Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db3424c8-0ae1-4042-9a6f-62bcb44b8dd3.roa
File: db3424c8-0ae1-4042-9a6f-62bcb44b8dd3.roa (raw, json)
Hash identifier: 3/eUllxfprXVA5IZL0rViqZXaKJm5hCgkSV7kEVpm5w=
Subject key identifier: 31:8A:E3:D5:C8:CF:8F:1D:63:DA:99:D8:A4:89:A7:64:9E:C1:C4:A5
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6F7EFC45B96BB5147339B31498CFFA400A9E2D76
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db3424c8-0ae1-4042-9a6f-62bcb44b8dd3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:2080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:7e:fc:45:b9:6b:b5:14:73:39:b3:14:98:cf:fa:40:0a:9e:2d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=ce58c9a06fc8c29cffd618a90e1ca68ad44923858266338644addf87702970fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f9:05:bb:41:24:fd:42:8f:11:0d:dc:21:31:
a7:dd:2d:76:93:95:e4:45:7f:0d:ae:47:69:5f:2d:
9d:92:00:1e:2a:b9:9a:ac:67:fe:10:10:f9:16:4c:
28:1c:aa:91:38:51:76:dc:a4:3c:35:0a:47:96:86:
2e:95:69:46:1c:aa:d0:1f:81:94:98:1a:81:21:ee:
b5:d2:96:60:fa:ca:01:ff:24:d6:19:5c:8e:d4:be:
21:54:a3:04:8f:2f:9b:4a:35:41:02:17:ad:d3:78:
09:a8:e3:b7:4c:32:13:21:d9:20:92:39:aa:5e:5e:
c7:08:b3:41:90:33:95:80:9a:55:6f:bc:9c:c0:c8:
48:0b:20:0c:a2:d0:9d:51:0b:93:62:51:e3:ba:78:
91:05:52:12:26:19:36:22:1c:49:3d:7d:bd:a3:a9:
31:6f:ee:9e:7b:1e:d4:15:d8:c5:62:74:be:30:db:
e3:82:56:d5:ca:ce:57:34:ea:58:53:4b:c7:62:21:
fc:66:a0:6e:67:c6:43:97:ef:01:41:74:bd:7d:6e:
31:8c:a0:89:11:77:c0:7f:7f:52:d4:a1:80:8b:82:
b2:e1:3a:63:3e:70:9c:6c:9a:fa:77:03:0c:fc:f3:
02:20:ae:ff:d1:9f:ce:cc:17:47:17:93:13:d4:36:
76:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8A:E3:D5:C8:CF:8F:1D:63:DA:99:D8:A4:89:A7:64:9E:C1:C4:A5
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db3424c8-0ae1-4042-9a6f-62bcb44b8dd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:2080::/48
Signature Algorithm: sha256WithRSAEncryption
46:ef:d8:f0:64:df:0b:a2:d2:3a:89:df:91:50:10:33:3c:72:
bb:a1:2d:a9:76:fb:5e:87:6f:59:a6:29:05:10:08:82:5d:15:
96:2d:ae:6b:35:55:8a:48:6b:5c:cb:96:9a:58:f8:3f:d0:bf:
b3:f1:19:1b:0d:ae:18:a9:22:7a:62:31:53:ee:2d:a5:08:3e:
2b:ce:46:7f:e7:ef:35:c8:f4:bc:00:35:65:05:b8:29:8e:63:
36:7a:68:fe:e7:44:f6:f0:0d:bb:cc:49:bd:26:0b:c5:21:a8:
c1:d3:b9:be:8b:9b:62:a6:26:cf:25:4b:0e:18:10:dd:a2:30:
bc:3e:4c:fe:56:85:6f:ed:73:09:c4:9e:25:ed:78:58:41:89:
b1:6d:32:1c:22:d1:75:0a:fe:18:51:9c:8a:54:78:28:c6:e0:
e3:2f:5f:25:31:32:ea:43:6c:85:8e:29:b1:93:f3:d0:2f:cf:
2c:a8:06:00:62:55:4d:5a:ba:cf:f6:a6:9e:90:fd:05:0b:b5:
e7:c6:38:f8:36:7b:44:cf:c3:9d:34:2f:72:ea:53:ea:e7:66:
f8:75:7f:6b:c6:b9:fd:ba:98:c5:eb:f7:61:0d:3b:62:9f:6a:
53:2a:e4:79:00:f6:ae:ca:c8:aa:19:57:1c:27:89:0a:94:ba:
cd:93:3d:62
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUb378RblrtRRzObMUmM/6QAqeLXYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAY2U1OGM5YTA2ZmM4YzI5Y2ZmZDYx
OGE5MGUxY2E2OGFkNDQ5MjM4NTgyNjYzMzg2NDRhZGRmODc3MDI5NzBmZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvkFu0Ek/UKPEQ3cITGn3S12k5Xk
RX8NrkdpXy2dkgAeKrmarGf+EBD5FkwoHKqROFF23KQ8NQpHloYulWlGHKrQH4GU
mBqBIe610pZg+soB/yTWGVyO1L4hVKMEjy+bSjVBAhet03gJqOO3TDITIdkgkjmq
Xl7HCLNBkDOVgJpVb7ycwMhICyAMotCdUQuTYlHjuniRBVISJhk2IhxJPX29o6kx
b+6eex7UFdjFYnS+MNvjglbVys5XNOpYU0vHYiH8ZqBuZ8ZDl+8BQXS9fW4xjKCJ
EXfAf39S1KGAi4Ky4TpjPnCcbJr6dwMM/PMCIK7/0Z/OzBdHF5MT1DZ2PQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDGK49XIz48dY9qZ2KSJp2SewcSlMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RiMzQyNGM4LTBhZTEtNDA0Mi05YTZmLTYyYmNiNDRiOGRkMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9CCAMA0GCSqGSIb3DQEBCwUAA4IBAQBG79jwZN8LotI6id+R
UBAzPHK7oS2pdvteh29ZpikFEAiCXRWWLa5rNVWKSGtcy5aaWPg/0L+z8RkbDa4Y
qSJ6YjFT7i2lCD4rzkZ/5+81yPS8ADVlBbgpjmM2emj+50T28A27zEm9JgvFIajB
07m+i5tipibPJUsOGBDdojC8Pkz+VoVv7XMJxJ4l7XhYQYmxbTIcItF1Cv4YUZyK
VHgoxuDjL18lMTLqQ2yFjimxk/PQL88sqAYAYlVNWrrP9qaekP0FC7Xnxjj4NntE
z8OdNC9y6lPq52b4dX9rxrn9upjF6/dhDTtin2pTKuR5APauysiqGVccJ4kKlLrN
kz1i
-----END CERTIFICATE-----
Generated at Fri May 9 13:02:18 2025 by rpki-client