Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9c913ee-ed05-4815-9620-c3c48eb368a1.roa
File: b9c913ee-ed05-4815-9620-c3c48eb368a1.roa (raw, json)
Hash identifier: l7EJYC4HFTPUbcqPJf4E5CMCep6aoxhgJ2pm0RRHFQ4=
Subject key identifier: ED:14:57:EB:B2:59:CF:76:F8:2C:8F:AB:BB:57:74:C3:C7:A8:5E:E3
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5C157C10F09976A4806EADA9B8A9C7F5E19378BE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9c913ee-ed05-4815-9620-c3c48eb368a1.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:15:7c:10:f0:99:76:a4:80:6e:ad:a9:b8:a9:c7:f5:e1:93:78:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3fc841db4bcd0ed13a37cc1cbc227dfbaf21dd6e31684190ea698ab117e58a1b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f7:30:9e:57:f8:1a:7a:22:3e:32:98:90:28:
46:60:6e:f0:9f:ef:53:50:6f:c3:1f:39:d7:64:34:
62:1c:af:e1:8d:38:d4:35:83:cb:37:b8:94:5b:c1:
29:98:bc:64:0a:63:a4:36:2e:7b:a3:68:0a:ba:86:
0b:62:9c:01:58:cf:ec:61:b8:1f:59:91:70:ae:c6:
94:0e:d9:1f:c8:20:2b:d0:3d:be:a7:c6:3e:63:01:
1b:d2:e4:f1:f3:60:7c:fe:33:7c:06:21:ef:cb:f6:
9f:3c:8c:2f:43:eb:45:f3:28:38:0e:1b:e0:7e:d8:
69:42:06:bd:3d:ba:0f:63:31:1f:99:3b:9e:e8:b2:
c0:1a:b1:f9:b1:83:5e:7e:44:50:06:7a:40:d4:4a:
9e:ed:01:d9:b2:da:d9:19:25:49:bc:52:fb:55:6f:
d9:2c:28:52:b9:a0:e7:10:52:68:42:5f:14:14:0e:
f0:f3:42:f5:41:11:88:de:88:10:47:99:17:ad:67:
5f:a3:c2:12:94:f1:7e:42:68:2c:f7:92:aa:de:51:
d0:fd:11:fc:64:ca:d3:8e:ea:89:ca:b1:61:6e:a9:
79:aa:dd:3c:3a:e9:84:0f:49:d9:ca:f0:91:1a:f1:
84:2f:dd:90:6f:50:03:d0:b1:71:8c:37:65:0c:ca:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:14:57:EB:B2:59:CF:76:F8:2C:8F:AB:BB:57:74:C3:C7:A8:5E:E3
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9c913ee-ed05-4815-9620-c3c48eb368a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:2800::/40
Signature Algorithm: sha256WithRSAEncryption
8d:0c:f7:5a:38:cd:b6:eb:f6:42:0d:99:5a:18:95:d3:18:b6:
03:32:8f:1d:69:09:34:25:af:3f:07:b3:55:76:a5:9b:8c:5a:
b8:0d:0c:66:10:74:f4:c6:bf:16:40:1f:a2:39:fa:fb:05:b7:
97:97:43:2b:18:cf:b1:3b:9e:e0:9a:8a:db:1f:26:a1:21:ec:
2e:50:05:63:a8:87:d5:2c:60:dc:82:65:88:ed:11:70:59:5f:
5c:53:25:62:b7:8a:a0:f9:50:eb:d2:07:0a:4b:dc:b9:3c:0c:
a3:c2:6e:04:3a:ef:27:1a:05:c2:05:3f:bc:3f:43:4e:d0:2f:
2b:17:53:f2:2e:00:c4:c7:3f:96:cf:b3:a9:5e:21:79:42:5c:
2e:01:f6:16:fc:04:8a:f6:e7:62:82:f7:4e:3a:ec:6f:3b:b1:
62:25:fb:f3:11:72:ae:77:8e:42:bf:58:69:7a:3d:b1:3d:bf:
83:0b:88:6e:a1:4f:24:da:e3:45:97:29:44:8f:8f:c4:23:b7:
16:d1:68:88:ce:4a:f7:e3:0b:45:4f:ed:b5:d0:c0:60:e8:b6:
dd:0b:4d:e3:e3:f2:dd:2a:a6:68:6c:56:da:88:78:c2:76:5d:
2b:6a:7a:d2:60:3c:6b:27:47:ff:82:bf:03:5b:2d:09:89:5a:
2b:00:71:73
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXBV8EPCZdqSAbq2puKnH9eGTeL4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAM2ZjODQxZGI0YmNkMGVkMTNhMzdj
YzFjYmMyMjdkZmJhZjIxZGQ2ZTMxNjg0MTkwZWE2OThhYjExN2U1OGExYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfcwnlf4GnoiPjKYkChGYG7wn+9T
UG/DHznXZDRiHK/hjTjUNYPLN7iUW8EpmLxkCmOkNi57o2gKuoYLYpwBWM/sYbgf
WZFwrsaUDtkfyCAr0D2+p8Y+YwEb0uTx82B8/jN8BiHvy/afPIwvQ+tF8yg4Dhvg
fthpQga9PboPYzEfmTue6LLAGrH5sYNefkRQBnpA1Eqe7QHZstrZGSVJvFL7VW/Z
LChSuaDnEFJoQl8UFA7w80L1QRGI3ogQR5kXrWdfo8ISlPF+Qmgs95Kq3lHQ/RH8
ZMrTjuqJyrFhbql5qt08OumED0nZyvCRGvGEL92Qb1AD0LFxjDdlDMpnhwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFO0UV+uyWc92+CyPq7tXdMPHqF7jMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I5YzkxM2VlLWVkMDUtNDgxNS05NjIwLWMzYzQ4ZWIzNjhhMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaSgwDQYJKoZIhvcNAQELBQADggEBAI0M91o4zbbr9kINmVoY
ldMYtgMyjx1pCTQlrz8Hs1V2pZuMWrgNDGYQdPTGvxZAH6I5+vsFt5eXQysYz7E7
nuCaitsfJqEh7C5QBWOoh9UsYNyCZYjtEXBZX1xTJWK3iqD5UOvSBwpL3Lk8DKPC
bgQ67ycaBcIFP7w/Q07QLysXU/IuAMTHP5bPs6leIXlCXC4B9hb8BIr252KC9046
7G87sWIl+/MRcq53jkK/WGl6PbE9v4MLiG6hTyTa40WXKUSPj8QjtxbRaIjOSvfj
C0VP7bXQwGDott0LTePj8t0qpmhsVtqIeMJ2XStqetJgPGsnR/+CvwNbLQmJWisA
cXM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:20:19 2025 by rpki-client