Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa
File: bbddded6-dcdb-4e7d-afd3-a45288409de7.roa (raw, json)
Hash identifier: md7qq5NFrYqph3HuIUNhT+5y19DxQceUIgpQx5A4vR0=
Subject key identifier: 74:69:80:C4:BD:4F:FA:5A:F5:9E:6E:E9:8C:A8:2F:CA:BE:AD:2A:D4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 74E29DE2B1F15D264ABE1E48D47EE473D0D6F749
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:e0c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:e2:9d:e2:b1:f1:5d:26:4a:be:1e:48:d4:7e:e4:73:d0:d6:f7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2ea96984ccfd5869bea1a4f748138bd3f56b9daad899acd7b6ca91cb22b5b339, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e5:26:e7:2d:43:8d:c4:66:01:ce:08:fa:14:
fb:2a:43:66:37:4f:56:e8:6b:db:d8:a0:f2:c0:ae:
9c:7e:a1:f6:f4:c6:a4:d6:53:54:1e:8c:9f:bf:bc:
bd:14:b9:7b:29:2c:f4:b9:64:97:bc:f8:84:eb:f7:
91:0e:95:88:b7:46:33:a4:7c:93:1e:58:d4:24:da:
e2:ac:97:63:3a:6f:9f:e6:05:81:07:54:8b:57:3c:
39:dd:d1:d0:78:37:57:dc:d0:80:55:f8:37:6f:f3:
4b:56:11:0c:62:49:7d:6e:d0:ec:ac:03:7d:02:cc:
69:a4:19:f3:95:bd:92:e5:df:4d:f3:9e:eb:53:8f:
94:7f:ba:38:20:f3:f8:44:c0:76:82:03:dc:50:70:
33:d0:be:36:16:d1:3f:11:25:93:a4:c1:84:d4:af:
45:dd:f9:39:29:44:cf:3e:83:cb:fc:f4:29:18:1b:
8b:28:ee:b1:76:d2:75:a1:7c:b9:99:38:cd:c2:90:
97:53:24:81:35:01:1e:c8:54:1c:a9:53:bb:ae:ba:
97:a2:7a:75:2f:b0:e7:d3:ca:34:93:d6:5e:91:f2:
cf:1c:b6:f9:d4:72:ee:73:81:e7:a4:6a:2a:e7:44:
aa:2d:e0:3d:5c:75:2c:a3:be:dc:13:1e:c1:7d:28:
84:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:69:80:C4:BD:4F:FA:5A:F5:9E:6E:E9:8C:A8:2F:CA:BE:AD:2A:D4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
1a:67:93:b2:3d:f6:50:37:1e:83:ae:c0:b0:e0:3e:a6:8d:52:
aa:a2:9a:08:28:ad:8c:fa:16:f8:1a:b9:00:93:6d:e9:c8:3e:
ef:99:f2:b1:69:03:00:27:61:84:c8:b3:bb:8e:c3:6d:85:ea:
4f:e7:fe:5d:f5:22:9b:62:d3:a8:40:96:c7:a1:16:cc:31:d7:
7c:c3:b2:12:43:d3:44:ae:2c:40:55:07:e8:10:d6:7d:1b:c5:
ac:ce:ca:11:cb:32:1d:26:24:4b:14:3e:5b:ba:7c:a9:1a:d6:
09:c1:d1:ea:c9:40:8a:30:c9:ec:3a:d6:74:26:e5:a5:1b:bc:
19:0d:9e:3f:d0:51:14:7a:36:db:b7:e2:36:75:ba:b4:86:e2:
74:f8:b3:86:23:a5:d4:e0:ec:43:48:3a:2e:70:96:97:ad:21:
2e:48:90:08:ba:c7:09:e3:05:09:4b:ae:a1:c8:58:18:18:89:
0a:ef:ae:fe:55:c5:9e:23:f0:ad:ff:71:21:8b:0a:82:2d:51:
bb:61:7a:f6:76:6b:f3:8d:73:4d:88:8c:35:73:7b:f1:df:72:
d8:ac:97:2d:61:78:4d:5c:71:9b:b9:b4:e2:36:d8:51:61:dd:
88:b2:eb:10:e0:a2:9d:22:3b:15:4f:33:a7:06:61:fd:de:6f:
8a:c6:aa:e1
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdOKd4rHxXSZKvh5I1H7kc9DW90kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMmVhOTY5ODRjY2ZkNTg2OWJlYTFh
NGY3NDgxMzhiZDNmNTZiOWRhYWQ4OTlhY2Q3YjZjYTkxY2IyMmI1YjMzOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneUm5y1DjcRmAc4I+hT7KkNmN09W
6Gvb2KDywK6cfqH29Mak1lNUHoyfv7y9FLl7KSz0uWSXvPiE6/eRDpWIt0YzpHyT
HljUJNrirJdjOm+f5gWBB1SLVzw53dHQeDdX3NCAVfg3b/NLVhEMYkl9btDsrAN9
AsxppBnzlb2S5d9N857rU4+Uf7o4IPP4RMB2ggPcUHAz0L42FtE/ESWTpMGE1K9F
3fk5KUTPPoPL/PQpGBuLKO6xdtJ1oXy5mTjNwpCXUySBNQEeyFQcqVO7rrqXonp1
L7Dn08o0k9ZekfLPHLb51HLuc4HnpGoq50SqLeA9XHUso77cEx7BfSiEKQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHRpgMS9T/pa9Z5u6YyoL8q+rSrUMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiZGRkZWQ2LWRjZGItNGU3ZC1hZmQzLWE0NTI4ODQwOWRlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9+DAMA0GCSqGSIb3DQEBCwUAA4IBAQAaZ5OyPfZQNx6DrsCw
4D6mjVKqopoIKK2M+hb4GrkAk23pyD7vmfKxaQMAJ2GEyLO7jsNthepP5/5d9SKb
YtOoQJbHoRbMMdd8w7ISQ9NErixAVQfoENZ9G8WszsoRyzIdJiRLFD5bunypGtYJ
wdHqyUCKMMnsOtZ0JuWlG7wZDZ4/0FEUejbbt+I2dbq0huJ0+LOGI6XU4OxDSDou
cJaXrSEuSJAIuscJ4wUJS66hyFgYGIkK767+VcWeI/Ct/3EhiwqCLVG7YXr2dmvz
jXNNiIw1c3vx33LYrJctYXhNXHGbubTiNthRYd2IsusQ4KKdIjsVTzOnBmH93m+K
xqrh
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:24:56 2025 by rpki-client