Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ebef3a9a-a888-4ea6-8c9c-f166ba84d461.roa
File: ebef3a9a-a888-4ea6-8c9c-f166ba84d461.roa (raw, json)
Hash identifier: FPVP8n41f874NqhIHtED6oVlN4CcWeg+DV+YzECmB4I=
Subject key identifier: E9:3A:46:9D:76:91:34:FE:C1:5F:23:60:F7:34:F3:1A:E7:74:15:75
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 32D96CD8667517409C1E9AE7960F135D469012AC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ebef3a9a-a888-4ea6-8c9c-f166ba84d461.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:b000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d9:6c:d8:66:75:17:40:9c:1e:9a:e7:96:0f:13:5d:46:90:12:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=b9fa9017d4e28cebad378790544e56d81ea8067a01ca1928875dbd0464bbbeca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:ec:34:4d:88:5b:48:a0:ed:2f:f9:26:5a:
1c:46:3c:f5:71:69:8f:fc:b9:c2:0b:5b:92:a6:b0:
67:d6:08:e9:8f:05:3f:bd:fa:55:c4:32:22:ed:12:
ae:18:17:18:9b:af:31:6e:f1:0d:dc:02:98:c0:15:
b7:79:a3:74:6b:99:dd:bf:04:5a:63:30:3c:98:93:
76:67:a3:ce:04:0c:07:5e:e0:55:58:1f:25:95:fd:
c0:ff:fa:0a:10:68:3f:e9:93:6b:8a:fc:1a:99:ef:
26:29:cd:80:19:2c:84:30:ca:e0:88:10:99:2a:72:
59:b5:82:4e:16:9c:f4:60:22:e3:c0:34:ba:1a:06:
70:89:61:98:bc:df:75:83:c1:7d:90:98:de:1b:9b:
2f:d0:bc:d6:f2:91:f0:56:08:6b:32:5a:67:21:6b:
1f:c5:30:32:7c:b4:c1:33:c0:dd:94:51:4e:b0:d1:
df:36:27:1e:bb:c9:cb:98:81:ef:6a:b8:92:d0:0c:
7d:ab:e5:08:22:f5:2a:1f:19:8a:a6:e4:70:8e:33:
e6:8b:1b:e1:eb:0e:b8:4b:3b:a5:e7:fc:da:68:fc:
30:74:72:68:9a:36:d1:4d:9d:be:14:7b:16:7e:17:
42:2e:c1:89:4a:3a:37:4f:2e:db:f7:4c:8e:7e:a1:
36:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3A:46:9D:76:91:34:FE:C1:5F:23:60:F7:34:F3:1A:E7:74:15:75
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ebef3a9a-a888-4ea6-8c9c-f166ba84d461.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:b000::/40
Signature Algorithm: sha256WithRSAEncryption
33:af:8e:c3:ed:ac:19:d2:89:14:28:22:e3:33:d1:54:18:3d:
59:49:ba:c2:15:1e:2f:8c:94:cb:2d:3d:89:c5:20:86:e9:6f:
18:9e:c5:64:1a:09:5c:ce:b2:05:fb:1c:4d:5c:d1:90:bb:d7:
82:13:14:50:12:dc:e6:ac:3c:65:b1:91:53:bc:bc:cb:7d:ff:
62:49:f1:6f:1c:54:73:7e:cd:31:2d:5e:eb:3e:15:73:5f:17:
af:76:ac:30:73:80:2d:be:1d:fa:4a:16:1f:8f:c7:b2:a8:94:
76:a4:9b:19:81:3e:4a:36:4d:62:ba:d5:27:04:8c:ea:d8:fa:
d9:60:2f:46:95:b2:75:f6:5e:d0:b6:95:50:a7:a2:63:2d:da:
6e:5a:c2:eb:0c:d0:29:58:ee:39:0b:d5:00:ea:6e:51:7f:9d:
34:40:df:c1:9a:1b:ff:79:83:8f:6b:dd:a3:02:69:d8:46:26:
87:8e:57:30:0b:07:41:41:3f:ba:10:6c:cf:12:1f:29:92:72:
52:bb:da:97:ea:d6:71:33:d8:ad:63:98:0c:7d:b5:d0:93:ff:
d2:3e:ac:b8:59:c8:c2:ce:f5:4f:e4:de:92:4e:49:20:8d:06:
3e:25:10:f3:61:00:0b:78:37:c2:c1:aa:ed:a3:7c:10:7b:e9:
05:75:4b:75
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMtls2GZ1F0CcHprnlg8TXUaQEqwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYjlmYTkwMTdkNGUyOGNlYmFkMzc4
NzkwNTQ0ZTU2ZDgxZWE4MDY3YTAxY2ExOTI4ODc1ZGJkMDQ2NGJiYmVjYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnTsNE2IW0ig7S/5JlocRjz1cWmP
/LnCC1uSprBn1gjpjwU/vfpVxDIi7RKuGBcYm68xbvEN3AKYwBW3eaN0a5ndvwRa
YzA8mJN2Z6POBAwHXuBVWB8llf3A//oKEGg/6ZNrivwame8mKc2AGSyEMMrgiBCZ
KnJZtYJOFpz0YCLjwDS6GgZwiWGYvN91g8F9kJjeG5sv0LzW8pHwVghrMlpnIWsf
xTAyfLTBM8DdlFFOsNHfNiceu8nLmIHvariS0Ax9q+UIIvUqHxmKpuRwjjPmixvh
6w64Szul5/zaaPwwdHJomjbRTZ2+FHsWfhdCLsGJSjo3Ty7b90yOfqE2ywIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOk6Rp12kTT+wV8jYPc08xrndBV1MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ViZWYzYTlhLWE4ODgtNGVhNi04YzljLWYxNjZiYTg0ZDQ2MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba97AwDQYJKoZIhvcNAQELBQADggEBADOvjsPtrBnSiRQoIuMz
0VQYPVlJusIVHi+MlMstPYnFIIbpbxiexWQaCVzOsgX7HE1c0ZC714ITFFAS3Oas
PGWxkVO8vMt9/2JJ8W8cVHN+zTEtXus+FXNfF692rDBzgC2+HfpKFh+Px7KolHak
mxmBPko2TWK61ScEjOrY+tlgL0aVsnX2XtC2lVCnomMt2m5awusM0ClY7jkL1QDq
blF/nTRA38GaG/95g49r3aMCadhGJoeOVzALB0FBP7oQbM8SHymSclK72pfq1nEz
2K1jmAx9tdCT/9I+rLhZyMLO9U/k3pJOSSCNBj4lEPNhAAt4N8LBqu2jfBB76QV1
S3U=
-----END CERTIFICATE-----
Generated at Sat May 3 10:37:27 2025 by rpki-client