Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
File: afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa (raw, json)
Hash identifier: klrchsti8mj6cd3pSnm+0SbJNPrGRDL3Ps4hAMaqWXE=
Subject key identifier: 65:BA:15:E6:37:20:55:1F:BB:8C:BF:21:3B:F6:A4:0D:5F:4E:06:7F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2046D82A8A003A6FB0689B8A0737E98786A4F805
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:f080::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:46:d8:2a:8a:00:3a:6f:b0:68:9b:8a:07:37:e9:87:86:a4:f8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a93840d4249c5a08f4a07718cc05e3756b3e9e2b79ac61a731a62b4461aca725, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ac:29:3c:e7:bd:df:97:94:25:d9:17:e9:59:
16:b1:62:74:6d:9c:99:3a:64:82:28:5f:2b:28:60:
79:7d:be:a0:60:d4:b0:95:8b:46:b6:8b:6b:5e:0d:
ae:ce:79:7e:04:77:db:88:8e:76:95:6b:a5:17:61:
86:72:48:1c:a8:0c:ac:e8:9b:5c:31:52:8b:52:6c:
2e:c8:26:ae:7f:17:cb:0c:0c:db:04:3f:f8:5c:73:
b8:5b:0e:1b:4b:a0:04:a0:32:6b:a4:dc:20:68:80:
f2:e9:ce:39:5f:bd:d4:d1:de:8d:63:b2:0c:c8:13:
7a:7c:3d:ce:13:f1:66:7d:a9:41:c1:5b:09:b4:fe:
0e:88:c2:bc:48:6f:af:97:8e:68:7a:e0:a9:01:c9:
31:62:60:6a:f3:96:0e:16:f4:85:7c:11:6a:79:20:
b5:fc:a6:7f:e1:0f:11:8e:47:de:5a:af:ea:d2:f6:
38:44:81:2b:c9:00:f5:17:2b:96:67:2a:d4:b4:38:
88:af:b1:1a:31:6a:75:93:2c:f9:2e:87:85:34:ca:
55:0d:3a:be:d9:c8:29:7d:a7:e5:b5:90:87:11:f3:
75:78:f6:ff:cc:ac:5b:65:c1:93:b6:3f:1a:0a:87:
6e:a9:aa:56:69:f1:b5:72:d5:17:97:69:f8:4e:69:
21:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BA:15:E6:37:20:55:1F:BB:8C:BF:21:3B:F6:A4:0D:5F:4E:06:7F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:f080::/46
Signature Algorithm: sha256WithRSAEncryption
6f:60:96:8a:f7:9f:09:de:65:1f:42:f8:84:e5:3b:0c:51:74:
89:f7:27:d6:c0:26:a6:a8:94:63:cb:fb:4b:73:06:13:6d:fe:
38:6a:b8:d1:7a:34:4b:8b:18:a0:32:83:18:97:4c:72:08:84:
5f:c1:f6:d6:74:84:98:64:8f:ce:e1:2c:fb:df:fd:14:ca:72:
28:00:79:77:a6:2d:ca:b6:0b:39:eb:e1:43:ad:e7:b5:d7:28:
34:47:6e:07:47:b9:8e:f9:60:02:50:ca:8f:7d:51:e2:37:20:
87:b9:f7:b4:17:c2:ca:25:d9:26:50:bf:43:10:da:39:c7:62:
bb:18:21:34:58:9d:87:b6:9f:0f:1d:a9:31:ee:6f:56:52:5b:
d5:43:10:a3:5b:2e:e1:7a:5a:50:bf:8c:88:47:15:aa:8c:16:
90:3b:36:80:b1:29:ef:bf:1b:ba:dc:18:4b:04:be:e4:be:29:
cc:fa:69:f6:5c:7f:82:4c:6a:43:b3:46:1a:9a:3b:2e:76:43:
f5:ec:8d:ba:3e:18:11:d0:0d:f9:e7:57:70:a9:91:90:87:af:
e7:26:16:f1:18:a5:5f:49:2a:3d:b2:07:88:5d:7c:45:a7:b3:
e0:c4:46:e0:bf:05:4b:b2:85:50:df:62:1e:36:25:81:e0:0f:
87:55:17:13
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUIEbYKooAOm+waJuKBzfph4ak+AUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTkzODQwZDQyNDljNWEwOGY0YTA3
NzE4Y2MwNWUzNzU2YjNlOWUyYjc5YWM2MWE3MzFhNjJiNDQ2MWFjYTcyNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16wpPOe935eUJdkX6VkWsWJ0bZyZ
OmSCKF8rKGB5fb6gYNSwlYtGtotrXg2uznl+BHfbiI52lWulF2GGckgcqAys6Jtc
MVKLUmwuyCaufxfLDAzbBD/4XHO4Ww4bS6AEoDJrpNwgaIDy6c45X73U0d6NY7IM
yBN6fD3OE/FmfalBwVsJtP4OiMK8SG+vl45oeuCpAckxYmBq85YOFvSFfBFqeSC1
/KZ/4Q8RjkfeWq/q0vY4RIEryQD1FyuWZyrUtDiIr7EaMWp1kyz5LoeFNMpVDTq+
2cgpfafltZCHEfN1ePb/zKxbZcGTtj8aCoduqapWafG1ctUXl2n4TmkheQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGW6FeY3IFUfu4y/ITv2pA1fTgZ/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FmY2FjMDdhLWU2Y2EtNDE1Mi05YTI0LWNlNzVmM2Y1ZDExMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+/CAMA0GCSqGSIb3DQEBCwUAA4IBAQBvYJaK958J3mUfQviE
5TsMUXSJ9yfWwCamqJRjy/tLcwYTbf44arjRejRLixigMoMYl0xyCIRfwfbWdISY
ZI/O4Sz73/0UynIoAHl3pi3Ktgs56+FDree11yg0R24HR7mO+WACUMqPfVHiNyCH
ufe0F8LKJdkmUL9DENo5x2K7GCE0WJ2Htp8PHakx7m9WUlvVQxCjWy7helpQv4yI
RxWqjBaQOzaAsSnvvxu63BhLBL7kvinM+mn2XH+CTGpDs0YamjsudkP17I26PhgR
0A3551dwqZGQh6/nJhbxGKVfSSo9sgeIXXxFp7PgxEbgvwVLsoVQ32IeNiWB4A+H
VRcT
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:28:49 2025 by rpki-client