Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa
File: b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa (raw, json)
Hash identifier: Dbc1L+Jk4wEKzWFcb/YFkG5tPzyaKO53xT6dQtWt9PA=
Subject key identifier: 05:98:73:F8:E9:0B:44:12:D1:6F:E5:D8:D4:A5:85:78:7B:4A:CA:31
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 56C07D802CC063231E97AB3BEE02F30CB9B40A1C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:8800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:c0:7d:80:2c:c0:63:23:1e:97:ab:3b:ee:02:f3:0c:b9:b4:0a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=21e3e3187e5307c4f73ea391f0d77570b3b87d7a629a84fdab6ddf0c2eed2b68, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c2:d5:16:8a:6a:09:1b:e8:bf:e0:be:bd:86:
2e:d9:32:0c:4f:59:ee:a1:ca:66:20:88:52:2e:e0:
c5:41:de:bc:09:bd:8b:75:72:a5:6c:46:04:b9:58:
4c:5e:5e:f2:3f:d3:63:35:01:82:76:1a:84:15:85:
2d:0a:5c:bc:dc:c1:6c:46:8c:ed:c3:18:98:3a:2a:
d2:c3:cd:d4:8c:16:26:0c:7e:16:03:35:08:b5:7a:
f2:6d:2f:2a:b5:8e:5f:df:da:fa:dc:c3:9d:50:80:
eb:e1:67:9b:a0:76:62:07:53:4b:c9:34:22:76:3c:
60:b8:e5:ee:f7:44:40:5e:8b:7a:d5:cd:26:bb:c0:
4e:63:8b:ad:c4:14:87:a2:8b:15:12:89:a4:90:b5:
d9:38:0c:e3:e1:6c:d5:0f:58:f4:2c:73:9d:a0:a0:
fd:04:7d:40:af:0b:33:1b:68:f0:5b:f3:f8:11:86:
ba:ff:8f:40:0c:05:99:f9:79:a5:df:7e:4b:c2:7f:
0e:c9:39:94:8f:56:c5:6e:62:c2:2e:3f:d9:6a:a8:
14:d2:4c:52:91:28:63:c9:ea:d7:25:81:42:b2:08:
2c:d6:dd:70:a5:20:f8:3e:9b:ae:9c:73:e3:50:8c:
ae:8b:28:74:d8:a7:2a:db:02:5e:42:aa:3a:49:d7:
07:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:98:73:F8:E9:0B:44:12:D1:6F:E5:D8:D4:A5:85:78:7B:4A:CA:31
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:8800::/40
Signature Algorithm: sha256WithRSAEncryption
71:a0:49:d4:9d:8b:0a:7f:9f:b3:3f:cd:f3:6f:44:c4:2c:4a:
f3:e7:1c:7d:5a:a4:38:90:23:1d:d9:8c:19:4c:51:13:00:8c:
ab:5a:31:07:d5:25:94:6a:88:0b:87:29:6d:2e:ec:f1:79:e5:
d2:69:88:e1:f8:a3:c8:ac:0e:ef:b5:fb:e4:89:c6:20:4f:c2:
a9:cf:22:61:01:f4:36:c1:68:2c:ce:70:82:f3:a6:ee:2c:b9:
6e:1f:3d:ab:e2:49:73:20:0a:7d:b7:ed:d6:af:a8:c9:cf:dc:
21:02:eb:9d:9e:60:52:63:38:f1:9f:b1:76:a8:06:61:64:e5:
29:2a:ea:b4:6a:03:e4:f4:16:0b:27:6c:79:f4:9e:d4:8d:13:
08:cd:0d:02:5f:28:84:00:e5:3f:1e:af:46:48:c4:27:1f:ae:
4e:16:c7:bc:02:d0:f9:25:ed:1e:51:66:e6:f0:00:6a:37:39:
99:ff:34:eb:79:44:c1:12:63:7e:cc:98:a8:e0:3e:c1:e0:45:
1b:5c:b0:2d:b9:19:5a:d8:01:1d:ac:5c:98:12:ec:52:ae:49:
bc:02:a7:86:20:b8:db:1d:bc:54:a8:f1:7e:d9:6d:b6:07:4d:
19:6d:5d:e8:dd:91:87:e2:0c:a5:df:c6:eb:cd:c9:25:9b:13:
0b:82:6f:a2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVsB9gCzAYyMel6s77gLzDLm0ChwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjFlM2UzMTg3ZTUzMDdjNGY3M2Vh
MzkxZjBkNzc1NzBiM2I4N2Q3YTYyOWE4NGZkYWI2ZGRmMGMyZWVkMmI2ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MLVFopqCRvov+C+vYYu2TIMT1nu
ocpmIIhSLuDFQd68Cb2LdXKlbEYEuVhMXl7yP9NjNQGCdhqEFYUtCly83MFsRozt
wxiYOirSw83UjBYmDH4WAzUItXrybS8qtY5f39r63MOdUIDr4WeboHZiB1NLyTQi
djxguOXu90RAXot61c0mu8BOY4utxBSHoosVEomkkLXZOAzj4WzVD1j0LHOdoKD9
BH1ArwszG2jwW/P4EYa6/49ADAWZ+Xml335Lwn8OyTmUj1bFbmLCLj/ZaqgU0kxS
kShjyerXJYFCsggs1t1wpSD4PpuunHPjUIyuiyh02Kcq2wJeQqo6SdcHhwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAWYc/jpC0QS0W/l2NSlhXh7SsoxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2IyMjY1ODU0LWFjMWMtNGU1YS1hNzk0LWQ0Y2UxZTU4MzNhZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOIgwDQYJKoZIhvcNAQELBQADggEBAHGgSdSdiwp/n7M/zfNv
RMQsSvPnHH1apDiQIx3ZjBlMURMAjKtaMQfVJZRqiAuHKW0u7PF55dJpiOH4o8is
Du+1++SJxiBPwqnPImEB9DbBaCzOcILzpu4suW4fPaviSXMgCn237davqMnP3CEC
652eYFJjOPGfsXaoBmFk5Skq6rRqA+T0FgsnbHn0ntSNEwjNDQJfKIQA5T8er0ZI
xCcfrk4Wx7wC0Pkl7R5RZubwAGo3OZn/NOt5RMESY37MmKjgPsHgRRtcsC25GVrY
AR2sXJgS7FKuSbwCp4YguNsdvFSo8X7ZbbYHTRltXejdkYfiDKXfxuvNySWbEwuC
b6I=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:33 2025 by rpki-client