Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc74e646-f238-4ce9-a399-9ad2f67be94f.roa
File: dc74e646-f238-4ce9-a399-9ad2f67be94f.roa (raw, json)
Hash identifier: 4joCoGuWx2H3f8tTV+nh39qOYZFMgXgUGJ8+TkgpHk8=
Subject key identifier: D4:23:04:B4:43:BB:34:B7:74:A5:12:DD:6F:BD:28:FD:BA:CD:84:34
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3C688D150E978ED280CA21C806632EEFF52A6E5A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc74e646-f238-4ce9-a399-9ad2f67be94f.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafe:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:68:8d:15:0e:97:8e:d2:80:ca:21:c8:06:63:2e:ef:f5:2a:6e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ae304c9c9706459e72ba80a613a76b99b6d2e20a8b2361ac25e2c51fea60a3c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:b0:ea:fb:54:89:e0:cc:9a:31:f5:77:56:
be:d1:b9:4f:2d:e5:45:90:c9:a4:ab:33:2a:36:17:
bb:43:db:7e:83:14:ae:ac:ee:04:c4:b1:1e:8c:70:
6b:c6:d6:a3:09:8c:53:e4:3a:8b:61:29:c9:57:86:
f5:43:ae:5c:34:bb:8c:db:78:5f:6e:6f:10:b3:b4:
88:f6:c6:e3:50:5f:10:4d:2e:92:2b:7e:02:4e:68:
f0:a0:b5:0e:05:d0:1a:37:56:c8:12:27:30:95:0d:
b3:68:fa:54:55:64:6c:5e:14:b7:ee:0c:05:d5:b2:
4f:0a:1c:b4:fd:ee:f2:a8:db:2b:06:dd:92:9e:90:
b0:e9:82:78:f0:c1:d7:2c:5b:c3:de:97:6c:83:99:
8b:ba:85:4d:8e:cc:e0:3c:05:99:d7:f9:27:72:75:
34:b3:2a:04:7f:4f:44:53:ff:f2:5c:25:aa:36:30:
8b:e9:63:5b:8f:d1:6b:32:06:37:a8:c3:78:e7:de:
a9:f4:70:93:fe:39:e5:9d:22:19:28:b0:8d:62:cf:
b7:f1:fc:48:f0:20:a9:fa:1d:30:11:84:9b:4a:f0:
fb:ac:60:2a:d6:70:d1:05:3e:b7:d5:26:af:f6:6c:
3c:0b:91:1b:b2:06:28:34:c0:a8:50:a3:66:d5:73:
c2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:23:04:B4:43:BB:34:B7:74:A5:12:DD:6F:BD:28:FD:BA:CD:84:34
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc74e646-f238-4ce9-a399-9ad2f67be94f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafe:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:5c:26:6e:48:e3:5b:f1:d0:54:33:83:a2:88:39:f0:cb:38:
89:bb:2d:70:3b:1f:db:13:33:14:ee:01:02:5c:97:48:45:4c:
e3:64:12:29:58:0f:e8:18:22:53:3b:b3:52:a7:30:0f:67:9d:
df:75:63:59:ea:4f:c8:28:37:fa:81:89:5d:eb:93:40:3e:4e:
75:f2:af:6c:ed:10:70:e1:79:f3:05:73:7a:ec:2d:d2:00:9f:
0d:47:21:d3:b7:fb:2f:d9:83:fb:03:69:05:bb:d3:ea:33:49:
ef:76:9e:f8:98:93:ee:41:40:77:bc:c6:19:76:ca:7f:5b:58:
62:2f:5c:0e:34:68:80:80:a5:4c:12:a5:b0:c6:be:12:ed:fa:
98:4d:58:c9:2d:cb:6e:d5:19:76:ea:fa:0d:48:8f:13:68:94:
a6:32:e7:5d:19:90:fe:14:c0:24:c0:26:56:fb:f5:05:f6:8f:
91:48:a5:69:3a:49:8b:6f:72:9a:85:61:52:2a:af:4c:7f:be:
33:1c:1e:55:9c:cc:66:27:b2:f8:9a:0f:c8:a0:50:cf:2c:67:
47:05:7d:5b:2a:37:a1:bf:e8:a3:cf:a4:c4:a3:46:e4:3c:0f:
49:83:3e:54:5e:e2:7f:be:2e:38:2d:ec:88:12:05:e0:81:f8:
2d:d9:fe:9a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUPGiNFQ6XjtKAyiHIBmMu7/UqblowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAYWUzMDRjOWM5NzA2NDU5ZTcyYmE4
MGE2MTNhNzZiOTliNmQyZTIwYThiMjM2MWFjMjVlMmM1MWZlYTYwYTNjODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0aw6vtUieDMmjH1d1a+0blPLeVF
kMmkqzMqNhe7Q9t+gxSurO4ExLEejHBrxtajCYxT5DqLYSnJV4b1Q65cNLuM23hf
bm8Qs7SI9sbjUF8QTS6SK34CTmjwoLUOBdAaN1bIEicwlQ2zaPpUVWRsXhS37gwF
1bJPChy0/e7yqNsrBt2SnpCw6YJ48MHXLFvD3pdsg5mLuoVNjszgPAWZ1/kncnU0
syoEf09EU//yXCWqNjCL6WNbj9FrMgY3qMN4596p9HCT/jnlnSIZKLCNYs+38fxI
8CCp+h0wEYSbSvD7rGAq1nDRBT631Sav9mw8C5EbsgYoNMCoUKNm1XPCjQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNQjBLRDuzS3dKUS3W+9KP26zYQ0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RjNzRlNjQ2LWYyMzgtNGNlOS1hMzk5LTlhZDJmNjdiZTk0Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/hAwDQYJKoZIhvcNAQELBQADggEBAMlcJm5I41vx0FQzg6KI
OfDLOIm7LXA7H9sTMxTuAQJcl0hFTONkEilYD+gYIlM7s1KnMA9nnd91Y1nqT8go
N/qBiV3rk0A+TnXyr2ztEHDhefMFc3rsLdIAnw1HIdO3+y/Zg/sDaQW70+ozSe92
nviYk+5BQHe8xhl2yn9bWGIvXA40aICApUwSpbDGvhLt+phNWMkty27VGXbq+g1I
jxNolKYy510ZkP4UwCTAJlb79QX2j5FIpWk6SYtvcpqFYVIqr0x/vjMcHlWczGYn
sviaD8igUM8sZ0cFfVsqN6G/6KPPpMSjRuQ8D0mDPlRe4n++Ljgt7IgSBeCB+C3Z
/po=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:24:54 2025 by rpki-client