Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa
File: e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa (raw, json)
Hash identifier: IZuFz9AxcrYh35iV6JCfxHBqGEciZuh6rvwIASea514=
Subject key identifier: 1E:20:87:10:31:76:8C:31:B4:59:10:22:E0:87:54:C1:4A:7E:0A:E8
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 56B94A8725288EAA9F4034713F4AED400D8861DF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf1:c800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:b9:4a:87:25:28:8e:aa:9f:40:34:71:3f:4a:ed:40:0d:88:61:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=14bd779f221dbe51918a562ea0aa70050ff4055a72961d93c06bf312f3553cd4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a1:61:1e:19:96:c9:6c:b8:0a:08:6f:88:33:
ea:36:f4:cb:39:24:e7:0c:3c:7a:53:42:3c:3f:5e:
8e:12:8b:74:17:07:a6:0d:92:ee:cf:d3:05:ae:63:
37:6d:81:f8:63:c2:b9:4e:ca:d9:89:2e:d2:a7:ba:
f0:9a:09:9c:8f:60:d7:3c:c9:19:f8:0f:89:74:e2:
69:b2:ea:55:11:b1:a4:d6:c3:13:3f:47:54:be:3d:
98:3d:29:83:c3:c8:b0:a9:ea:36:e8:c7:8d:eb:86:
81:da:02:9c:2e:ee:9e:58:5a:30:e7:1e:ef:ad:43:
60:48:0b:f7:a4:cc:b4:eb:16:8a:79:6c:30:1c:fe:
95:30:46:a6:a7:62:bf:ad:dc:c6:4f:27:0c:62:18:
a3:1e:fc:7c:7f:91:ae:07:df:74:78:01:3a:31:48:
63:33:5f:fc:f1:ff:51:ee:4e:1c:c0:d7:a6:8f:c5:
8a:50:46:34:0c:cc:75:ed:c7:8c:9b:14:be:a4:45:
c6:62:c4:7f:1f:ba:53:5d:c6:0a:ad:1e:29:84:b6:
d0:da:0c:9b:de:bb:e0:49:1e:33:48:36:d1:23:bf:
f3:29:53:11:7a:ab:a0:16:76:60:f6:e1:4d:3c:65:
ff:7c:ff:e9:55:84:92:b8:89:d5:d9:35:eb:f8:cd:
da:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:20:87:10:31:76:8C:31:B4:59:10:22:E0:87:54:C1:4A:7E:0A:E8
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf1:c800::/40
Signature Algorithm: sha256WithRSAEncryption
bd:bd:65:e4:75:85:ec:a7:91:46:6c:52:e0:07:13:8a:44:fd:
e8:a9:f4:b2:a0:e7:50:d3:cb:47:07:60:d8:eb:f8:0c:a0:5a:
df:7e:5e:f7:26:78:dd:cb:6a:aa:9a:73:55:1a:9a:a5:eb:9a:
f4:09:e0:ad:3c:13:8d:dd:df:85:04:fc:d0:38:f5:73:9e:33:
1c:5f:ee:3d:6b:85:8e:99:01:b4:01:bb:12:b0:ce:3e:9b:51:
a3:25:8e:61:2b:41:c6:06:d8:ff:47:d8:2f:59:26:e2:44:69:
4e:6e:1e:c4:f1:e9:e2:d8:1a:7d:31:32:82:e9:77:35:17:09:
d3:b6:77:f4:74:57:11:32:1a:76:36:10:4e:b7:59:dc:94:4e:
0e:91:e6:f2:ca:51:02:d9:1f:44:0f:99:81:b7:ea:9f:58:41:
9c:8c:a0:18:5f:0d:39:b6:4d:1a:a8:c9:43:e1:5d:9f:ad:7c:
76:5e:70:87:b1:74:3a:e0:6a:67:36:25:4d:5b:0f:6b:7b:4b:
98:56:d1:44:99:23:7b:c8:3a:45:17:a2:f8:2e:79:02:8f:7e:
8d:db:29:6e:94:b1:82:66:66:79:7c:59:83:dc:4e:36:d2:03:
52:fa:19:85:2f:90:39:b5:d1:44:97:40:cf:21:fe:1d:0b:29:
fa:53:ae:56
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVrlKhyUojqqfQDRxP0rtQA2IYd8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTRiZDc3OWYyMjFkYmU1MTkxOGE1
NjJlYTBhYTcwMDUwZmY0MDU1YTcyOTYxZDkzYzA2YmYzMTJmMzU1M2NkNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qFhHhmWyWy4CghviDPqNvTLOSTn
DDx6U0I8P16OEot0FwemDZLuz9MFrmM3bYH4Y8K5TsrZiS7Sp7rwmgmcj2DXPMkZ
+A+JdOJpsupVEbGk1sMTP0dUvj2YPSmDw8iwqeo26MeN64aB2gKcLu6eWFow5x7v
rUNgSAv3pMy06xaKeWwwHP6VMEamp2K/rdzGTycMYhijHvx8f5GuB990eAE6MUhj
M1/88f9R7k4cwNemj8WKUEY0DMx17ceMmxS+pEXGYsR/H7pTXcYKrR4phLbQ2gyb
3rvgSR4zSDbRI7/zKVMRequgFnZg9uFNPGX/fP/pVYSSuInV2TXr+M3amwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFB4ghxAxdowxtFkQIuCHVMFKfgroMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U5Y2VmMTUwLTlmYmMtNGJkNC1iYTdjLTQ4NjM2MzU4YmVhNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8cgwDQYJKoZIhvcNAQELBQADggEBAL29ZeR1heynkUZsUuAH
E4pE/eip9LKg51DTy0cHYNjr+AygWt9+XvcmeN3Laqqac1UamqXrmvQJ4K08E43d
34UE/NA49XOeMxxf7j1rhY6ZAbQBuxKwzj6bUaMljmErQcYG2P9H2C9ZJuJEaU5u
HsTx6eLYGn0xMoLpdzUXCdO2d/R0VxEyGnY2EE63WdyUTg6R5vLKUQLZH0QPmYG3
6p9YQZyMoBhfDTm2TRqoyUPhXZ+tfHZecIexdDrgamc2JU1bD2t7S5hW0USZI3vI
OkUXovgueQKPfo3bKW6UsYJmZnl8WYPcTjbSA1L6GYUvkDm10USXQM8h/h0LKfpT
rlY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:49 2025 by rpki-client