Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb1a1324-5cdd-43d9-9d7f-3fda05d39f9d.roa
File: fb1a1324-5cdd-43d9-9d7f-3fda05d39f9d.roa (raw, json)
Hash identifier: mRcRnTGzQfePO6n+IPLN71ZuSKXPi6X4XV6k2+Dw3A4=
Subject key identifier: DD:0E:C4:D7:A3:B6:DD:1C:08:CE:8D:85:19:DE:42:60:31:E0:84:24
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3A723E890588AA9669E13355B46ABFCB483C5C22
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb1a1324-5cdd-43d9-9d7f-3fda05d39f9d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:880::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:72:3e:89:05:88:aa:96:69:e1:33:55:b4:6a:bf:cb:48:3c:5c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=4a61475d8da6fb6ab637a0f1c95408ec90804cb71c5532d68c74d071fd8d48ff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:f7:f3:c2:a7:78:05:d5:a7:98:fb:c1:09:
18:3f:25:10:e7:7b:f5:e3:a5:b2:5e:9b:26:c9:cf:
0b:a9:37:f1:e3:b5:f8:d6:d2:53:4f:68:2d:07:63:
e5:f6:88:ab:b2:0f:dd:14:70:82:5b:2b:3a:ef:dd:
a6:17:23:af:55:95:7f:9a:26:e0:0a:a4:51:8a:13:
af:bb:a9:ca:00:45:b9:13:dd:ce:24:ab:bd:90:b6:
d2:33:f3:6c:9d:1b:a4:a0:59:6d:17:ef:2a:28:b9:
d2:05:db:a3:24:cc:75:f1:4b:19:65:a0:c0:9d:17:
04:12:8f:c5:07:65:fc:33:ed:70:9e:0a:23:ac:b1:
45:91:c9:92:e1:50:c0:d3:6d:a7:fb:d3:0a:b1:21:
f2:dc:e2:91:f3:54:6a:95:0e:95:53:4c:3b:3e:af:
9f:cf:9d:ed:c6:0e:24:3d:07:e2:cd:06:94:93:dd:
c0:a5:25:df:eb:cd:58:f2:06:84:29:08:34:30:e0:
53:25:f7:ab:ff:53:9a:a6:d0:8b:64:f0:dd:04:4d:
21:c1:0d:db:55:ef:fb:29:90:f4:63:ce:f5:58:55:
e4:42:67:dd:06:2b:45:53:cb:7b:7e:ae:53:9f:af:
96:08:a7:b6:2a:46:62:c8:d2:3c:96:47:34:e6:ee:
56:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:C4:D7:A3:B6:DD:1C:08:CE:8D:85:19:DE:42:60:31:E0:84:24
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb1a1324-5cdd-43d9-9d7f-3fda05d39f9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:880::/48
Signature Algorithm: sha256WithRSAEncryption
17:89:36:eb:ad:71:4b:fe:aa:36:d9:f7:7f:f6:14:3f:fa:aa:
bf:36:ea:02:07:d4:42:c3:e7:41:c4:3e:ca:b7:03:23:f3:a1:
e3:25:85:2b:cb:ce:a1:50:88:81:0c:f4:bb:b9:42:b7:e7:81:
18:aa:8d:a2:ba:d7:68:26:6b:4f:cc:e9:dd:4f:a0:65:e1:b6:
6a:26:98:9a:8c:4f:e5:ce:5a:13:e5:4f:99:ef:8f:a7:c9:82:
f0:45:de:f6:38:fd:77:f2:b2:7b:db:0d:1e:cc:33:fa:e9:79:
3c:12:72:5a:20:2f:63:40:1e:b8:06:52:b4:d8:46:e2:6f:21:
8b:c4:85:7e:49:33:bf:7b:59:bc:f6:81:96:b1:66:95:6b:96:
3b:1c:5a:9b:e5:49:dc:f7:58:e4:e6:56:f5:8b:8c:c6:f7:01:
60:53:d8:ae:bd:b5:19:65:a3:52:fd:0e:16:15:89:75:00:02:
a8:60:39:ec:ec:72:ec:b1:09:1e:0e:a6:91:31:57:3f:93:82:
48:1b:5d:53:e6:96:4e:f4:ff:c0:24:93:fe:94:60:c0:cb:03:
b6:55:88:e3:bb:c5:70:d3:d3:45:a6:69:35:80:13:31:ef:61:
4c:21:f5:09:bc:22:5c:70:07:d1:35:e6:72:cf:22:49:13:0b:
2c:63:80:dc
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUOnI+iQWIqpZp4TNVtGq/y0g8XCIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANGE2MTQ3NWQ4ZGE2ZmI2YWI2Mzdh
MGYxYzk1NDA4ZWM5MDgwNGNiNzFjNTUzMmQ2OGM3NGQwNzFmZDhkNDhmZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNT388KneAXVp5j7wQkYPyUQ53v1
46WyXpsmyc8LqTfx47X41tJTT2gtB2Pl9oirsg/dFHCCWys6792mFyOvVZV/mibg
CqRRihOvu6nKAEW5E93OJKu9kLbSM/NsnRukoFltF+8qKLnSBdujJMx18UsZZaDA
nRcEEo/FB2X8M+1wngojrLFFkcmS4VDA022n+9MKsSHy3OKR81RqlQ6VU0w7Pq+f
z53txg4kPQfizQaUk93ApSXf681Y8gaEKQg0MOBTJfer/1OaptCLZPDdBE0hwQ3b
Ve/7KZD0Y871WFXkQmfdBitFU8t7fq5Tn6+WCKe2KkZiyNI8lkc05u5WNwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFN0OxNejtt0cCM6NhRneQmAx4IQkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiMWExMzI0LTVjZGQtNDNkOS05ZDdmLTNmZGEwNWQzOWY5ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9AiAMA0GCSqGSIb3DQEBCwUAA4IBAQAXiTbrrXFL/qo22fd/
9hQ/+qq/NuoCB9RCw+dBxD7KtwMj86HjJYUry86hUIiBDPS7uUK354EYqo2iutdo
JmtPzOndT6Bl4bZqJpiajE/lzloT5U+Z74+nyYLwRd72OP138rJ72w0ezDP66Xk8
EnJaIC9jQB64BlK02EbibyGLxIV+STO/e1m89oGWsWaVa5Y7HFqb5Unc91jk5lb1
i4zG9wFgU9iuvbUZZaNS/Q4WFYl1AAKoYDns7HLssQkeDqaRMVc/k4JIG11T5pZO
9P/AJJP+lGDAywO2VYjju8Vw09NFpmk1gBMx72FMIfUJvCJccAfRNeZyzyJJEwss
Y4Dc
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:20:45 2025 by rpki-client