Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa
File: b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa (raw, json)
Hash identifier: aRYNtwTCzUMzcRnXpabcDVaEqypZLh9WLm7zfwtjpCU=
Subject key identifier: 81:9F:7D:EF:FA:1C:B0:1B:8A:6D:C3:27:9D:9C:79:6D:C5:8A:EF:17
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0745614E31BE5EBD93C2C12CD484D1D313619F0A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:8080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:45:61:4e:31:be:5e:bd:93:c2:c1:2c:d4:84:d1:d3:13:61:9f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=1286f410c8007f6487d1e260bf3dbc636ab0acf30174975a8d2372d02bb688ff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:37:5f:51:b4:49:ef:ce:5d:76:53:0e:75:
cf:8b:06:6c:e3:60:d4:81:0b:5c:c7:67:41:f3:ea:
15:78:70:09:54:f3:77:b1:1f:63:30:c6:c9:57:6f:
2e:87:b4:09:e4:69:12:96:3e:2f:6e:63:4a:a4:dd:
3c:04:bf:0a:bb:b8:cb:56:bd:91:35:88:5d:e8:da:
5d:11:00:77:56:df:30:17:15:5d:2e:78:e7:ec:53:
3a:cc:22:6d:6c:59:37:29:a9:89:20:73:8d:66:4f:
5d:60:77:2c:46:d9:64:51:57:27:1b:a4:9e:9b:5c:
90:31:d0:f4:e8:d3:0a:02:46:d6:2b:4a:8b:65:67:
e3:23:07:45:14:a7:58:52:43:0b:32:c6:e2:09:c1:
00:8d:de:5d:83:f2:55:8d:a7:4e:7b:ad:d7:12:98:
0c:63:34:e4:71:6a:56:88:63:0a:e3:77:1a:44:99:
de:13:ca:c1:b6:c5:f2:f2:0b:37:6b:6f:20:8c:4d:
15:f2:07:a5:a5:ae:5b:98:aa:8c:cb:45:28:25:0f:
1c:11:4e:b3:9d:9c:7d:6c:1a:8a:0f:ee:66:81:00:
ca:9a:50:ca:08:9a:50:38:a7:f4:ba:67:47:56:b8:
15:a0:e5:e1:d8:34:8b:7b:de:e9:a9:28:57:83:4c:
09:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9F:7D:EF:FA:1C:B0:1B:8A:6D:C3:27:9D:9C:79:6D:C5:8A:EF:17
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:8080::/48
Signature Algorithm: sha256WithRSAEncryption
97:8e:01:bc:1b:fe:69:8d:7a:41:4e:a5:ad:47:db:d5:d7:0a:
98:57:8f:ad:07:1e:16:59:2a:19:3d:c9:31:d7:60:68:a7:d5:
4a:f3:a5:50:f0:7c:82:c2:b2:63:0e:2c:aa:6a:d7:ff:94:f3:
ee:3b:a4:2f:43:79:89:4e:ff:7b:e5:3d:b6:d1:2a:c5:34:12:
fe:dc:77:0b:7f:19:8c:6a:d5:20:57:42:be:b6:7e:17:d4:ce:
c3:3d:1b:08:14:de:40:a2:b4:50:1d:8a:d2:b2:82:a3:84:c1:
c2:e4:48:d8:9f:ca:88:d4:2c:19:19:8b:ff:43:89:c7:e0:30:
fa:95:dc:20:a5:b5:3b:95:84:b4:27:30:59:97:f2:83:a4:db:
ae:b6:76:71:3b:ac:28:b6:16:60:1e:04:0c:e6:f2:04:b9:ab:
32:c4:61:25:79:11:dc:bb:8c:bb:7e:c9:e2:95:96:e9:51:65:
05:23:ab:56:ad:6c:b3:e0:22:b5:2d:6b:7e:57:2b:5a:c9:19:
49:50:8f:81:4e:fb:44:b2:b6:65:18:79:93:aa:45:9a:17:24:
31:69:0d:76:46:40:6f:02:e0:bc:ce:10:47:f6:28:7c:dc:66:
7a:39:f6:46:81:e3:a3:be:03:da:bf:24:3b:b8:50:c5:15:05:
17:55:c2:cf
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUB0VhTjG+Xr2TwsEs1ITR0xNhnwowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTI4NmY0MTBjODAwN2Y2NDg3ZDFl
MjYwYmYzZGJjNjM2YWIwYWNmMzAxNzQ5NzVhOGQyMzcyZDAyYmI2ODhmZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLQ3X1G0Se/OXXZTDnXPiwZs42DU
gQtcx2dB8+oVeHAJVPN3sR9jMMbJV28uh7QJ5GkSlj4vbmNKpN08BL8Ku7jLVr2R
NYhd6NpdEQB3Vt8wFxVdLnjn7FM6zCJtbFk3KamJIHONZk9dYHcsRtlkUVcnG6Se
m1yQMdD06NMKAkbWK0qLZWfjIwdFFKdYUkMLMsbiCcEAjd5dg/JVjadOe63XEpgM
YzTkcWpWiGMK43caRJneE8rBtsXy8gs3a28gjE0V8gelpa5bmKqMy0UoJQ8cEU6z
nZx9bBqKD+5mgQDKmlDKCJpQOKf0umdHVrgVoOXh2DSLe97pqShXg0wJ/wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIGffe/6HLAbim3DJ52ceW3Fiu8XMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2IxYTI0YTI1LTliM2EtNDJlNC04N2JkLWIyMTJmN2ZkNzljOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8oCAMA0GCSqGSIb3DQEBCwUAA4IBAQCXjgG8G/5pjXpBTqWt
R9vV1wqYV4+tBx4WWSoZPckx12Bop9VK86VQ8HyCwrJjDiyqatf/lPPuO6QvQ3mJ
Tv975T220SrFNBL+3HcLfxmMatUgV0K+tn4X1M7DPRsIFN5AorRQHYrSsoKjhMHC
5EjYn8qI1CwZGYv/Q4nH4DD6ldwgpbU7lYS0JzBZl/KDpNuutnZxO6wothZgHgQM
5vIEuasyxGEleRHcu4y7fsnilZbpUWUFI6tWrWyz4CK1LWt+VytayRlJUI+BTvtE
srZlGHmTqkWaFyQxaQ12RkBvAuC8zhBH9ih83GZ6OfZGgeOjvgPavyQ7uFDFFQUX
VcLP
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:22:54 2025 by rpki-client