Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbad04a-dae4-464c-9a60-1e4c91340af1.roa
File: ddbad04a-dae4-464c-9a60-1e4c91340af1.roa (raw, json)
Hash identifier: T3uPeO5PFQj6cK1zbCWUVr6sxxG/4pejM9a3GmNySmk=
Subject key identifier: A8:04:8D:A0:ED:72:63:4D:FF:07:B7:FE:0C:8F:1F:AA:9C:D3:32:D6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6602B5F7B64B49A2D708F3E7E842364297BEA51C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbad04a-dae4-464c-9a60-1e4c91340af1.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:a000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:02:b5:f7:b6:4b:49:a2:d7:08:f3:e7:e8:42:36:42:97:be:a5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=03418a02e76b6975129c7e7e2aab02253e43e370b150c3224486431e5aed9550, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ff:5b:04:95:b8:62:ef:94:45:c4:3a:7e:9d:
3a:ba:44:b6:cd:f5:aa:f7:e9:93:3e:b9:48:75:0e:
6d:fa:4b:87:a3:b1:ba:77:ad:da:80:05:1e:fb:2a:
48:6b:76:08:1e:35:cd:c9:3a:b9:ab:df:41:8c:4b:
8b:d3:b1:b8:4e:da:6b:30:12:ca:29:8a:25:d2:15:
7b:79:83:76:c5:c3:44:5a:5c:d4:21:6b:46:a0:0d:
54:86:da:8a:df:62:27:b5:ae:fe:78:21:67:12:9b:
62:ac:17:7e:58:7d:7a:50:04:2c:cf:16:4c:8a:45:
58:41:80:03:2f:bf:99:98:2b:77:bb:9e:95:a7:b6:
a8:1a:00:ce:07:b0:0c:32:ca:75:44:e6:4d:9e:49:
3e:5b:e3:25:66:e4:36:e8:bf:b8:89:9d:27:89:3a:
cc:15:94:5b:b6:fa:ce:9b:47:75:1f:1f:31:c8:42:
13:d6:6a:17:e1:ae:df:69:d1:ac:54:61:cc:06:f0:
48:d6:d8:5e:3e:67:db:56:ac:35:fc:34:b2:b7:31:
6e:65:6e:5d:2e:0d:f1:2c:36:44:95:14:f3:8c:1f:
27:0b:22:95:51:e2:6b:c0:e3:78:5b:4b:da:3a:7c:
62:da:02:44:60:48:e9:80:ab:12:bb:24:97:e9:79:
64:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:04:8D:A0:ED:72:63:4D:FF:07:B7:FE:0C:8F:1F:AA:9C:D3:32:D6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbad04a-dae4-464c-9a60-1e4c91340af1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4f:e1:d1:e8:4d:9a:0f:f7:b1:96:f2:81:8a:82:4c:f8:e0:27:
67:9f:9a:ea:0d:02:e0:23:e6:c1:e0:20:75:a0:59:73:14:a5:
ed:c9:c9:3c:e4:af:f2:19:e4:5a:91:b3:a9:09:d1:69:6c:10:
8b:34:61:f9:e4:76:24:7a:27:ec:a2:14:3d:d0:ea:9d:b0:91:
ce:88:a1:f7:a1:19:9c:99:33:ba:04:d6:c5:5b:10:65:99:28:
84:39:3d:55:57:f8:0c:e8:37:fa:19:e1:c7:84:17:df:bc:69:
a8:e2:a0:74:bf:1d:6b:32:d0:6a:a4:c9:48:52:5f:21:1c:26:
1d:d1:19:ae:b5:7a:e5:11:8c:f9:d6:cb:2f:e4:b2:0b:da:8f:
d9:03:a2:fa:71:a0:84:20:ed:a9:51:f7:52:a0:f7:81:eb:c3:
a7:a7:90:b4:d8:81:03:1b:3f:4a:b1:f7:eb:cc:ad:ac:83:ab:
6e:e6:ce:c2:e9:53:7e:60:e3:9a:bc:dc:80:04:64:78:e3:fc:
77:8d:be:e0:01:b7:06:c7:9e:18:ae:d3:c6:1f:d8:84:57:7f:
55:86:f5:d8:4f:c4:2e:50:ee:25:3e:97:d5:d7:70:d1:ac:83:
53:5b:45:f7:76:e2:87:db:b0:e4:73:b0:79:fa:3e:19:9d:68:
70:43:5f:e3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUZgK197ZLSaLXCPPn6EI2Qpe+pRwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMDM0MThhMDJlNzZiNjk3NTEyOWM3
ZTdlMmFhYjAyMjUzZTQzZTM3MGIxNTBjMzIyNDQ4NjQzMWU1YWVkOTU1MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof9bBJW4Yu+URcQ6fp06ukS2zfWq
9+mTPrlIdQ5t+kuHo7G6d63agAUe+ypIa3YIHjXNyTq5q99BjEuL07G4TtprMBLK
KYol0hV7eYN2xcNEWlzUIWtGoA1UhtqK32Inta7+eCFnEptirBd+WH16UAQszxZM
ikVYQYADL7+ZmCt3u56Vp7aoGgDOB7AMMsp1ROZNnkk+W+MlZuQ26L+4iZ0niTrM
FZRbtvrOm0d1Hx8xyEIT1moX4a7fadGsVGHMBvBI1thePmfbVqw1/DSytzFuZW5d
Lg3xLDZElRTzjB8nCyKVUeJrwON4W0vaOnxi2gJEYEjpgKsSuySX6XlkZQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKgEjaDtcmNN/we3/gyPH6qc0zLWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RkYmFkMDRhLWRhZTQtNDY0Yy05YTYwLTFlNGM5MTM0MGFmMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYaAwDQYJKoZIhvcNAQELBQADggEBAE/h0ehNmg/3sZbygYqC
TPjgJ2efmuoNAuAj5sHgIHWgWXMUpe3JyTzkr/IZ5FqRs6kJ0WlsEIs0YfnkdiR6
J+yiFD3Q6p2wkc6IofehGZyZM7oE1sVbEGWZKIQ5PVVX+AzoN/oZ4ceEF9+8aaji
oHS/HWsy0GqkyUhSXyEcJh3RGa61euURjPnWyy/ksgvaj9kDovpxoIQg7alR91Kg
94Hrw6enkLTYgQMbP0qx9+vMrayDq27mzsLpU35g45q83IAEZHjj/HeNvuABtwbH
nhiu08Yf2IRXf1WG9dhPxC5Q7iU+l9XXcNGsg1NbRfd24ofbsORzsHn6PhmdaHBD
X+M=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:11:59 2025 by rpki-client