Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c03ea245-c111-48cc-a8e5-84e8292b3452.roa
File: c03ea245-c111-48cc-a8e5-84e8292b3452.roa (raw, json)
Hash identifier: EvmDz1vP3rUXhtowgUTRdEZPnJphhwAywO2Cruqa0nQ=
Subject key identifier: 0B:84:91:9A:50:B4:43:C1:3D:17:2C:F1:FF:D3:B2:5B:64:66:40:04
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6DDC369FE30875021EE507D0E57AC2BC97703C62
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c03ea245-c111-48cc-a8e5-84e8292b3452.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf5:c800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:dc:36:9f:e3:08:75:02:1e:e5:07:d0:e5:7a:c2:bc:97:70:3c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d37489aa86fde7df5ba355a307da7e4bd8199ebd5692cfed31ca923aee3530bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:82:88:eb:1f:dc:78:85:14:5f:7c:ef:f9:fe:
68:e7:02:39:04:e2:83:98:20:a2:69:d8:a3:a4:00:
bc:6b:9e:75:b8:1d:8b:94:18:fc:4a:74:1e:b6:8d:
e6:8e:ec:11:ad:66:1a:c1:65:44:35:53:cb:58:1d:
9c:7e:4f:6f:d0:bc:c1:62:95:12:75:d4:6c:89:1c:
75:cd:80:01:f7:b7:ae:56:05:73:89:2d:b3:e6:cf:
e3:b5:d4:cf:f2:b3:01:0b:33:82:cb:50:ea:b6:4a:
45:df:cb:65:e5:d9:9a:df:28:9f:0c:b7:2f:eb:84:
6b:b4:e1:f6:4d:c2:df:ee:19:bb:6e:a2:d4:02:61:
7c:b8:1d:73:19:dd:74:44:33:e4:2f:15:7a:b3:89:
90:51:81:40:62:67:bc:5e:84:fe:25:83:9f:b0:4a:
8b:25:0b:85:08:f7:e8:e1:91:13:bd:8a:2b:3e:c0:
d4:58:d0:36:e0:6b:5b:9c:11:59:7d:6e:e0:4c:08:
06:e7:35:99:67:c6:e8:a6:7e:f3:d4:84:be:03:08:
a9:83:ad:dd:3c:f2:b2:ed:dd:94:0d:2b:c5:46:71:
e3:8a:cd:d8:b4:92:0e:2d:9f:73:ca:71:9c:1f:a1:
fd:10:18:c9:fa:78:72:b5:36:b4:ad:43:6a:11:c2:
fa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:84:91:9A:50:B4:43:C1:3D:17:2C:F1:FF:D3:B2:5B:64:66:40:04
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c03ea245-c111-48cc-a8e5-84e8292b3452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf5:c800::/40
Signature Algorithm: sha256WithRSAEncryption
00:b9:34:38:8d:60:42:7a:97:74:82:12:de:57:9c:b9:96:41:
86:8d:51:de:d0:75:c6:4c:d5:8c:0a:de:68:cf:84:38:04:f5:
54:8c:5b:45:7c:c1:61:f8:22:99:83:76:c1:99:35:6d:c8:9a:
20:76:92:7c:da:f5:df:94:d2:dc:80:9f:ca:d0:f7:8c:cb:ae:
a1:70:b7:80:6a:ea:4c:03:27:20:9f:83:af:47:49:29:4f:37:
18:83:6d:ac:b5:a5:22:ba:a9:a8:51:75:69:14:a3:ed:c9:ac:
c7:11:eb:24:42:63:3a:57:5c:44:47:bc:fa:c4:24:3c:ed:83:
95:40:d9:f6:06:e3:d9:41:5a:53:91:91:9f:04:6c:1d:3a:1d:
96:e7:da:62:d9:02:0e:f8:94:72:ef:72:8e:7f:14:4d:68:fe:
c2:d1:b6:82:e0:85:0b:d9:ce:db:c8:1f:2d:38:b3:03:2d:b1:
11:c2:e6:b3:1d:42:19:be:a9:8f:fa:b3:24:0d:0e:5b:9f:d2:
2e:45:35:60:77:ca:41:85:98:d0:3b:b1:98:82:c5:f9:31:c6:
e0:a2:0a:1a:5d:3a:c2:b6:a2:a6:5c:95:81:0e:10:5f:97:dd:
88:cf:80:f9:83:09:56:31:37:8a:86:6b:00:75:4d:4e:70:84:
64:93:9e:d2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbdw2n+MIdQIe5QfQ5XrCvJdwPGIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZDM3NDg5YWE4NmZkZTdkZjViYTM1
NWEzMDdkYTdlNGJkODE5OWViZDU2OTJjZmVkMzFjYTkyM2FlZTM1MzBiZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYKI6x/ceIUUX3zv+f5o5wI5BOKD
mCCiadijpAC8a551uB2LlBj8SnQeto3mjuwRrWYawWVENVPLWB2cfk9v0LzBYpUS
ddRsiRx1zYAB97euVgVziS2z5s/jtdTP8rMBCzOCy1DqtkpF38tl5dma3yifDLcv
64RrtOH2TcLf7hm7bqLUAmF8uB1zGd10RDPkLxV6s4mQUYFAYme8XoT+JYOfsEqL
JQuFCPfo4ZETvYorPsDUWNA24GtbnBFZfW7gTAgG5zWZZ8bopn7z1IS+Awipg63d
PPKy7d2UDSvFRnHjis3YtJIOLZ9zynGcH6H9EBjJ+nhytTa0rUNqEcL6cQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAuEkZpQtEPBPRcs8f/TsltkZkAEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MwM2VhMjQ1LWMxMTEtNDhjYy1hOGU1LTg0ZTgyOTJiMzQ1Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9cgwDQYJKoZIhvcNAQELBQADggEBAAC5NDiNYEJ6l3SCEt5X
nLmWQYaNUd7QdcZM1YwK3mjPhDgE9VSMW0V8wWH4IpmDdsGZNW3ImiB2knza9d+U
0tyAn8rQ94zLrqFwt4Bq6kwDJyCfg69HSSlPNxiDbay1pSK6qahRdWkUo+3JrMcR
6yRCYzpXXERHvPrEJDztg5VA2fYG49lBWlORkZ8EbB06HZbn2mLZAg74lHLvco5/
FE1o/sLRtoLghQvZztvIHy04swMtsRHC5rMdQhm+qY/6syQNDluf0i5FNWB3ykGF
mNA7sZiCxfkxxuCiChpdOsK2oqZclYEOEF+X3YjPgPmDCVYxN4qGawB1TU5whGST
ntI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:39:29 2025 by rpki-client