Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa
File: ec8e23bf-c8d6-4a69-9151-124b795d815a.roa (raw, json)
Hash identifier: +T/w+UfZtapGDwFXKJ5cBTb+kam4iGK7oD3rdsdSDt8=
Subject key identifier: B9:B7:DC:0D:83:44:AD:9D:70:E2:B0:7C:9B:6B:69:6B:D1:F0:3C:6B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7481AD330315A2B0388F3A5E826D0B20B134D24A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:6040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:81:ad:33:03:15:a2:b0:38:8f:3a:5e:82:6d:0b:20:b1:34:d2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=844d054bc0d284f8e201a27869080e19cef09bf82f4bc5190dfb6578cdd029f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a8:27:65:7e:96:53:47:d3:7a:f8:49:dc:ce:
9d:e1:e6:69:11:e3:73:95:20:b3:9d:e9:a7:a9:0f:
92:d3:9d:8e:0c:fd:93:ed:1e:4a:0e:dc:df:57:4a:
21:12:a1:21:77:df:cb:59:b7:51:36:62:ea:2f:f3:
89:51:bb:ec:1f:13:b3:01:46:ed:24:71:fe:45:4b:
22:92:a1:fb:d2:47:ca:cc:a3:a8:70:b0:d0:e3:c6:
20:87:43:33:33:39:e2:af:68:d3:9b:6b:a2:0b:68:
fa:1f:9e:4c:43:61:0a:ed:cd:0b:03:33:87:a1:f8:
ca:1a:db:bb:50:2e:78:f8:62:89:bc:f7:67:17:71:
5b:bb:33:54:b6:b3:0a:c0:1f:69:e9:36:c8:1b:00:
4e:14:fd:e2:a8:de:95:8a:d2:83:6a:e4:45:93:eb:
00:91:3a:2c:9e:57:07:00:15:6e:22:b7:05:fe:ee:
c3:8b:bb:f0:b7:6c:b2:62:52:b4:01:df:e9:c8:23:
ce:8e:e8:8d:10:c6:ed:18:e9:a9:cd:4b:06:c3:24:
5c:10:1c:f3:79:0f:da:7f:9a:d3:b8:1a:fc:da:ea:
dd:f5:3a:f1:73:f2:b6:bc:ab:51:d7:b4:71:76:7e:
4f:22:52:fe:07:4e:55:d1:67:95:c6:7f:9e:a9:6f:
c0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B7:DC:0D:83:44:AD:9D:70:E2:B0:7C:9B:6B:69:6B:D1:F0:3C:6B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:6040::/48
Signature Algorithm: sha256WithRSAEncryption
90:f2:c5:86:1a:32:ba:a1:9d:e5:f4:48:30:4a:4a:28:c2:6c:
6f:e3:13:c0:48:d2:c5:9b:0b:56:51:3b:5d:87:20:61:c2:38:
c7:29:b9:a4:e8:34:32:a4:0a:84:c5:b1:22:19:f5:d6:ae:bf:
bb:4d:03:3f:96:96:f4:fe:d2:a1:f3:ae:e7:b2:47:e8:ed:fb:
da:cc:cf:90:71:4d:aa:61:0b:08:49:10:03:93:e7:0a:c7:a9:
9b:f7:2d:eb:23:f5:a5:7f:07:7e:0c:a8:0e:1a:97:be:d3:4f:
4c:90:f9:b3:8b:ee:36:e1:47:5d:94:10:8a:e9:f3:75:ba:48:
26:dc:d4:99:b2:f2:98:7f:03:5d:1d:55:c8:60:7d:e2:92:cf:
56:48:50:0d:be:f0:9f:3f:5d:e3:1f:99:c4:6a:67:dd:66:cf:
67:c6:ec:4a:44:9d:5c:b6:ec:f9:65:fc:66:55:31:87:6b:02:
c3:4d:d1:ca:a6:53:d0:45:e8:ce:7a:8c:6f:29:b8:8d:96:55:
2b:fb:6a:00:9d:9d:bf:db:b3:a2:52:9a:4a:a1:4e:3a:0d:85:
bd:0d:e3:8e:00:db:55:00:eb:77:c2:56:59:d2:1c:b2:11:85:
3d:b5:52:69:1b:4f:76:95:35:78:a8:61:df:a2:a7:6e:7c:e8:
ca:9d:93:a2
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdIGtMwMVorA4jzpegm0LILE00kowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAODQ0ZDA1NGJjMGQyODRmOGUyMDFh
Mjc4NjkwODBlMTljZWYwOWJmODJmNGJjNTE5MGRmYjY1NzhjZGQwMjlmMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKgnZX6WU0fTevhJ3M6d4eZpEeNz
lSCznemnqQ+S052ODP2T7R5KDtzfV0ohEqEhd9/LWbdRNmLqL/OJUbvsHxOzAUbt
JHH+RUsikqH70kfKzKOocLDQ48Ygh0MzMznir2jTm2uiC2j6H55MQ2EK7c0LAzOH
ofjKGtu7UC54+GKJvPdnF3FbuzNUtrMKwB9p6TbIGwBOFP3iqN6VitKDauRFk+sA
kTosnlcHABVuIrcF/u7Di7vwt2yyYlK0Ad/pyCPOjuiNEMbtGOmpzUsGwyRcEBzz
eQ/af5rTuBr82urd9Trxc/K2vKtR17Rxdn5PIlL+B05V0WeVxn+eqW/A0QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLm33A2DRK2dcOKwfJtraWvR8DxrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VjOGUyM2JmLWM4ZDYtNGE2OS05MTUxLTEyNGI3OTVkODE1YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAGBAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ8sWGGjK6oZ3l9Egw
Skoowmxv4xPASNLFmwtWUTtdhyBhwjjHKbmk6DQypAqExbEiGfXWrr+7TQM/lpb0
/tKh867nskfo7fvazM+QcU2qYQsISRADk+cKx6mb9y3rI/Wlfwd+DKgOGpe+009M
kPmzi+424UddlBCK6fN1ukgm3NSZsvKYfwNdHVXIYH3iks9WSFANvvCfP13jH5nE
amfdZs9nxuxKRJ1ctuz5ZfxmVTGHawLDTdHKplPQRejOeoxvKbiNllUr+2oAnZ2/
27OiUppKoU46DYW9DeOOANtVAOt3wlZZ0hyyEYU9tVJpG092lTV4qGHfoqdufOjK
nZOi
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:08:47 2025 by rpki-client