
Hash identifier: RdlESK0WJVaZYgkcz9cvaRsMGGwtSJSSMnVdULzWtqU=
Subject key identifier: 33:F2:33:F0:B0:02:78:69:98:E1:86:FC:6E:8F:9B:80:84:E8:E5:BC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 57B8B79F076230A982772798B102F92399AEFB14
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da36:7000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:b8:b7:9f:07:62:30:a9:82:77:27:98:b1:02:f9:23:99:ae:fb:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=bd7ea4b1bfc5b194ff48bc9871bd5a8a205cc2e06055e5fec5dcddbd849c85af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:88:67:46:a6:08:d1:6b:9c:a5:03:02:e2:44:
64:50:2a:5d:ae:92:75:ff:9d:84:57:3f:77:2e:2c:
06:a0:87:ec:f2:92:18:51:73:42:70:75:6b:dd:da:
44:2f:53:61:a3:64:ef:dd:39:94:2f:70:db:b9:6e:
39:56:0a:95:7f:b3:47:09:fc:cb:af:0b:15:21:0a:
06:77:f8:d1:16:70:97:6a:2e:7a:c7:2e:b8:50:79:
a5:c8:54:de:06:a7:26:83:a4:1d:41:39:84:10:ec:
77:35:d2:4a:8f:70:26:8d:a6:5b:b1:2f:30:a4:5a:
af:4d:ff:fb:e5:e4:c4:ff:27:1e:6b:01:a3:c2:e9:
0a:03:88:fa:e4:bd:ad:91:9e:d6:85:6c:55:ab:d1:
d6:39:88:f7:2e:80:c3:49:c2:d2:9c:b1:25:25:ad:
ef:33:c0:97:dc:e9:6e:2e:39:86:9e:7e:9b:de:fa:
e0:13:67:4c:13:cc:90:6d:84:4b:5f:82:2d:e0:87:
c4:49:fb:c3:d4:13:df:fd:d9:77:10:3c:7a:93:f9:
3d:55:2a:ec:48:41:5b:0a:bd:47:be:82:8f:fc:9b:
53:e5:a0:98:0c:66:5e:34:44:bb:b1:2e:43:23:11:
f0:a7:9b:24:36:23:1a:0c:f1:99:13:88:c0:12:86:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F2:33:F0:B0:02:78:69:98:E1:86:FC:6E:8F:9B:80:84:E8:E5:BC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da36:7000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:f2:4d:54:2c:67:d2:de:4a:72:0b:77:98:e2:27:85:89:cf:
7a:40:a6:3c:7f:06:d4:22:3c:35:ba:81:0c:24:95:3f:d4:1a:
f2:19:50:ec:bd:56:9c:75:7c:c0:87:c0:27:78:89:94:a6:1d:
11:14:16:c0:b1:91:ee:9b:43:61:61:96:8b:ac:33:1c:fd:12:
0b:c2:41:d9:a8:9a:9d:69:76:4c:43:c7:41:ae:5e:8e:a6:ac:
91:3a:98:73:c2:41:ec:0e:1d:bc:29:03:97:6a:df:95:37:ac:
3b:8e:58:a7:d2:01:97:a7:4f:68:a1:d2:a1:ce:ea:ba:bc:3e:
e6:3c:a5:3d:fb:42:29:ad:96:b1:46:c4:ee:16:5b:32:6a:ee:
2f:40:bf:3c:90:49:0c:91:61:b2:80:8b:c6:3e:1d:20:2e:44:
29:dd:2b:8c:c1:5e:b8:c3:dc:fb:70:76:40:0b:a9:fc:b6:bd:
42:b6:50:e0:8e:3b:1d:8c:56:0a:4b:4d:45:f0:3b:03:4c:d4:
f0:a7:db:04:bb:07:4d:4b:56:3b:b7:8e:95:7d:73:97:fc:50:
0d:77:a0:b0:7f:3b:95:b2:b4:0c:53:a4:8a:25:3c:51:95:c7:
ec:0f:5c:a7:1f:af:c0:39:da:1e:d7:65:ff:76:6d:5a:48:62:
2c:bf:92:05
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUV7i3nwdiMKmCdyeYsQL5I5mu+xQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYmQ3ZWE0YjFiZmM1YjE5NGZmNDhi
Yzk4NzFiZDVhOGEyMDVjYzJlMDYwNTVlNWZlYzVkY2RkYmQ4NDljODVhZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsohnRqYI0WucpQMC4kRkUCpdrpJ1
/52EVz93LiwGoIfs8pIYUXNCcHVr3dpEL1Nho2Tv3TmUL3DbuW45VgqVf7NHCfzL
rwsVIQoGd/jRFnCXai56xy64UHmlyFTeBqcmg6QdQTmEEOx3NdJKj3AmjaZbsS8w
pFqvTf/75eTE/yceawGjwukKA4j65L2tkZ7WhWxVq9HWOYj3LoDDScLSnLElJa3v
M8CX3OluLjmGnn6b3vrgE2dME8yQbYRLX4It4IfESfvD1BPf/dl3EDx6k/k9VSrs
SEFbCr1HvoKP/JtT5aCYDGZeNES7sS5DIxHwp5skNiMaDPGZE4jAEoYbDwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDPyM/CwAnhpmOGG/G6Pm4CE6OW8MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FlOTA4ZTM3LTY4YzgtNDAxZC05ZWNmLWZkOWE4ZDc4NWY4NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNnAwDQYJKoZIhvcNAQELBQADggEBAD/yTVQsZ9LeSnILd5ji
J4WJz3pApjx/BtQiPDW6gQwklT/UGvIZUOy9Vpx1fMCHwCd4iZSmHREUFsCxke6b
Q2FhlousMxz9EgvCQdmomp1pdkxDx0GuXo6mrJE6mHPCQewOHbwpA5dq35U3rDuO
WKfSAZenT2ih0qHO6rq8PuY8pT37QimtlrFGxO4WWzJq7i9AvzyQSQyRYbKAi8Y+
HSAuRCndK4zBXrjD3PtwdkALqfy2vUK2UOCOOx2MVgpLTUXwOwNM1PCn2wS7B01L
Vju3jpV9c5f8UA13oLB/O5WytAxTpIolPFGVx+wPXKcfr8A52h7XZf92bVpIYiy/
kgU=
-----END CERTIFICATE-----
Generated at Sat May 3 14:31:46 2025 by rpki-client