Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa
File: f00ce68a-58da-4964-ae28-394559757448.roa (raw, json)
Hash identifier: MTDO5NcJS0kcrInGp4qknQ6njqHtlufZ3U+bBgU07SM=
Subject key identifier: 86:E7:09:E5:6C:9F:E4:55:79:25:FD:DD:55:C4:83:3A:54:05:B7:43
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 480C19A965D1A84F29F7A2D51BE24A36DF99B362
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:28c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:0c:19:a9:65:d1:a8:4f:29:f7:a2:d5:1b:e2:4a:36:df:99:b3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2f809e945fb1c568acd079c364d1163776493409e3519551ad7ebb44d63669cd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:df:23:5b:7d:24:25:3a:4b:aa:1d:ef:e2:56:
21:a8:02:08:58:f1:d9:29:c2:46:9b:57:b6:a1:48:
0f:5b:1f:20:b4:90:65:9f:cb:ef:eb:2e:17:ce:8a:
9e:07:3c:19:72:bd:59:71:3d:07:a6:d5:7c:dc:b2:
13:0e:c3:89:ca:59:f2:3f:4d:6c:7b:dd:6a:2e:84:
b8:d1:8e:3a:65:47:5e:87:13:ba:77:f3:37:10:92:
f4:3f:2c:6c:b0:f4:b1:ad:85:40:87:9f:59:72:37:
99:30:6d:6f:59:01:c1:f5:00:c6:49:e3:43:33:bf:
9a:3e:d5:12:c6:ad:9a:91:36:ca:21:78:da:6f:3c:
e8:e0:1a:27:05:56:5d:15:fb:14:24:f1:37:3d:3a:
c7:82:02:6d:7c:c4:0a:bc:bc:cb:15:30:62:70:53:
d6:3f:70:d4:08:28:fb:f8:61:b4:47:25:66:8d:6a:
0d:50:03:27:65:3e:e8:30:58:67:58:5f:db:a2:39:
80:1c:1d:99:91:0c:04:09:68:d8:a9:ad:86:d8:9a:
67:fc:59:24:38:42:bf:45:02:92:8f:11:7b:81:4c:
90:ce:a6:97:16:73:b3:c4:9d:a6:c6:43:49:07:f0:
d1:5a:8f:33:38:d7:8b:99:96:a9:c1:3e:4a:70:9e:
91:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E7:09:E5:6C:9F:E4:55:79:25:FD:DD:55:C4:83:3A:54:05:B7:43
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
29:e2:8a:de:71:bf:79:37:5f:9f:93:0f:32:78:b4:af:bc:dc:
7b:dd:7b:9d:3e:b2:05:34:ef:ed:ed:6b:73:6d:ec:a1:ff:d7:
20:77:f9:34:17:59:01:95:7c:7b:47:2e:02:1b:2c:c6:86:2f:
2b:2c:9d:f4:aa:65:c1:1b:0a:9b:03:20:82:ec:cc:3e:b8:97:
e3:18:72:b2:53:d3:69:59:9f:c4:c4:65:13:5e:ea:57:06:14:
64:8f:42:d5:ef:cc:e5:52:10:9a:b4:e9:2c:d6:dd:39:80:99:
71:7e:93:07:5c:b8:29:38:a2:2a:71:9f:72:a7:20:79:8d:5e:
8f:9f:eb:6f:f5:b0:07:32:e4:98:9b:00:9a:4f:ef:03:c0:47:
a7:b6:1a:6a:4b:59:50:02:a1:50:96:20:13:14:e6:4a:79:66:
b9:30:35:d3:f3:4a:be:0f:7a:5e:fa:64:de:1b:3f:af:cb:f1:
14:3d:0d:85:75:33:ac:41:27:63:4d:5f:87:39:1c:b7:2d:42:
5c:6c:ef:61:cc:f4:a7:57:12:78:2c:5a:50:2c:50:7c:f3:98:
43:d2:6c:ce:71:36:39:44:ae:d4:14:48:e5:3a:70:0d:73:5a:
9f:a0:c1:b1:7b:9c:85:22:c6:8c:1b:23:6b:29:d7:98:39:1c:
d3:d1:8c:c7
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUSAwZqWXRqE8p96LVG+JKNt+Zs2IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMmY4MDllOTQ1ZmIxYzU2OGFjZDA3
OWMzNjRkMTE2Mzc3NjQ5MzQwOWUzNTE5NTUxYWQ3ZWJiNDRkNjM2NjljZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N8jW30kJTpLqh3v4lYhqAIIWPHZ
KcJGm1e2oUgPWx8gtJBln8vv6y4XzoqeBzwZcr1ZcT0HptV83LITDsOJylnyP01s
e91qLoS40Y46ZUdehxO6d/M3EJL0PyxssPSxrYVAh59ZcjeZMG1vWQHB9QDGSeND
M7+aPtUSxq2akTbKIXjabzzo4BonBVZdFfsUJPE3PTrHggJtfMQKvLzLFTBicFPW
P3DUCCj7+GG0RyVmjWoNUAMnZT7oMFhnWF/bojmAHB2ZkQwECWjYqa2G2Jpn/Fkk
OEK/RQKSjxF7gUyQzqaXFnOzxJ2mxkNJB/DRWo8zONeLmZapwT5KcJ6R3wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIbnCeVsn+RVeSX93VXEgzpUBbdDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YwMGNlNjhhLTU4ZGEtNDk2NC1hZTI4LTM5NDU1OTc1NzQ0OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYSjAMA0GCSqGSIb3DQEBCwUAA4IBAQAp4orecb95N1+fkw8y
eLSvvNx73XudPrIFNO/t7Wtzbeyh/9cgd/k0F1kBlXx7Ry4CGyzGhi8rLJ30qmXB
GwqbAyCC7Mw+uJfjGHKyU9NpWZ/ExGUTXupXBhRkj0LV78zlUhCatOks1t05gJlx
fpMHXLgpOKIqcZ9ypyB5jV6Pn+tv9bAHMuSYmwCaT+8DwEenthpqS1lQAqFQliAT
FOZKeWa5MDXT80q+D3pe+mTeGz+vy/EUPQ2FdTOsQSdjTV+HORy3LUJcbO9hzPSn
VxJ4LFpQLFB885hD0mzOcTY5RK7UFEjlOnANc1qfoMGxe5yFIsaMGyNrKdeYORzT
0YzH
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:13:01 2025 by rpki-client