Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cdf78925-b4b0-4234-91cb-647243232823.roa
File: cdf78925-b4b0-4234-91cb-647243232823.roa (raw, json)
Hash identifier: gfI4o2nrFDEt6nPsiSylNMy/aqBEU7REuvWTX6B6ep8=
Subject key identifier: BC:33:F9:FC:51:F4:67:9A:0C:7D:4F:0E:C6:24:29:24:8F:59:84:A7
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 17239D9020A02E3C9E2C59D4BD920FC6E40AFDA8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cdf78925-b4b0-4234-91cb-647243232823.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:6000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:23:9d:90:20:a0:2e:3c:9e:2c:59:d4:bd:92:0f:c6:e4:0a:fd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=cd36c98bcb83b1cc30971354147798abbee62136c1ecfcac2a08ab94ba1c8542, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ab:e2:b5:56:63:e7:f8:d2:84:4c:67:2e:9d:
a3:05:7c:92:55:98:2a:e4:0a:f8:46:01:ba:b5:2e:
be:52:09:ee:df:78:a5:53:0e:48:2b:0f:ea:34:a4:
f7:c8:ed:7a:6c:fc:70:88:e8:44:23:f3:07:60:5f:
36:3b:46:eb:78:c8:b1:f6:44:0f:05:44:80:53:c4:
8d:87:f8:e6:ab:39:3e:51:c0:cc:33:6b:6e:3c:3a:
ff:c0:89:38:32:65:fd:39:6c:9a:0f:91:18:2a:37:
a0:96:80:17:68:cd:a1:56:9a:d1:9d:bc:eb:05:09:
7b:2b:8c:54:13:84:69:4d:4d:6b:78:d8:81:08:0e:
0c:05:19:95:18:9b:f5:3f:ba:40:5d:71:c7:02:af:
f3:77:b2:c0:0a:64:3d:69:14:fc:d0:75:12:4e:ed:
47:56:1f:f2:cc:e2:e7:cb:2e:f2:3e:eb:d2:66:ad:
94:c5:82:7f:2d:5a:b4:c5:be:70:4f:58:cd:87:57:
a8:23:93:ca:ae:f9:16:0c:fc:8f:6e:cd:03:00:96:
f8:86:7a:16:5e:64:1b:d4:66:92:01:6a:ab:0a:e0:
8b:d5:ce:73:70:bd:7d:78:26:c5:f3:40:f1:5f:54:
81:b8:e3:d3:03:32:33:99:48:ae:b4:2c:f4:ab:97:
0e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:33:F9:FC:51:F4:67:9A:0C:7D:4F:0E:C6:24:29:24:8F:59:84:A7
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cdf78925-b4b0-4234-91cb-647243232823.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:6000::/40
Signature Algorithm: sha256WithRSAEncryption
14:7e:4d:b1:b5:de:b6:29:64:40:ec:a8:90:7e:3b:89:13:8b:
8f:6a:7e:d0:ae:32:c2:64:cb:a8:45:e8:2f:f6:79:68:fc:cc:
18:62:f4:8c:8a:79:48:cc:d1:0f:b7:66:31:89:84:89:83:54:
99:d6:ac:df:3b:f3:bb:b4:d8:68:2b:9b:0a:ea:82:70:82:5c:
b9:f6:8e:ca:68:59:0f:4e:7a:ce:1d:b8:f7:4a:93:28:22:42:
80:32:15:1a:50:ea:10:6a:e2:e9:a0:09:da:28:24:2b:43:cf:
bb:5b:59:1d:fe:b4:a0:de:27:2f:b9:ef:db:79:4c:6d:39:8e:
be:cc:0c:af:c9:51:85:2d:0a:47:d2:49:c7:ed:c9:a4:34:a0:
7e:8f:e3:0f:14:8c:3b:9e:07:a5:2a:89:c9:82:15:cb:07:89:
6b:46:aa:6b:3f:fe:25:ee:07:f6:32:e9:4e:93:72:f8:7e:0b:
c7:60:04:5a:48:10:eb:62:c9:41:25:e3:36:b9:16:7f:b3:9a:
8c:76:60:c1:04:8e:4a:dc:15:b0:5e:ec:79:09:5a:48:07:27:
42:2b:db:83:50:25:72:a4:db:be:97:1d:f0:63:a4:12:22:2e:
68:20:f9:28:5b:a3:c5:c8:78:f2:7f:42:72:61:14:5e:2a:47:
a1:35:6b:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFyOdkCCgLjyeLFnUvZIPxuQK/agwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAY2QzNmM5OGJjYjgzYjFjYzMwOTcx
MzU0MTQ3Nzk4YWJiZWU2MjEzNmMxZWNmY2FjMmEwOGFiOTRiYTFjODU0MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KvitVZj5/jShExnLp2jBXySVZgq
5Ar4RgG6tS6+Ugnu33ilUw5IKw/qNKT3yO16bPxwiOhEI/MHYF82O0breMix9kQP
BUSAU8SNh/jmqzk+UcDMM2tuPDr/wIk4MmX9OWyaD5EYKjegloAXaM2hVprRnbzr
BQl7K4xUE4RpTU1reNiBCA4MBRmVGJv1P7pAXXHHAq/zd7LACmQ9aRT80HUSTu1H
Vh/yzOLnyy7yPuvSZq2UxYJ/LVq0xb5wT1jNh1eoI5PKrvkWDPyPbs0DAJb4hnoW
XmQb1GaSAWqrCuCL1c5zcL19eCbF80DxX1SBuOPTAzIzmUiutCz0q5cO6QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLwz+fxR9GeaDH1PDsYkKSSPWYSnMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NkZjc4OTI1LWI0YjAtNDIzNC05MWNiLTY0NzI0MzIzMjgyMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYWAwDQYJKoZIhvcNAQELBQADggEBABR+TbG13rYpZEDsqJB+
O4kTi49qftCuMsJky6hF6C/2eWj8zBhi9IyKeUjM0Q+3ZjGJhImDVJnWrN8787u0
2GgrmwrqgnCCXLn2jspoWQ9Oes4duPdKkygiQoAyFRpQ6hBq4umgCdooJCtDz7tb
WR3+tKDeJy+579t5TG05jr7MDK/JUYUtCkfSScftyaQ0oH6P4w8UjDueB6UqicmC
FcsHiWtGqms//iXuB/Yy6U6Tcvh+C8dgBFpIEOtiyUEl4za5Fn+zmox2YMEEjkrc
FbBe7HkJWkgHJ0Ir24NQJXKk276XHfBjpBIiLmgg+Shbo8XIePJ/QnJhFF4qR6E1
a4Q=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:03 2025 by rpki-client