Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be697827-1e1a-4b50-b163-d4a59553c0b9.roa
File: be697827-1e1a-4b50-b163-d4a59553c0b9.roa (raw, json)
Hash identifier: 7+6btQVaKgMK2v07G+Z8KnMGGq3WfRCduXGs1bC8T1A=
Subject key identifier: 58:2A:7D:71:49:35:40:60:4C:F8:E4:C3:82:BE:89:20:7D:37:E6:19
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: CF980885230567FD0A7EE28BA14D0DFE65B037
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be697827-1e1a-4b50-b163-d4a59553c0b9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:7040::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
cf:98:08:85:23:05:67:fd:0a:7e:e2:8b:a1:4d:0d:fe:65:b0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=22aff02a8b5e18ab6d1500e62b8de759127118bd7100075a9f7c6ecc94e6800a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:84:a9:cb:aa:f3:bb:5b:2f:50:53:fb:ea:31:
6e:7b:92:d5:81:14:b2:73:12:3e:f1:0b:a9:f1:10:
c7:3e:a2:b3:02:2f:a4:2f:00:b1:96:ea:ab:15:9f:
c2:84:9c:37:75:80:5a:e5:8e:74:5f:29:83:30:b2:
9a:e9:dc:66:cf:97:aa:35:f7:a3:53:fe:7c:33:a2:
ce:eb:60:82:71:bd:01:e9:09:15:91:7c:53:da:6b:
9f:79:46:8f:2e:80:eb:fd:4f:34:8f:e2:32:06:dd:
fc:34:ff:92:af:b1:6b:45:8f:05:67:1c:3a:cd:bf:
33:64:27:b2:d1:18:c6:55:00:11:70:07:25:df:94:
79:9e:5c:2d:7c:93:06:cd:33:fe:11:11:07:6e:55:
9e:89:f4:d8:19:e6:f6:8d:8f:14:8a:df:0e:7a:6e:
9b:34:17:06:96:7e:aa:30:81:e0:f0:1e:d6:11:29:
ca:7d:dd:8d:4a:ae:63:d7:d7:41:46:00:7d:91:2d:
32:dc:30:44:57:35:f3:8f:c5:b7:06:66:b4:fd:91:
f1:23:83:cd:9b:20:e0:c6:2a:cb:88:43:c0:ef:63:
1a:f0:42:9b:04:03:9d:9c:21:bc:49:18:50:49:3b:
3a:41:04:83:b3:2d:42:8c:cd:a6:04:6d:cc:58:38:
ed:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2A:7D:71:49:35:40:60:4C:F8:E4:C3:82:BE:89:20:7D:37:E6:19
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be697827-1e1a-4b50-b163-d4a59553c0b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:7040::/46
Signature Algorithm: sha256WithRSAEncryption
30:87:a2:55:b0:3b:ff:40:09:ee:b8:1f:2e:74:a9:9a:c8:dd:
3f:91:f2:a0:c4:d7:d5:20:4a:9b:44:0c:ba:a1:d1:29:5b:2c:
95:40:98:7b:69:c2:b3:eb:71:69:03:54:eb:6b:97:6f:f3:fe:
08:08:c5:15:70:29:ca:74:98:4b:b5:6a:1d:bd:33:1d:dd:6a:
64:52:be:80:26:67:46:6f:52:4d:65:47:ec:1f:0a:60:83:29:
1f:16:bf:d1:a2:41:a0:a7:18:fb:80:30:5c:03:17:5b:39:d7:
28:cf:ea:e4:94:3a:06:28:1f:28:c7:5d:e6:1c:91:55:f1:b6:
fe:3a:71:82:76:53:7c:ff:3a:6d:80:4a:52:b7:ca:9e:59:ca:
c0:d6:de:f1:9b:bc:28:a8:e2:53:d2:d7:fc:f8:e6:f9:c5:b5:
98:70:6c:fe:45:d3:eb:8c:90:e2:fa:21:90:b1:15:18:ce:24:
5d:86:b1:78:83:2e:01:cc:bf:b2:0a:32:3c:e6:46:65:76:b4:
76:bb:57:52:75:f2:53:a9:3d:dd:50:34:b1:d0:96:35:a0:93:
30:8e:6f:d8:c8:2d:34:02:2e:da:b5:21:bf:26:95:d0:7d:8a:
5f:65:bd:5d:05:71:40:c9:18:08:18:9b:a0:ec:ff:2e:50:77:
00:a3:74:6b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUAM+YCIUjBWf9Cn7ii6FNDf5lsDcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjJhZmYwMmE4YjVlMThhYjZkMTUw
MGU2MmI4ZGU3NTkxMjcxMThiZDcxMDAwNzVhOWY3YzZlY2M5NGU2ODAwYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyISpy6rzu1svUFP76jFue5LVgRSy
cxI+8Qup8RDHPqKzAi+kLwCxluqrFZ/ChJw3dYBa5Y50XymDMLKa6dxmz5eqNfej
U/58M6LO62CCcb0B6QkVkXxT2mufeUaPLoDr/U80j+IyBt38NP+Sr7FrRY8FZxw6
zb8zZCey0RjGVQARcAcl35R5nlwtfJMGzTP+EREHblWeifTYGeb2jY8Uit8Oem6b
NBcGln6qMIHg8B7WESnKfd2NSq5j19dBRgB9kS0y3DBEVzXzj8W3Bma0/ZHxI4PN
myDgxirLiEPA72Ma8EKbBAOdnCG8SRhQSTs6QQSDsy1CjM2mBG3MWDjtuwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFgqfXFJNUBgTPjkw4K+iSB9N+YZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JlNjk3ODI3LTFlMWEtNGI1MC1iMTYzLWQ0YTU5NTUzYzBiOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+3BAMA0GCSqGSIb3DQEBCwUAA4IBAQAwh6JVsDv/QAnuuB8u
dKmayN0/kfKgxNfVIEqbRAy6odEpWyyVQJh7acKz63FpA1Tra5dv8/4ICMUVcCnK
dJhLtWodvTMd3WpkUr6AJmdGb1JNZUfsHwpggykfFr/RokGgpxj7gDBcAxdbOdco
z+rklDoGKB8ox13mHJFV8bb+OnGCdlN8/zptgEpSt8qeWcrA1t7xm7woqOJT0tf8
+Ob5xbWYcGz+RdPrjJDi+iGQsRUYziRdhrF4gy4BzL+yCjI85kZldrR2u1dSdfJT
qT3dUDSx0JY1oJMwjm/YyC00Ai7atSG/JpXQfYpfZb1dBXFAyRgIGJug7P8uUHcA
o3Rr
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:47:07 2025 by rpki-client