Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa
File: d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa (raw, json)
Hash identifier: z9UZ68CfIIzJhSGaIN00XvDKmMao+STEG+FnDJUkhnY=
Subject key identifier: 09:EA:29:BA:43:6E:16:09:18:A3:E0:DA:01:9F:75:9F:A6:78:5D:CF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7E5771CCB7D29CAEFFC762BFF94BCB973F13E3AC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa
Signing time: Tue 28 Jan 2025 00:00:00 +0000
ROA not before: Tue 28 Jan 2025 00:00:00 +0000
ROA not after: Tue 04 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da20::/28 maxlen: 28
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:57:71:cc:b7:d2:9c:ae:ff:c7:62:bf:f9:4b:cb:97:3f:13:e3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 28 00:00:00 2025 GMT
Not After : Mar 4 23:59:59 2025 GMT
Subject: serialNumber=542110f18e0eea0bda0ec85c78d25914b8157df14a76a3ee0f667276b155d6df, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:1d:07:88:47:5a:16:59:2f:5b:71:03:a7:
7d:15:15:5e:3f:b4:f1:a1:b6:4b:0f:0d:86:ac:4a:
73:be:a1:20:01:a2:56:21:f2:65:56:c0:e3:3e:a5:
4a:8f:cd:35:72:e6:2e:be:67:f3:88:a5:55:54:36:
64:ab:4b:c5:2e:9f:94:d2:4a:20:05:6f:74:10:53:
c1:59:bb:8c:08:75:3c:9d:d6:3a:13:3e:05:39:c8:
1d:b9:13:fd:9e:22:3f:ed:2f:fb:63:e1:38:7b:05:
2a:7f:b0:21:1c:e9:94:86:42:23:be:ff:8c:92:ff:
ee:d0:99:96:a8:50:44:0e:16:2d:bd:86:94:90:c3:
82:b9:21:72:c0:1a:c3:67:83:90:fc:ea:8a:50:77:
fd:41:87:ae:16:c6:6d:01:5a:55:79:a5:0e:15:16:
9d:47:e7:5c:65:29:a1:13:13:f1:a3:5e:07:a7:77:
a5:97:fe:2c:38:55:e6:96:8a:5a:99:7c:35:b4:cc:
2d:18:0e:5c:a5:20:db:d9:b2:66:1e:38:aa:53:96:
bd:e2:57:60:87:4b:3b:36:68:5a:76:95:96:bb:0f:
3e:b2:a6:e7:cb:ba:d2:b1:42:c7:81:3d:11:34:9f:
28:53:73:e3:3d:04:dd:56:cb:59:56:de:9c:65:8e:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EA:29:BA:43:6E:16:09:18:A3:E0:DA:01:9F:75:9F:A6:78:5D:CF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da20::/28
Signature Algorithm: sha256WithRSAEncryption
0b:e9:52:2a:77:19:58:37:58:ec:51:1c:4e:32:e4:a4:3b:84:
ef:4d:7e:5c:4c:5d:11:f8:ca:a4:5d:6e:67:8a:66:bd:ae:d3:
38:22:36:27:e5:3f:25:c5:7e:5f:cf:d7:06:bd:30:b9:b8:78:
cf:ca:10:35:07:dd:aa:34:ae:64:ae:88:5c:f3:b3:fd:77:9d:
eb:a7:10:05:b1:be:fd:a0:f6:37:ba:bc:51:b8:a6:37:86:f5:
98:30:ce:d0:54:6c:0c:51:07:a1:b6:76:46:29:3e:fa:45:83:
da:5a:d2:05:eb:dd:89:4b:d2:91:6f:6e:cd:01:5f:81:b8:20:
ac:6e:6c:c4:30:53:6f:40:43:b2:cb:00:ed:de:d5:31:9c:16:
13:7a:b9:79:03:ca:b1:16:b5:3a:f8:35:e5:30:94:f4:13:87:
f9:a6:e4:8a:35:59:b1:fb:cf:e3:18:e5:90:da:c9:f0:69:15:
51:1b:64:19:1c:cf:d2:7f:29:fc:b9:17:83:71:89:52:ae:fa:
10:b7:4d:0e:0d:6a:7a:d1:fe:31:a0:54:58:79:81:bf:f1:8c:
17:b1:3d:08:36:bc:ba:38:5e:b0:67:e1:cd:88:da:63:58:d0:
23:9d:3f:16:71:15:f9:96:e1:f6:52:c7:52:31:44:1e:4b:ac:
1d:8f:e4:20
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUfldxzLfSnK7/x2K/+UvLlz8T46wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyODAwMDAwMFoX
DTI1MDMwNDIzNTk1OVowejFJMEcGA1UEBRNANTQyMTEwZjE4ZTBlZWEwYmRhMGVj
ODVjNzhkMjU5MTRiODE1N2RmMTRhNzZhM2VlMGY2NjcyNzZiMTU1ZDZkZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulIdB4hHWhZZL1txA6d9FRVeP7Tx
obZLDw2GrEpzvqEgAaJWIfJlVsDjPqVKj801cuYuvmfziKVVVDZkq0vFLp+U0kog
BW90EFPBWbuMCHU8ndY6Ez4FOcgduRP9niI/7S/7Y+E4ewUqf7AhHOmUhkIjvv+M
kv/u0JmWqFBEDhYtvYaUkMOCuSFywBrDZ4OQ/OqKUHf9QYeuFsZtAVpVeaUOFRad
R+dcZSmhExPxo14Hp3ell/4sOFXmlopamXw1tMwtGA5cpSDb2bJmHjiqU5a94ldg
h0s7NmhadpWWuw8+sqbny7rSsULHgT0RNJ8oU3PjPQTdVstZVt6cZY7UdQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAnqKbpDbhYJGKPg2gGfdZ+meF3PMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q3M2MwYTUxLWFiN2ItNDg3OC1iZGZmLWUwOGI2MTgxZWRiZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUEJAbaIDANBgkqhkiG9w0BAQsFAAOCAQEAC+lSKncZWDdY7FEcTjLk
pDuE701+XExdEfjKpF1uZ4pmva7TOCI2J+U/JcV+X8/XBr0wubh4z8oQNQfdqjSu
ZK6IXPOz/Xed66cQBbG+/aD2N7q8UbimN4b1mDDO0FRsDFEHobZ2Rik++kWD2lrS
BevdiUvSkW9uzQFfgbggrG5sxDBTb0BDsssA7d7VMZwWE3q5eQPKsRa1Ovg15TCU
9BOH+abkijVZsfvP4xjlkNrJ8GkVURtkGRzP0n8p/LkXg3GJUq76ELdNDg1qetH+
MaBUWHmBv/GMF7E9CDa8ujhesGfhzYjaY1jQI50/FnEV+Zbh9lLHUjFEHkusHY/k
IA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:19:05 2025 by rpki-client