Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa
File: f30d8c61-acb1-465e-a200-0d6a14eb38de.roa (raw, json)
Hash identifier: hHjzAQi8wPcE2Ep0+yL2U2Xby/lvsTknxJ0xjSdtGA0=
Subject key identifier: B8:BF:F4:FC:0D:FF:69:36:0D:AF:CF:A2:2E:5E:90:A9:41:0F:DB:2B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 083FF306E8A6EDA8A99E0141CD3AE78A2879770E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da12::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:3f:f3:06:e8:a6:ed:a8:a9:9e:01:41:cd:3a:e7:8a:28:79:77:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=23251b4535ac9ed708aefb772c98552db954017eb48f93d9e58edcfe78ee2922, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d9:a1:45:0e:ce:69:cf:51:d4:cf:e4:30:c6:
11:37:95:2c:56:40:7a:99:3e:18:d0:55:85:0d:08:
fa:57:1f:1e:42:e3:eb:25:f0:29:56:18:21:0e:10:
50:90:4b:12:ac:b3:ae:33:eb:08:9e:b8:d5:54:9b:
6b:c4:25:5d:a1:8a:4e:d3:ed:f4:3e:6b:b2:52:ba:
44:9a:97:dc:2b:18:3b:d1:7c:19:a6:72:d2:56:19:
8b:ad:03:32:c9:a5:85:f7:17:a9:30:89:b8:ae:59:
5c:c1:72:4c:c8:3b:1e:3d:90:22:ac:d2:69:49:d8:
9d:2f:93:74:65:cb:f1:0b:a4:7d:20:16:ed:62:f4:
76:11:f1:46:c4:f2:39:58:94:e8:b0:04:dc:40:41:
8b:fd:90:90:40:ba:8c:19:46:17:25:41:fb:2d:71:
6d:73:52:a3:07:af:49:71:b1:b9:0c:74:ef:21:16:
62:da:97:59:a8:45:d5:49:aa:87:2e:6a:f6:a9:80:
48:10:ad:9c:c4:00:f9:6b:41:21:da:df:c6:22:02:
6e:2c:e6:57:93:bb:52:b6:2e:70:e6:54:8a:dc:f8:
b8:99:36:de:72:25:c8:22:85:a5:11:11:1c:a0:67:
3d:9e:db:c9:3b:3e:eb:83:b6:91:00:37:44:f4:f7:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BF:F4:FC:0D:FF:69:36:0D:AF:CF:A2:2E:5E:90:A9:41:0F:DB:2B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da12::/38
Signature Algorithm: sha256WithRSAEncryption
4e:df:bd:a5:d4:a3:c4:78:71:35:75:f1:d7:72:eb:6b:f1:c6:
7a:33:90:6e:b3:05:68:dc:bf:18:89:a6:3d:65:52:91:06:8a:
3e:be:04:13:2e:07:0e:10:2f:51:74:6e:67:af:5c:94:c0:d0:
9f:47:da:8b:5c:e2:6b:0f:f4:96:13:30:7d:33:db:0e:53:5f:
1e:c3:28:bd:c2:2d:00:11:81:c5:1b:76:fd:97:a8:ab:c1:ac:
82:6a:c7:61:ea:38:85:16:21:1a:d5:36:7f:d8:47:be:8a:d9:
07:00:34:1f:58:37:3f:35:bf:74:a3:4d:26:35:a3:82:5e:bf:
e0:46:bd:8b:48:52:9f:f6:83:9e:c0:27:0a:76:bd:6c:c2:17:
0c:3a:94:6c:cc:9a:23:e6:c8:30:fd:5e:4c:d1:78:ad:41:24:
f2:d2:81:52:a0:a0:a3:2f:f1:1f:61:c3:d1:9e:9a:89:20:4b:
87:0f:c4:84:54:12:27:33:b8:95:b0:0b:cd:29:a8:43:31:5c:
e6:89:a2:87:9b:84:8e:f0:27:2c:7a:d0:15:33:52:22:97:04:
6c:c3:75:85:a3:ab:d0:23:01:5d:3a:6f:dd:21:6d:4f:a0:21:
7d:5c:86:0e:a3:6b:07:a4:71:7f:8c:f8:5d:5e:d6:59:e3:f1:
5a:59:37:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUCD/zBuim7aipngFBzTrniih5dw4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjMyNTFiNDUzNWFjOWVkNzA4YWVm
Yjc3MmM5ODU1MmRiOTU0MDE3ZWI0OGY5M2Q5ZTU4ZWRjZmU3OGVlMjkyMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdmhRQ7Oac9R1M/kMMYRN5UsVkB6
mT4Y0FWFDQj6Vx8eQuPrJfApVhghDhBQkEsSrLOuM+sInrjVVJtrxCVdoYpO0+30
PmuyUrpEmpfcKxg70XwZpnLSVhmLrQMyyaWF9xepMIm4rllcwXJMyDsePZAirNJp
SdidL5N0ZcvxC6R9IBbtYvR2EfFGxPI5WJTosATcQEGL/ZCQQLqMGUYXJUH7LXFt
c1KjB69JcbG5DHTvIRZi2pdZqEXVSaqHLmr2qYBIEK2cxAD5a0Eh2t/GIgJuLOZX
k7tSti5w5lSK3Pi4mTbeciXIIoWlEREcoGc9ntvJOz7rg7aRADdE9PdvWQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLi/9PwN/2k2Da/Poi5ekKlBD9srMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YzMGQ4YzYxLWFjYjEtNDY1ZS1hMjAwLTBkNmExNGViMzhkZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaEgAwDQYJKoZIhvcNAQELBQADggEBAE7fvaXUo8R4cTV18ddy
62vxxnozkG6zBWjcvxiJpj1lUpEGij6+BBMuBw4QL1F0bmevXJTA0J9H2otc4msP
9JYTMH0z2w5TXx7DKL3CLQARgcUbdv2XqKvBrIJqx2HqOIUWIRrVNn/YR76K2QcA
NB9YNz81v3SjTSY1o4Jev+BGvYtIUp/2g57AJwp2vWzCFww6lGzMmiPmyDD9XkzR
eK1BJPLSgVKgoKMv8R9hw9GemokgS4cPxIRUEiczuJWwC80pqEMxXOaJooebhI7w
Jyx60BUzUiKXBGzDdYWjq9AjAV06b90hbU+gIX1chg6jawekcX+M+F1e1lnj8VpZ
N4Q=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:19:06 2025 by rpki-client