Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f91878b1-1b1d-45f7-9a4f-0ff3536221f2.roa
File: f91878b1-1b1d-45f7-9a4f-0ff3536221f2.roa (raw, json)
Hash identifier: GDx25X8c00M9ADbjBUm2F7wbCdBZ7KsX8qb0/FfxEbQ=
Subject key identifier: 56:20:FB:1E:9E:77:20:BF:68:C7:EA:38:CB:38:3A:E7:3C:A4:B5:4A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 68AEF00C3CCA12B049016C24F8DC80F1C20D6C96
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f91878b1-1b1d-45f7-9a4f-0ff3536221f2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:e000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:ae:f0:0c:3c:ca:12:b0:49:01:6c:24:f8:dc:80:f1:c2:0d:6c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=8b5b3c20fac4a278d4e1c2f8da8e163cea207df9b3488104a5652cfe5b5d1472, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9c:b4:b6:ac:ca:78:18:b6:a9:79:96:0e:4a:
b1:74:b8:51:06:61:12:f2:f9:91:5f:e8:67:06:30:
8f:5a:56:34:ea:c3:a0:79:5d:71:2c:e3:79:11:3c:
46:ee:e8:cb:60:2b:b6:53:b2:fd:b2:e2:8b:70:67:
e8:23:b1:43:a2:f3:79:45:de:f9:37:f8:68:30:88:
0a:c6:32:3d:c7:c8:0d:56:76:17:4c:06:5d:58:61:
56:04:1d:22:7b:44:cb:c8:12:d4:ec:f4:00:4a:c7:
2b:ba:71:07:3d:cb:13:04:d9:b2:d4:56:71:38:87:
73:b6:94:ad:1e:fc:91:c0:c5:12:2e:0e:a5:8f:c4:
85:0d:e3:47:7a:51:df:50:40:d3:ac:a9:47:94:9d:
5a:88:f4:ce:0b:78:f0:b9:11:d5:27:15:4f:6e:f1:
97:9e:6b:e4:f2:78:cf:ac:d5:74:40:98:48:3e:f8:
48:a6:f3:35:c0:c7:af:85:a6:3a:d7:47:ea:4a:e4:
0b:a7:8b:4b:22:a3:72:39:da:17:6c:82:a2:26:df:
ab:b2:49:71:55:5b:05:a4:b8:7a:e6:98:bc:7b:f7:
b4:14:9d:87:bf:d9:be:4e:86:44:0e:2b:89:23:4f:
2a:3b:90:d9:ea:a1:09:6f:1d:57:ef:b9:25:c6:b1:
ec:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:20:FB:1E:9E:77:20:BF:68:C7:EA:38:CB:38:3A:E7:3C:A4:B5:4A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f91878b1-1b1d-45f7-9a4f-0ff3536221f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:42:b9:4d:1e:c8:10:64:fc:9e:0e:d9:31:4b:c9:92:db:32:
e9:96:20:d5:43:ad:fe:f2:05:77:02:00:a4:9a:04:11:db:bd:
e1:c8:ab:74:28:7e:93:a4:44:c1:ee:1d:a3:a0:b1:76:7b:a7:
5f:94:4b:c1:4f:0e:d3:90:e6:3c:43:e7:7b:ab:3f:51:85:7e:
f2:9e:f9:46:af:e5:38:47:0a:13:de:6a:7c:47:e0:49:30:c1:
7b:bd:cb:93:66:af:42:09:92:8e:d8:79:19:59:7f:de:20:a8:
f4:7f:ed:cb:a4:26:fe:78:42:eb:72:a8:21:2a:73:6a:08:89:
73:e7:b3:ca:13:1d:dc:ac:1a:fe:ee:cb:3a:98:54:58:94:28:
23:7a:28:97:58:28:0b:e4:60:7c:78:97:ca:3d:da:e8:5d:41:
36:12:28:b1:4a:c4:e9:28:d0:0f:ab:3c:70:9a:7c:65:83:95:
02:74:b3:33:90:1a:1f:60:c4:95:c0:29:d5:00:05:2d:50:17:
45:fb:0b:88:87:20:a0:94:bd:99:ae:5b:65:f4:49:4e:9e:aa:
6a:96:99:3b:6c:37:b6:59:c7:bc:bf:cf:76:5e:e5:1f:05:d2:
3b:b6:c3:78:92:98:0f:bb:3a:e5:9a:e1:41:f1:32:96:84:cf:
69:f6:16:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaK7wDDzKErBJAWwk+NyA8cINbJYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOGI1YjNjMjBmYWM0YTI3OGQ0ZTFj
MmY4ZGE4ZTE2M2NlYTIwN2RmOWIzNDg4MTA0YTU2NTJjZmU1YjVkMTQ3MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5y0tqzKeBi2qXmWDkqxdLhRBmES
8vmRX+hnBjCPWlY06sOgeV1xLON5ETxG7ujLYCu2U7L9suKLcGfoI7FDovN5Rd75
N/hoMIgKxjI9x8gNVnYXTAZdWGFWBB0ie0TLyBLU7PQASscrunEHPcsTBNmy1FZx
OIdztpStHvyRwMUSLg6lj8SFDeNHelHfUEDTrKlHlJ1aiPTOC3jwuRHVJxVPbvGX
nmvk8njPrNV0QJhIPvhIpvM1wMevhaY610fqSuQLp4tLIqNyOdoXbIKiJt+rsklx
VVsFpLh65pi8e/e0FJ2Hv9m+ToZEDiuJI08qO5DZ6qEJbx1X77klxrHsUQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFYg+x6edyC/aMfqOMs4Ouc8pLVKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y5MTg3OGIxLTFiMWQtNDVmNy05YTRmLTBmZjM1MzYyMjFmMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacOAwDQYJKoZIhvcNAQELBQADggEBAFxCuU0eyBBk/J4O2TFL
yZLbMumWINVDrf7yBXcCAKSaBBHbveHIq3QofpOkRMHuHaOgsXZ7p1+US8FPDtOQ
5jxD53urP1GFfvKe+Uav5ThHChPeanxH4EkwwXu9y5Nmr0IJko7YeRlZf94gqPR/
7cukJv54QutyqCEqc2oIiXPns8oTHdysGv7uyzqYVFiUKCN6KJdYKAvkYHx4l8o9
2uhdQTYSKLFKxOko0A+rPHCafGWDlQJ0szOQGh9gxJXAKdUABS1QF0X7C4iHIKCU
vZmuW2X0SU6eqmqWmTtsN7ZZx7y/z3Ze5R8F0ju2w3iSmA+7OuWa4UHxMpaEz2n2
FoQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:32:15 2025 by rpki-client