Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa
File: bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa (raw, json)
Hash identifier: +bglIm5Yp7UYBcpx6+rQnAzXrKtMw0dRO7obvjAFp0E=
Subject key identifier: E1:EE:C8:C5:FB:74:9A:BD:EF:71:54:A4:A0:9C:5D:7B:7B:1F:81:61
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7092428BC4371C60987C1A4F5AD092C9659CD112
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:7000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:92:42:8b:c4:37:1c:60:98:7c:1a:4f:5a:d0:92:c9:65:9c:d1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=0d32438267ef09395df13686512e3a1b6040a1a3dddb7fe11c87ce7630c2d4f7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e8:62:af:2f:8d:c4:c8:99:14:66:1c:89:2c:
d0:22:a2:a9:b8:5e:69:de:dd:d6:23:6a:0a:36:35:
d9:5f:6d:1f:30:35:7c:a9:ea:84:78:1e:0a:68:26:
58:9d:4a:c1:68:81:ba:db:0b:0c:3e:aa:7d:de:08:
9d:70:6c:59:95:7f:a6:91:20:9b:52:91:5e:10:bf:
2c:11:c9:11:9f:b5:9e:d4:13:4e:60:1f:81:a4:bf:
1a:2a:48:93:9b:20:be:ae:dc:14:1c:8d:82:83:30:
6e:43:60:d4:f6:90:40:61:d4:3e:8a:cf:e3:d9:61:
23:65:53:5a:86:c2:dd:aa:83:6f:73:2f:f7:93:cf:
52:e5:31:2d:9e:72:a0:a0:ab:3e:c1:48:62:dd:20:
1f:95:27:a8:38:9a:80:c8:54:1d:42:5e:65:bc:59:
5f:c0:93:0f:47:18:2b:fa:9c:91:8d:76:58:00:84:
5b:59:f8:9c:58:0f:f0:59:bd:eb:7a:bb:92:bd:b2:
a8:88:72:f3:67:c5:83:86:46:dd:b9:a0:d9:59:b0:
08:66:50:80:d7:fe:0b:db:19:3d:1b:53:91:c0:f1:
11:41:03:ad:4d:7d:59:34:7e:91:a0:9d:08:e0:59:
2c:bd:9a:e3:ea:2c:31:67:9e:b6:81:59:47:eb:5f:
55:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:EE:C8:C5:FB:74:9A:BD:EF:71:54:A4:A0:9C:5D:7B:7B:1F:81:61
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:7000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:a8:14:3a:4b:35:ee:e1:42:7d:ed:fe:db:2b:de:26:90:03:
94:23:a4:b1:86:41:e8:2a:36:a4:f3:1d:00:e6:b1:93:25:20:
02:f1:dc:fd:42:9d:4b:ca:33:a6:24:95:6f:c0:58:2d:38:d8:
3e:fa:a4:54:91:71:09:03:7c:1b:eb:3a:a4:42:19:e3:34:fb:
5b:e7:0a:24:9c:10:a4:d1:81:dd:69:44:7e:bb:08:6e:6c:a2:
4e:14:ea:58:46:cd:e5:bb:e6:b5:bd:43:74:25:93:ee:34:0b:
1d:80:5f:94:2d:ab:c2:e1:20:c8:33:cd:5d:94:62:39:4c:1d:
a9:9c:6a:4f:59:34:a2:42:14:dd:51:f1:96:38:90:f4:a7:0b:
c7:26:0d:d3:f3:3c:e9:0f:d3:cf:7a:9f:64:17:30:df:12:1b:
8b:59:99:f8:68:29:af:ef:32:cb:c2:c9:ce:b8:11:1f:aa:79:
57:0e:b3:ae:2a:da:0f:ec:e2:e7:0c:63:72:7f:85:29:e4:42:
ca:86:6a:d6:af:76:df:e1:ff:d5:33:b3:88:c0:0a:92:8f:07:
bc:1f:cb:e1:b0:bc:db:fe:dc:fd:d2:37:8f:28:95:f3:bd:d0:
8d:3c:3b:37:7c:46:f5:a7:52:ce:7e:4f:c6:6a:2c:aa:25:cd:
72:a9:ff:29
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUcJJCi8Q3HGCYfBpPWtCSyWWc0RIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMGQzMjQzODI2N2VmMDkzOTVkZjEz
Njg2NTEyZTNhMWI2MDQwYTFhM2RkZGI3ZmUxMWM4N2NlNzYzMGMyZDRmNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ohiry+NxMiZFGYciSzQIqKpuF5p
3t3WI2oKNjXZX20fMDV8qeqEeB4KaCZYnUrBaIG62wsMPqp93gidcGxZlX+mkSCb
UpFeEL8sEckRn7We1BNOYB+BpL8aKkiTmyC+rtwUHI2CgzBuQ2DU9pBAYdQ+is/j
2WEjZVNahsLdqoNvcy/3k89S5TEtnnKgoKs+wUhi3SAflSeoOJqAyFQdQl5lvFlf
wJMPRxgr+pyRjXZYAIRbWficWA/wWb3reruSvbKoiHLzZ8WDhkbduaDZWbAIZlCA
1/4L2xk9G1ORwPERQQOtTX1ZNH6RoJ0I4FksvZrj6iwxZ562gVlH619VnQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOHuyMX7dJq973FUpKCcXXt7H4FhMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiMzNjNmU5LTgzYjktNDNjMy1iNDU4LTUzYWRmN2IzZTUzZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAHAwDQYJKoZIhvcNAQELBQADggEBAMSoFDpLNe7hQn3t/tsr
3iaQA5QjpLGGQegqNqTzHQDmsZMlIALx3P1CnUvKM6YklW/AWC042D76pFSRcQkD
fBvrOqRCGeM0+1vnCiScEKTRgd1pRH67CG5sok4U6lhGzeW75rW9Q3Qlk+40Cx2A
X5Qtq8LhIMgzzV2UYjlMHamcak9ZNKJCFN1R8ZY4kPSnC8cmDdPzPOkP0896n2QX
MN8SG4tZmfhoKa/vMsvCyc64ER+qeVcOs64q2g/s4ucMY3J/hSnkQsqGatavdt/h
/9Uzs4jACpKPB7wfy+GwvNv+3P3SN48olfO90I08Ozd8RvWnUs5+T8ZqLKolzXKp
/yk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:49 2025 by rpki-client