Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa
File: af6b0407-66be-4076-87b3-370d845449ef.roa (raw, json)
Hash identifier: BysEz+fdP+2xkoc57mqOR99dT/Wfp1K4Nijk1vDBiC4=
Subject key identifier: 1C:77:65:4C:2E:63:DA:85:DA:0A:CB:D7:17:E5:62:3C:03:74:0B:D3
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6FB2519440193C9B841EEBF31149FB7C119D5CE0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:6040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:b2:51:94:40:19:3c:9b:84:1e:eb:f3:11:49:fb:7c:11:9d:5c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=afc151adedace0d42ca71bc42e3e368709d3beeec5b5a7f59c5d3df7a1e89421, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:6b:ea:0f:5b:1c:b5:18:bf:a7:15:e2:40:
24:2c:67:c9:41:44:e8:4a:14:18:91:2f:1d:1f:9a:
11:b4:77:d0:f9:08:d2:cc:ed:86:29:50:f0:b1:f8:
f0:cf:da:14:fc:c9:12:e4:0d:b5:9a:ed:d9:70:3e:
3f:ba:95:bd:65:d2:70:8d:a5:e8:b0:5e:c5:1a:b1:
5f:84:e5:0d:0a:f7:71:c2:bc:31:47:47:a1:96:12:
7a:51:34:d7:6f:75:7b:e7:98:d9:5e:fe:b1:d6:1a:
b7:7e:6a:12:28:82:3b:5a:3c:b0:f8:13:c7:af:b1:
cb:04:6f:a8:30:5e:b2:ff:e2:d3:e6:ba:01:ee:9e:
a4:8d:49:a1:37:c2:f9:51:89:d6:1f:7e:3b:51:34:
87:58:e9:03:c9:b3:c2:bf:cb:3d:a7:0a:35:bb:00:
29:c5:64:87:5e:17:96:1b:49:fc:fa:13:fd:20:61:
fb:ce:c8:0d:53:81:bd:31:1e:f5:a5:00:93:40:03:
a3:97:2b:04:55:1e:4f:6f:81:c6:ae:80:2b:16:cc:
1a:c5:3a:27:fc:88:14:3b:1a:b3:56:73:d4:97:2f:
22:4e:c6:0f:ce:6d:16:97:80:e1:79:b4:5e:79:9f:
8b:b6:da:4d:90:45:df:34:c0:e5:d3:ba:97:65:86:
c5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:77:65:4C:2E:63:DA:85:DA:0A:CB:D7:17:E5:62:3C:03:74:0B:D3
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:6040::/48
Signature Algorithm: sha256WithRSAEncryption
76:ad:92:dc:ea:d7:42:2b:e5:14:82:3c:82:32:39:bc:b1:93:
1f:1e:fb:7d:a8:03:fd:25:ef:89:b9:1a:7b:74:c3:32:81:46:
78:1b:93:c4:b4:31:aa:25:26:76:92:12:d3:37:7c:5f:1f:04:
02:e4:eb:f5:8a:57:84:df:fe:75:92:53:f5:bb:bf:33:86:ca:
5c:51:f0:98:0e:37:00:14:70:66:9e:0c:88:fe:6c:a9:4f:3b:
d9:78:49:36:67:b7:e8:4a:8e:ef:32:c3:65:d3:e6:b8:16:9e:
e3:a1:02:6c:d9:41:d6:8e:3f:e1:34:45:99:ee:71:0a:59:37:
71:eb:6f:8e:cd:3a:6b:b4:1e:7e:f6:64:e5:48:7a:4e:96:58:
e5:05:a9:ae:af:e3:db:78:02:1e:9d:b8:22:eb:36:87:f5:f4:
b7:45:fa:a3:ad:0e:07:45:5e:e0:49:8f:21:65:3c:97:4f:07:
02:67:eb:d2:fe:89:31:ff:11:0b:11:78:63:42:0f:6d:16:21:
85:e7:0f:54:79:a1:26:43:05:14:b4:a5:ff:85:11:3b:94:61:
4f:47:29:6b:fc:a5:a5:0e:a8:80:70:33:ab:4f:f0:1e:21:66:
fc:7c:2b:1b:74:3d:89:ec:17:21:c5:10:e8:ea:bc:79:d7:4c:
e8:7c:59:28
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUb7JRlEAZPJuEHuvzEUn7fBGdXOAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYWZjMTUxYWRlZGFjZTBkNDJjYTcx
YmM0MmUzZTM2ODcwOWQzYmVlZWM1YjVhN2Y1OWM1ZDNkZjdhMWU4OTQyMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue1r6g9bHLUYv6cV4kAkLGfJQUTo
ShQYkS8dH5oRtHfQ+QjSzO2GKVDwsfjwz9oU/MkS5A21mu3ZcD4/upW9ZdJwjaXo
sF7FGrFfhOUNCvdxwrwxR0ehlhJ6UTTXb3V755jZXv6x1hq3fmoSKII7Wjyw+BPH
r7HLBG+oMF6y/+LT5roB7p6kjUmhN8L5UYnWH347UTSHWOkDybPCv8s9pwo1uwAp
xWSHXheWG0n8+hP9IGH7zsgNU4G9MR71pQCTQAOjlysEVR5Pb4HGroArFswaxTon
/IgUOxqzVnPUly8iTsYPzm0Wl4DhebReeZ+LttpNkEXfNMDl07qXZYbFpwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBx3ZUwuY9qF2grL1xflYjwDdAvTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FmNmIwNDA3LTY2YmUtNDA3Ni04N2IzLTM3MGQ4NDU0NDllZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8mBAMA0GCSqGSIb3DQEBCwUAA4IBAQB2rZLc6tdCK+UUgjyC
Mjm8sZMfHvt9qAP9Je+JuRp7dMMygUZ4G5PEtDGqJSZ2khLTN3xfHwQC5Ov1ileE
3/51klP1u78zhspcUfCYDjcAFHBmngyI/mypTzvZeEk2Z7foSo7vMsNl0+a4Fp7j
oQJs2UHWjj/hNEWZ7nEKWTdx62+OzTprtB5+9mTlSHpOlljlBamur+PbeAIenbgi
6zaH9fS3RfqjrQ4HRV7gSY8hZTyXTwcCZ+vS/okx/xELEXhjQg9tFiGF5w9UeaEm
QwUUtKX/hRE7lGFPRylr/KWlDqiAcDOrT/AeIWb8fCsbdD2J7BchxRDo6rx510zo
fFko
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:22:26 2025 by rpki-client