Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca1499ac-e3ec-424c-96ee-5ed34b4df464.roa
File: ca1499ac-e3ec-424c-96ee-5ed34b4df464.roa (raw, json)
Hash identifier: +9Crbbb7cvN4LYjAyilYqJ82xJp+cpNcFb3FQlP3Wv8=
Subject key identifier: 3F:C8:41:A7:54:75:4E:C0:57:25:CC:57:0A:1A:C9:71:0A:86:0C:6D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3288699DB8A74546DDCA6C4E3AF3A691F6C214A7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca1499ac-e3ec-424c-96ee-5ed34b4df464.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:4000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:88:69:9d:b8:a7:45:46:dd:ca:6c:4e:3a:f3:a6:91:f6:c2:14:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=6b240525a43c4add43dbb6408b851fe77836ba874d12832e256b6c6ee9fc6795, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b8:19:c8:8b:de:85:26:27:f8:9f:26:ca:44:
9f:fc:4e:e1:a5:b5:48:33:ca:6b:77:32:ac:94:ed:
20:9c:cf:4a:ff:9a:10:cc:fc:87:a4:fc:c6:73:c0:
49:ec:da:a6:5f:73:bf:5d:0f:31:6e:6f:17:7f:e6:
b3:c0:2e:e0:10:bf:e6:8d:ef:c1:82:dd:1d:fb:0c:
6b:29:ab:49:47:02:76:83:42:0c:75:b6:eb:d8:b5:
df:d4:00:ef:ec:4c:fc:34:b0:36:7e:e9:ef:e5:b8:
08:96:61:5e:27:65:bb:81:6e:49:64:86:65:fa:62:
17:00:a3:a5:2c:a1:ca:20:c7:f8:e3:7f:e7:d8:cc:
ea:8f:65:a5:be:d2:4e:e7:fd:6a:44:1f:e0:9a:4b:
3c:c3:5b:5a:6e:12:d4:f8:fb:de:27:2a:eb:15:99:
d1:e8:83:ed:f6:27:d9:d9:22:69:b8:2f:8d:1f:db:
e1:0f:6a:ad:5e:dd:d2:f8:55:60:e9:c9:63:79:37:
76:d4:2b:50:b2:a6:77:71:78:33:57:6c:42:1b:3c:
e1:9b:99:77:57:9b:43:44:97:3c:d6:c2:42:51:9a:
5c:78:43:1d:7d:d1:e6:0e:48:ba:18:fc:9c:06:ed:
f6:d3:f9:68:b4:75:c2:bf:e6:61:90:22:22:0c:05:
2f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C8:41:A7:54:75:4E:C0:57:25:CC:57:0A:1A:C9:71:0A:86:0C:6D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca1499ac-e3ec-424c-96ee-5ed34b4df464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:4000::/40
Signature Algorithm: sha256WithRSAEncryption
89:0b:34:b9:bd:23:43:4a:75:7b:33:1d:99:5f:83:be:70:4b:
d9:50:cd:3c:ba:c9:be:4e:c8:84:f9:be:9a:64:f9:1b:3a:98:
e0:11:a1:47:76:e3:a1:9c:9f:48:d0:6d:82:d0:a5:e0:ef:cd:
37:bb:d3:87:d5:56:16:85:73:87:1c:1d:a7:b2:7a:f7:9f:8e:
5d:82:4e:e1:b9:9f:5c:42:4d:43:dd:d4:54:f4:34:6e:29:63:
f3:0c:a7:a8:fb:3b:b2:72:d1:42:94:8b:08:a3:7f:5a:dd:c8:
94:25:e2:21:b7:a6:e2:d9:1a:d1:94:2f:b7:01:79:c3:75:31:
2e:8d:54:a3:7a:3b:28:91:e0:9c:03:e0:8e:d8:42:c7:cd:5b:
b4:5c:5a:bd:a8:bd:fc:f1:39:e5:10:19:bc:a4:48:18:33:0b:
9d:9e:d4:a2:6d:f0:a9:56:86:6b:78:17:05:41:b4:9e:df:bf:
13:97:89:b2:90:69:bb:83:cd:a8:db:f4:53:90:ea:23:1d:a4:
ba:41:dc:a6:35:cb:77:fa:84:74:03:7f:74:ce:aa:e2:d7:f0:
89:c5:15:98:1f:08:31:89:8f:83:8b:2a:43:68:e2:42:a5:17:
65:59:d0:a5:49:20:90:e7:79:2c:1f:89:fa:19:4f:90:c2:03:
54:fc:d8:01
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMohpnbinRUbdymxOOvOmkfbCFKcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANmIyNDA1MjVhNDNjNGFkZDQzZGJi
NjQwOGI4NTFmZTc3ODM2YmE4NzRkMTI4MzJlMjU2YjZjNmVlOWZjNjc5NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLgZyIvehSYn+J8mykSf/E7hpbVI
M8prdzKslO0gnM9K/5oQzPyHpPzGc8BJ7NqmX3O/XQ8xbm8Xf+azwC7gEL/mje/B
gt0d+wxrKatJRwJ2g0IMdbbr2LXf1ADv7Ez8NLA2funv5bgIlmFeJ2W7gW5JZIZl
+mIXAKOlLKHKIMf443/n2Mzqj2WlvtJO5/1qRB/gmks8w1tabhLU+PveJyrrFZnR
6IPt9ifZ2SJpuC+NH9vhD2qtXt3S+FVg6cljeTd21CtQsqZ3cXgzV2xCGzzhm5l3
V5tDRJc81sJCUZpceEMdfdHmDki6GPycBu320/lotHXCv+ZhkCIiDAUvsQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD/IQadUdU7AVyXMVwoayXEKhgxtMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NhMTQ5OWFjLWUzZWMtNDI0Yy05NmVlLTVlZDM0YjRkZjQ2NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYUAwDQYJKoZIhvcNAQELBQADggEBAIkLNLm9I0NKdXszHZlf
g75wS9lQzTy6yb5OyIT5vppk+Rs6mOARoUd246Gcn0jQbYLQpeDvzTe704fVVhaF
c4ccHaeyevefjl2CTuG5n1xCTUPd1FT0NG4pY/MMp6j7O7Jy0UKUiwijf1rdyJQl
4iG3puLZGtGUL7cBecN1MS6NVKN6OyiR4JwD4I7YQsfNW7RcWr2ovfzxOeUQGbyk
SBgzC52e1KJt8KlWhmt4FwVBtJ7fvxOXibKQabuDzajb9FOQ6iMdpLpB3KY1y3f6
hHQDf3TOquLX8InFFZgfCDGJj4OLKkNo4kKlF2VZ0KVJIJDneSwfifoZT5DCA1T8
2AE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:16:14 2025 by rpki-client