Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b5e49098-482a-409f-86fa-7f86369cecc8.roa
File: b5e49098-482a-409f-86fa-7f86369cecc8.roa (raw, json)
Hash identifier: 3MPufQMoAXicZX/qhzdXkZOJAtq3kZEe+iYr43pwg6E=
Subject key identifier: 6B:B0:F4:2F:DB:D2:7E:EB:AA:CE:7A:05:D7:BC:67:60:BA:A6:C9:6B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3ABF3D627334D993507D4E449474C71FBF13E5CF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b5e49098-482a-409f-86fa-7f86369cecc8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:bf:3d:62:73:34:d9:93:50:7d:4e:44:94:74:c7:1f:bf:13:e5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f678d82509ae332e02b8fad5bab4c44d42fe8568e561570f0f7cddcd4adf7b23, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:31:d1:a4:5c:8e:e6:65:bc:58:72:c5:cb:db:
fd:ad:4e:93:86:76:4a:69:e2:0e:e6:ad:e1:7f:57:
d3:31:41:fa:7d:f4:58:d6:85:6c:95:a6:88:3c:fc:
ba:a6:3c:7e:89:72:14:f3:20:2b:09:f1:58:05:41:
e5:b4:5c:e2:45:f5:50:5c:cc:c1:8f:0a:da:50:1f:
85:b6:e1:6f:16:6d:dd:86:09:66:b3:e9:2d:3d:39:
65:fc:04:19:77:20:df:bd:10:59:00:c7:c0:1b:24:
5d:49:eb:c0:7b:39:b5:27:91:e4:c7:af:fc:74:af:
6c:d2:23:36:b3:2f:fa:6d:df:f5:e1:1e:29:bf:2e:
71:d7:1b:df:b9:db:1c:c0:f0:09:05:31:f1:18:f4:
e1:43:f1:6e:41:34:cc:77:61:87:57:a0:d8:24:83:
8b:70:43:38:a0:30:ad:18:27:b7:bf:f0:68:79:9b:
10:09:35:6a:50:61:11:a3:0d:d9:20:db:22:09:94:
93:9c:5b:fb:94:f7:13:5f:96:4a:2b:95:98:78:60:
51:45:94:fd:70:f3:fc:fd:39:b9:66:c2:bc:b3:4a:
ed:b8:20:80:17:b3:34:3c:69:33:ab:ca:05:97:7a:
ba:c7:40:d9:db:b2:22:9c:7e:77:68:b3:f5:3c:87:
35:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B0:F4:2F:DB:D2:7E:EB:AA:CE:7A:05:D7:BC:67:60:BA:A6:C9:6B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b5e49098-482a-409f-86fa-7f86369cecc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2840::/46
Signature Algorithm: sha256WithRSAEncryption
6f:0e:ab:3e:8a:52:19:1e:18:9f:4c:74:0c:28:3c:d7:0b:2a:
a2:b1:f3:3f:73:0c:cd:98:6a:73:6e:8c:17:1a:31:47:0a:51:
66:b4:fd:b0:3d:6a:3a:61:d1:68:db:63:62:de:40:b8:33:86:
17:7e:49:09:f3:4c:91:56:cd:fa:97:5c:9c:81:af:ff:43:f1:
e8:fd:17:ad:77:8e:a2:14:f4:77:93:fb:c5:a6:4a:1f:3e:c7:
df:61:3a:b0:ce:bc:57:07:0a:d3:e2:15:ee:c1:1a:a2:e4:d7:
6e:fd:f1:05:86:7d:80:74:65:0c:a2:b9:07:08:bc:d6:73:b0:
bf:45:30:05:62:58:62:2e:49:6f:d8:18:23:73:30:e7:5a:1e:
61:42:39:9a:a9:89:e4:2c:5a:15:a2:d8:f3:6a:50:1b:01:76:
5a:a1:62:f0:84:8d:cd:99:ba:a0:d6:4e:02:bf:4e:94:a5:04:
a0:76:27:f3:e1:c4:c6:a7:4c:14:82:97:06:f5:69:a0:12:42:
9c:8c:88:6f:f5:62:ac:d2:99:09:2c:d3:7e:78:64:ee:83:47:
85:4c:6e:0e:98:38:a9:36:b3:b2:3c:64:69:86:fd:e2:64:75:
30:ad:0f:a8:26:54:0f:ea:b8:e2:6d:f8:9b:4f:32:d4:8b:2c:
59:ef:85:cc
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUOr89YnM02ZNQfU5ElHTHH78T5c8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZjY3OGQ4MjUwOWFlMzMyZTAyYjhm
YWQ1YmFiNGM0NGQ0MmZlODU2OGU1NjE1NzBmMGY3Y2RkY2Q0YWRmN2IyMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjHRpFyO5mW8WHLFy9v9rU6ThnZK
aeIO5q3hf1fTMUH6ffRY1oVslaaIPPy6pjx+iXIU8yArCfFYBUHltFziRfVQXMzB
jwraUB+FtuFvFm3dhglms+ktPTll/AQZdyDfvRBZAMfAGyRdSevAezm1J5Hkx6/8
dK9s0iM2sy/6bd/14R4pvy5x1xvfudscwPAJBTHxGPThQ/FuQTTMd2GHV6DYJIOL
cEM4oDCtGCe3v/BoeZsQCTVqUGERow3ZINsiCZSTnFv7lPcTX5ZKK5WYeGBRRZT9
cPP8/Tm5ZsK8s0rtuCCAF7M0PGkzq8oFl3q6x0DZ27IinH53aLP1PIc1wwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGuw9C/b0n7rqs56Bde8Z2C6pslrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I1ZTQ5MDk4LTQ4MmEtNDA5Zi04NmZhLTdmODYzNjljZWNjOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+yhAMA0GCSqGSIb3DQEBCwUAA4IBAQBvDqs+ilIZHhifTHQM
KDzXCyqisfM/cwzNmGpzbowXGjFHClFmtP2wPWo6YdFo22Ni3kC4M4YXfkkJ80yR
Vs36l1ycga//Q/Ho/Retd46iFPR3k/vFpkofPsffYTqwzrxXBwrT4hXuwRqi5Ndu
/fEFhn2AdGUMorkHCLzWc7C/RTAFYlhiLklv2BgjczDnWh5hQjmaqYnkLFoVotjz
alAbAXZaoWLwhI3Nmbqg1k4Cv06UpQSgdifz4cTGp0wUgpcG9WmgEkKcjIhv9WKs
0pkJLNN+eGTug0eFTG4OmDipNrOyPGRphv3iZHUwrQ+oJlQP6rjibfibTzLUiyxZ
74XM
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:26:40 2025 by rpki-client