Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa
File: ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa (raw, json)
Hash identifier: mF532PHjBbeUdunlGUY2tzTNGV6LZ8Nqnnp/Rzh9xGA=
Subject key identifier: F9:1D:AD:7F:E6:72:DA:A5:28:47:53:16:7D:F8:1A:36:D8:F0:A4:C1
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5A2BFCF3702C2AB3F9EA3146E197C85547F5912B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:7080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:2b:fc:f3:70:2c:2a:b3:f9:ea:31:46:e1:97:c8:55:47:f5:91:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=779e3a6a67e304c225b56e039e838926e21bcf77580c29e2187e87c1b8cc5e65, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:94:92:57:c4:89:bb:2d:ac:6f:21:87:e5:
a4:53:6b:8a:29:47:55:03:e4:75:f9:3d:f3:c1:74:
97:66:6d:8d:75:3f:06:44:a6:1a:f3:86:51:58:30:
8a:6d:c8:3c:65:dd:f6:3a:c8:5e:a9:96:60:de:3e:
76:ad:5d:99:87:66:90:78:76:8e:7b:88:3f:ee:9b:
3c:8e:68:68:81:d5:3b:d4:61:3b:0d:d1:ce:ee:9f:
be:96:dd:66:50:1a:f8:d8:16:e8:ee:34:98:60:68:
4b:92:bf:d0:ce:e7:f5:a3:ec:dd:67:c1:9b:a3:1b:
1e:ea:7b:03:14:42:31:23:17:8a:dd:db:03:1d:41:
be:cc:00:cf:aa:b3:35:64:2b:d9:8d:b4:7a:b8:94:
23:9d:2c:70:0e:52:f9:d1:e0:cd:75:ac:5c:d5:cf:
81:3d:5a:c8:51:46:f4:3d:52:c8:c9:f1:b1:25:2d:
73:44:f8:5b:de:b7:f7:65:ef:09:ef:5c:f8:68:b7:
be:cd:a7:e4:79:7b:ea:a8:9b:f2:40:7b:7e:9c:4f:
cc:2e:78:a1:41:fa:32:7a:a0:a6:2f:19:91:68:51:
cf:0e:05:86:21:cf:25:07:3f:b0:a1:03:27:c4:7e:
05:68:1c:03:13:06:78:31:b4:3c:b9:35:5a:ff:bc:
fd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1D:AD:7F:E6:72:DA:A5:28:47:53:16:7D:F8:1A:36:D8:F0:A4:C1
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed3d3a28-3c88-49ed-8b25-85cbf545c35e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:7080::/48
Signature Algorithm: sha256WithRSAEncryption
16:85:8e:ee:5c:8a:6d:f7:5b:97:69:31:dc:bd:3d:de:a2:7f:
b6:84:f3:f7:81:03:f8:4a:a5:28:02:7d:bc:26:b8:b0:67:a8:
26:ef:18:b7:47:31:2d:14:b2:c8:b1:ed:2d:ba:7d:72:b8:4b:
34:fc:a1:ff:67:eb:54:f3:f5:67:ec:77:dd:4a:b2:ba:2a:d7:
3c:c5:7c:3a:58:1a:42:0b:e8:10:cb:08:0c:9c:2a:0d:f5:0f:
2e:5d:f6:cf:15:52:1a:c5:c1:8e:18:6a:64:8a:01:93:81:75:
08:6b:b5:2f:58:6c:14:5f:2f:43:6e:ec:1b:3c:da:c2:e1:44:
03:c9:2b:43:41:cf:f9:37:50:4c:2f:a7:7d:bb:e6:22:aa:15:
38:fa:ca:0a:c3:fb:81:5c:8f:82:26:9b:bd:74:91:77:9c:b9:
0d:be:db:e1:63:af:46:45:2a:cf:ab:07:69:3e:ed:9a:6e:d4:
65:54:85:20:9e:7e:6c:4f:ce:3c:d2:ce:28:67:6e:f2:2b:c9:
58:5d:44:bd:1d:6b:8c:70:6c:6e:a2:9e:35:54:a9:5c:20:d8:
1a:13:08:a0:c3:ba:38:da:d6:86:fe:17:c3:7d:17:ac:e1:3b:
e8:ef:19:20:29:2d:33:b3:66:25:ad:6d:72:1d:d3:20:ff:a5:
0c:76:d5:e9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWiv883AsKrP56jFG4ZfIVUf1kSswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANzc5ZTNhNmE2N2UzMDRjMjI1YjU2
ZTAzOWU4Mzg5MjZlMjFiY2Y3NzU4MGMyOWUyMTg3ZTg3YzFiOGNjNWU2NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOeUklfEibstrG8hh+WkU2uKKUdV
A+R1+T3zwXSXZm2NdT8GRKYa84ZRWDCKbcg8Zd32OsheqZZg3j52rV2Zh2aQeHaO
e4g/7ps8jmhogdU71GE7DdHO7p++lt1mUBr42Bbo7jSYYGhLkr/Qzuf1o+zdZ8Gb
oxse6nsDFEIxIxeK3dsDHUG+zADPqrM1ZCvZjbR6uJQjnSxwDlL50eDNdaxc1c+B
PVrIUUb0PVLIyfGxJS1zRPhb3rf3Ze8J71z4aLe+zafkeXvqqJvyQHt+nE/MLnih
QfoyeqCmLxmRaFHPDgWGIc8lBz+woQMnxH4FaBwDEwZ4MbQ8uTVa/7z92QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPkdrX/mctqlKEdTFn34GjbY8KTBMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VkM2QzYTI4LTNjODgtNDllZC04YjI1LTg1Y2JmNTQ1YzM1ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9HCAMA0GCSqGSIb3DQEBCwUAA4IBAQAWhY7uXIpt91uXaTHc
vT3eon+2hPP3gQP4SqUoAn28JriwZ6gm7xi3RzEtFLLIse0tun1yuEs0/KH/Z+tU
8/Vn7HfdSrK6Ktc8xXw6WBpCC+gQywgMnCoN9Q8uXfbPFVIaxcGOGGpkigGTgXUI
a7UvWGwUXy9DbuwbPNrC4UQDyStDQc/5N1BML6d9u+YiqhU4+soKw/uBXI+CJpu9
dJF3nLkNvtvhY69GRSrPqwdpPu2abtRlVIUgnn5sT8480s4oZ27yK8lYXUS9HWuM
cGxuop41VKlcINgaEwigw7o42taG/hfDfRes4Tvo7xkgKS0zs2YlrW1yHdMg/6UM
dtXp
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:33:20 2025 by rpki-client