Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa
File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json)
Hash identifier: e1s8p4WkmVGKsDOV0ny/k0UDZ5r171bzRIgg+JmAIak=
Subject key identifier: 78:95:AC:13:2D:25:F4:BB:9A:45:48:83:03:3A:4F:EE:A1:95:08:BF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1E03D6D7E5F08BE9DC2811D67CEF49B59815DA40
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:a040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:03:d6:d7:e5:f0:8b:e9:dc:28:11:d6:7c:ef:49:b5:98:15:da:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=12dcb66c3cb7e14f3dfa4ac8df6a75535188d6d96622d8c2d9aba2e3e899b691, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:af:74:00:21:78:63:12:60:66:96:aa:4f:
fb:3a:ce:51:67:be:9d:32:77:2f:1a:4d:47:37:d1:
76:fb:6a:16:7b:2f:b1:8a:c0:af:45:ba:cc:2e:4f:
5c:fd:de:f7:2a:10:e0:25:4d:a6:d1:60:53:ff:5c:
b4:ce:d1:3b:b1:a0:11:8b:6b:2d:ce:86:0b:ea:1d:
5e:af:6b:3f:26:85:bb:e0:a6:72:c3:e4:03:07:e3:
82:3a:1d:fe:28:a3:03:75:c5:e3:d5:cc:94:bf:ac:
ef:3b:48:79:b3:e2:15:ab:7c:6a:77:f0:b3:7e:41:
b5:d7:cf:b9:be:20:2e:5d:43:e9:ef:5a:90:c2:c3:
96:67:1d:c4:60:b1:cb:44:92:7f:f6:42:de:a4:c0:
5e:98:cb:a3:83:aa:f5:80:bb:aa:db:46:43:48:41:
dc:f3:8b:97:6c:bb:3f:c8:2d:13:71:83:35:28:8b:
1b:6a:37:26:2f:95:87:a5:3e:7c:bf:ea:e3:f2:32:
cd:f4:94:38:40:fc:21:be:16:dc:f4:e3:de:fb:70:
9a:6e:d7:28:80:8a:17:b6:01:60:6d:61:55:14:11:
0b:f0:22:80:fd:07:9c:5a:10:cd:be:40:41:42:6a:
0d:8b:e6:91:36:3f:b3:1d:6c:60:60:7d:be:c0:bc:
9c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:95:AC:13:2D:25:F4:BB:9A:45:48:83:03:3A:4F:EE:A1:95:08:BF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:a040::/48
Signature Algorithm: sha256WithRSAEncryption
9a:8b:cf:37:c6:79:36:91:bf:8d:7f:0d:c6:2a:05:dc:04:d1:
65:38:c3:3f:b2:43:cb:50:84:aa:cb:15:f9:0f:af:81:6b:e3:
9a:ea:3f:e0:99:76:b5:41:76:c8:be:6d:6d:bc:e5:f6:42:15:
b8:07:94:b6:43:42:e1:30:43:2d:fe:f5:14:fb:21:47:76:07:
e7:11:4c:df:06:f9:3b:1a:38:ac:28:18:38:ee:ea:d5:a0:ed:
50:9a:61:e2:1a:28:ca:b6:92:b5:7c:f5:b7:3c:ab:1b:08:01:
90:a5:e6:59:83:c6:cc:e1:8c:89:c2:df:da:a1:cb:51:ef:f2:
72:d0:e4:09:e7:4a:5d:5f:10:ed:13:5e:f0:5a:8b:b9:e5:90:
35:a9:53:9a:f0:69:f0:85:8b:e5:d1:45:1d:19:91:fd:6e:62:
ae:90:55:d5:10:a8:95:a8:77:18:d7:f6:67:a7:f9:de:77:00:
8a:0b:ad:d4:66:0f:a1:53:ea:d4:e3:c1:ac:64:93:e9:18:d6:
60:bf:98:c2:ee:cf:14:3d:cf:80:78:ba:8a:1b:72:ff:15:57:
3a:31:c3:2d:a4:16:d3:37:55:90:a0:90:11:16:ab:84:3e:26:
5e:1c:64:68:a0:55:5c:f5:db:7d:df:04:bb:95:87:80:0f:9a:
a3:b7:2d:35
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUHgPW1+Xwi+ncKBHWfO9JtZgV2kAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTJkY2I2NmMzY2I3ZTE0ZjNkZmE0
YWM4ZGY2YTc1NTM1MTg4ZDZkOTY2MjJkOGMyZDlhYmEyZTNlODk5YjY5MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+6vdAAheGMSYGaWqk/7Os5RZ76d
MncvGk1HN9F2+2oWey+xisCvRbrMLk9c/d73KhDgJU2m0WBT/1y0ztE7saARi2st
zoYL6h1er2s/JoW74KZyw+QDB+OCOh3+KKMDdcXj1cyUv6zvO0h5s+IVq3xqd/Cz
fkG118+5viAuXUPp71qQwsOWZx3EYLHLRJJ/9kLepMBemMujg6r1gLuq20ZDSEHc
84uXbLs/yC0TcYM1KIsbajcmL5WHpT58v+rj8jLN9JQ4QPwhvhbc9OPe+3Cabtco
gIoXtgFgbWFVFBEL8CKA/QecWhDNvkBBQmoNi+aRNj+zHWxgYH2+wLycUwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHiVrBMtJfS7mkVIgwM6T+6hlQi/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQCai883xnk2kb+Nfw3G
KgXcBNFlOMM/skPLUISqyxX5D6+Ba+Oa6j/gmXa1QXbIvm1tvOX2QhW4B5S2Q0Lh
MEMt/vUU+yFHdgfnEUzfBvk7GjisKBg47urVoO1QmmHiGijKtpK1fPW3PKsbCAGQ
peZZg8bM4YyJwt/aoctR7/Jy0OQJ50pdXxDtE17wWou55ZA1qVOa8GnwhYvl0UUd
GZH9bmKukFXVEKiVqHcY1/Znp/nedwCKC63UZg+hU+rU48GsZJPpGNZgv5jC7s8U
Pc+AeLqKG3L/FVc6McMtpBbTN1WQoJARFquEPiZeHGRooFVc9dt93wS7lYeAD5qj
ty01
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:09 2025 by rpki-client