Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa
File: dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa (raw, json)
Hash identifier: tcjJ2tryqB7wCja91EYqHalg8PHZH8I5XqdIbX8JStk=
Subject key identifier: 99:95:89:09:67:29:B2:AC:4A:35:DF:40:87:A0:66:72:82:D4:83:13
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7E892AC4D29702D56F6526533EB70E18A8377F66
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:80c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:89:2a:c4:d2:97:02:d5:6f:65:26:53:3e:b7:0e:18:a8:37:7f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5a7056b34b4a875e338745e9f9e7c8a0f59d0730c97d4258067241e5a84471ab, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:8f:43:1d:34:01:b4:03:cb:67:3c:27:01:
04:ea:92:c0:e9:6e:11:ea:1c:b1:a3:7b:0c:7d:4f:
48:9a:fd:6f:40:c5:5a:06:f1:d5:54:92:8e:ca:c6:
04:47:3c:09:49:5d:18:a9:52:18:00:e4:40:2c:c9:
95:24:92:7b:70:b2:3e:d8:8b:cd:be:84:66:c2:7c:
f5:18:4a:6a:c8:29:91:06:93:6a:92:e6:70:c7:97:
8e:4d:04:81:8d:b9:c5:a9:00:a2:41:82:8b:2d:cf:
ea:1b:14:f0:c4:e1:86:c4:b7:a4:27:06:6d:a9:3c:
49:31:ff:97:ab:c2:40:fc:da:46:a4:43:a5:58:c9:
d2:c4:b7:be:cb:b7:72:e0:7e:a3:f1:de:a7:d5:e1:
f0:d1:ab:a8:db:58:7b:6a:37:be:66:cc:80:11:6e:
5f:65:80:e8:df:e9:89:d3:5b:a4:b3:3a:55:5d:05:
9f:0b:4a:67:46:b4:0f:6d:f4:52:12:fe:35:25:79:
8b:66:db:9a:3c:82:ee:3d:83:9c:42:f1:f4:1f:d2:
21:6d:05:58:52:06:ad:69:c3:be:a7:c1:c7:6b:de:
41:a3:b0:3d:5a:19:24:55:d0:4d:62:d9:ff:e1:84:
99:88:2f:ce:fb:d5:f8:69:74:89:06:60:10:3c:7b:
78:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:95:89:09:67:29:B2:AC:4A:35:DF:40:87:A0:66:72:82:D4:83:13
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
c3:5e:6b:71:cd:2b:a2:f4:39:6a:33:a4:b7:70:38:be:44:fe:
63:0a:81:9f:0b:90:37:57:f2:c3:5b:2c:28:20:32:e7:30:50:
80:9d:c1:20:1b:a4:8c:43:b3:85:58:df:15:6e:ec:e7:02:c3:
01:b0:5d:89:7c:dc:c4:94:f0:97:48:06:8a:13:5a:07:ad:52:
87:26:b7:64:ee:ed:59:e4:60:7b:b6:f9:2f:24:ae:a8:a3:fb:
e8:a4:28:f6:ba:5e:6e:ff:ac:6f:cc:89:40:e1:ef:64:c6:2d:
52:96:50:51:03:e7:3b:ff:99:4d:11:33:10:79:66:2f:47:78:
f1:cf:e5:da:53:4a:80:33:91:1e:e3:62:2a:a3:5e:95:68:da:
62:cf:b8:d0:01:f8:18:69:8c:5d:57:76:02:2f:b3:87:18:37:
ab:23:0e:6e:80:45:e1:a3:a5:3a:f8:b2:82:c0:4b:ab:17:09:
01:59:6f:ae:f8:36:2d:55:19:89:f7:49:47:92:69:f5:be:d6:
f5:06:e8:34:35:d8:49:80:c6:2e:00:7e:b4:2a:65:02:1b:f3:
a5:05:6d:fd:e1:6d:04:da:7a:c6:a1:1c:9d:43:36:20:fa:cc:
07:52:1a:0b:36:55:5e:f6:22:63:cf:5c:c3:40:82:ef:a6:7f:
28:2b:d0:e3
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUfokqxNKXAtVvZSZTPrcOGKg3f2YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWE3MDU2YjM0YjRhODc1ZTMzODc0
NWU5ZjllN2M4YTBmNTlkMDczMGM5N2Q0MjU4MDY3MjQxZTVhODQ0NzFhYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl+PQx00AbQDy2c8JwEE6pLA6W4R
6hyxo3sMfU9Imv1vQMVaBvHVVJKOysYERzwJSV0YqVIYAORALMmVJJJ7cLI+2IvN
voRmwnz1GEpqyCmRBpNqkuZwx5eOTQSBjbnFqQCiQYKLLc/qGxTwxOGGxLekJwZt
qTxJMf+Xq8JA/NpGpEOlWMnSxLe+y7dy4H6j8d6n1eHw0auo21h7aje+ZsyAEW5f
ZYDo3+mJ01ukszpVXQWfC0pnRrQPbfRSEv41JXmLZtuaPILuPYOcQvH0H9IhbQVY
UgatacO+p8HHa95Bo7A9WhkkVdBNYtn/4YSZiC/O+9X4aXSJBmAQPHt4HQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJmViQlnKbKsSjXfQIegZnKC1IMTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RkOTRlNTI5LTU4OWYtNGFjNi05YzQxLWNmNDJiZTdlNGVkZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+4DAMA0GCSqGSIb3DQEBCwUAA4IBAQDDXmtxzSui9DlqM6S3
cDi+RP5jCoGfC5A3V/LDWywoIDLnMFCAncEgG6SMQ7OFWN8VbuznAsMBsF2JfNzE
lPCXSAaKE1oHrVKHJrdk7u1Z5GB7tvkvJK6oo/vopCj2ul5u/6xvzIlA4e9kxi1S
llBRA+c7/5lNETMQeWYvR3jxz+XaU0qAM5Ee42Iqo16VaNpiz7jQAfgYaYxdV3YC
L7OHGDerIw5ugEXho6U6+LKCwEurFwkBWW+u+DYtVRmJ90lHkmn1vtb1Bug0NdhJ
gMYuAH60KmUCG/OlBW394W0E2nrGoRydQzYg+swHUhoLNlVe9iJjz1zDQILvpn8o
K9Dj
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:25:25 2025 by rpki-client