Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/daef484d-11aa-4bc3-89ae-50742593b34c.roa
File: daef484d-11aa-4bc3-89ae-50742593b34c.roa (raw, json)
Hash identifier: FQ/qRjg9frId+FuTex/G5zywuW9O33MboestkaEwsOA=
Subject key identifier: 6C:A9:67:6C:D8:D3:CF:9F:37:9D:5C:F9:53:4B:B7:67:64:36:D1:E6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 20DB206AB5244378F1355E465722E3B00D76CCD8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/daef484d-11aa-4bc3-89ae-50742593b34c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:4800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:db:20:6a:b5:24:43:78:f1:35:5e:46:57:22:e3:b0:0d:76:cc:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=a5cba29a0599e55510daa25b9dfa52af241df6d35d2d843ee595552f502789a2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:c7:d5:57:80:0b:86:ca:16:b0:d4:21:92:
9b:e4:37:d1:d7:c0:e9:f7:ee:af:7d:24:15:01:f5:
68:9e:e2:bf:82:bd:cc:f9:b6:16:c5:74:a5:8e:16:
cc:c4:67:55:ff:de:ab:f7:63:0f:be:d1:5a:a5:c9:
a0:d2:ad:39:5c:fa:58:b8:68:81:ab:14:17:6c:25:
84:46:67:bc:19:7b:c6:51:8a:e8:3b:6c:c6:33:c7:
8c:61:35:ae:9e:76:81:86:48:a2:0e:74:37:3e:a0:
f4:f9:c8:78:29:8c:9c:b4:af:53:6a:e2:5d:53:61:
83:16:95:e1:23:7e:b4:ea:02:c5:12:60:61:3c:4d:
bf:b3:5c:fb:08:c0:a3:02:17:f9:ee:82:e0:d0:4f:
4a:f8:e9:f1:c6:1a:ec:c9:21:62:ad:36:69:d0:7c:
fa:9e:b2:bf:80:da:e2:83:75:34:bb:05:c6:0a:61:
a1:a6:3e:79:d7:29:9e:a3:f0:09:a9:49:1d:6b:c8:
c2:54:fb:fc:66:cd:c3:9d:2b:ba:03:c7:b9:12:16:
33:e7:18:8e:c7:6d:f5:07:3c:57:6e:ec:32:90:a2:
86:0d:25:36:ab:66:c7:0f:aa:8d:10:07:be:30:fd:
9a:a8:f6:6c:74:a9:fc:23:b2:d6:dc:87:66:d4:f4:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A9:67:6C:D8:D3:CF:9F:37:9D:5C:F9:53:4B:B7:67:64:36:D1:E6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/daef484d-11aa-4bc3-89ae-50742593b34c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:4800::/40
Signature Algorithm: sha256WithRSAEncryption
69:3e:f1:90:bd:31:a1:1b:ab:37:61:75:55:cd:6b:5e:56:fd:
48:38:ae:4b:25:d6:c5:47:11:6c:b5:74:ca:02:7c:7a:7d:6f:
e3:aa:93:8f:14:7a:e1:48:10:b2:dd:18:a6:11:02:a8:10:23:
d8:7a:ca:24:c0:44:e2:fa:77:00:bb:ab:34:65:9d:2d:19:07:
d1:eb:c8:59:85:7e:12:33:98:39:6b:27:c5:11:b9:6b:57:01:
35:ec:f4:16:b4:7d:a4:cc:e2:87:2e:c9:68:16:ee:ef:7e:2a:
4b:1f:6f:f3:2e:ad:20:11:42:51:29:88:6e:d5:05:bb:90:de:
a4:59:c7:b0:9f:86:4a:bc:f3:6f:a6:86:47:98:6e:1e:14:a4:
20:ba:26:24:07:67:d8:83:2a:56:a1:5a:68:27:2b:f9:91:bd:
d2:1a:9f:2e:0a:ce:c9:0c:98:c5:70:7c:cc:e3:3d:b8:a7:6a:
d9:5b:ee:5b:2f:9d:b3:b3:3d:0c:f6:cc:96:53:8b:2c:f5:8c:
a1:9b:cd:23:ba:82:0e:16:53:34:1b:b2:1a:29:fc:45:a5:43:
2f:49:25:bc:94:ce:e9:f1:e4:7e:04:ce:16:93:89:0d:b9:6a:
64:6b:8a:c8:ab:0a:53:1a:f7:6e:14:67:f3:f3:56:82:42:9e:
d9:51:70:4d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUINsgarUkQ3jxNV5GVyLjsA12zNgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTVjYmEyOWEwNTk5ZTU1NTEwZGFh
MjViOWRmYTUyYWYyNDFkZjZkMzVkMmQ4NDNlZTU5NTU1MmY1MDI3ODlhMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogLH1VeAC4bKFrDUIZKb5DfR18Dp
9+6vfSQVAfVonuK/gr3M+bYWxXSljhbMxGdV/96r92MPvtFapcmg0q05XPpYuGiB
qxQXbCWERme8GXvGUYroO2zGM8eMYTWunnaBhkiiDnQ3PqD0+ch4KYyctK9TauJd
U2GDFpXhI3606gLFEmBhPE2/s1z7CMCjAhf57oLg0E9K+OnxxhrsySFirTZp0Hz6
nrK/gNrig3U0uwXGCmGhpj551ymeo/AJqUkda8jCVPv8Zs3DnSu6A8e5EhYz5xiO
x231BzxXbuwykKKGDSU2q2bHD6qNEAe+MP2aqPZsdKn8I7LW3Idm1PTVMwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGypZ2zY08+fN51c+VNLt2dkNtHmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RhZWY0ODRkLTExYWEtNGJjMy04OWFlLTUwNzQyNTkzYjM0Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYUgwDQYJKoZIhvcNAQELBQADggEBAGk+8ZC9MaEbqzdhdVXN
a15W/Ug4rksl1sVHEWy1dMoCfHp9b+Oqk48UeuFIELLdGKYRAqgQI9h6yiTAROL6
dwC7qzRlnS0ZB9HryFmFfhIzmDlrJ8URuWtXATXs9Ba0faTM4ocuyWgW7u9+Kksf
b/MurSARQlEpiG7VBbuQ3qRZx7Cfhkq882+mhkeYbh4UpCC6JiQHZ9iDKlahWmgn
K/mRvdIany4KzskMmMVwfMzjPbinatlb7lsvnbOzPQz2zJZTiyz1jKGbzSO6gg4W
UzQbshop/EWlQy9JJbyUzunx5H4EzhaTiQ25amRrisirClMa924UZ/PzVoJCntlR
cE0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:33:29 2025 by rpki-client