Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa
File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json)
Hash identifier: 6IXqPkQ86dlYMdNCPG1mmnxK5rjKO+o53lQ/mbwFEpU=
Subject key identifier: 5E:6C:F7:D0:7E:F0:12:EF:50:0F:1C:CC:CF:91:5C:4D:7E:7B:AC:F1
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 76151243878E6FF1BF06EFF1F9BB1AED0A2253C3
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80f9:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:15:12:43:87:8e:6f:f1:bf:06:ef:f1:f9:bb:1a:ed:0a:22:53:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=cb699103dd040603b218678b734a726ae5e6e9f39308ac3affe546dc83cd2e73, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0a:f4:59:cc:09:90:31:14:c1:ad:05:91:88:
5e:01:8f:45:49:1f:1d:24:90:61:d7:61:f0:a0:c0:
da:6a:6d:c0:9c:aa:2b:93:77:c7:92:35:38:91:58:
24:29:f0:66:e3:a6:22:99:61:5f:55:7b:a8:db:9b:
7f:67:94:9e:a2:97:db:4b:11:49:72:4b:96:98:de:
cc:78:83:73:36:a2:6f:70:e5:65:03:91:6f:90:6d:
d2:ad:07:cc:e9:c3:7f:24:17:1e:aa:62:6e:d9:f4:
ef:a5:08:be:c3:65:23:16:52:a9:66:f9:e2:b7:d8:
bf:71:42:aa:2d:c8:b6:34:cc:52:7d:30:01:61:51:
32:c1:f6:aa:04:29:da:01:93:fd:4a:e6:58:42:cf:
71:18:ff:ad:32:fd:ac:9a:c9:69:3e:a1:c6:be:a1:
25:db:d5:9c:81:1e:1d:e6:cb:c5:87:7d:ef:99:72:
5f:c3:c2:06:a3:b6:b4:03:31:70:61:ef:8b:5b:ee:
df:c6:00:df:2b:ae:25:4b:c2:6d:cf:8e:75:09:29:
22:20:26:02:bb:db:78:df:ce:e1:d8:72:58:ae:cf:
52:57:6b:06:89:56:a0:53:3e:79:d5:89:69:1b:84:
5d:6b:1b:64:24:3f:e3:fb:5b:22:91:b9:b4:df:33:
98:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6C:F7:D0:7E:F0:12:EF:50:0F:1C:CC:CF:91:5C:4D:7E:7B:AC:F1
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80f9:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9a:3a:42:55:da:7d:1b:42:91:82:c3:34:f0:28:15:78:ff:b7:
d6:84:71:b2:20:6d:45:c8:a0:8c:79:93:43:16:05:6d:3c:51:
62:41:2a:5f:38:d5:9b:50:db:c9:a8:cf:16:64:00:a1:68:26:
9e:83:6c:13:e7:6e:92:4c:b2:52:e1:8f:cc:e3:68:70:08:52:
0f:dc:ee:e3:1f:22:9f:f2:4e:62:1f:75:ec:ef:e8:0d:01:f5:
83:5e:76:2b:5e:f1:38:9c:1f:e3:db:b5:22:fa:06:3c:50:c7:
48:4a:a2:03:a7:29:b7:ec:40:41:0a:f6:58:bb:bf:3d:83:cc:
1a:9d:b3:69:4e:1e:cf:cc:70:44:c7:fe:cc:c2:26:72:f0:fc:
2f:23:46:69:90:ea:53:cb:66:bd:0f:fc:39:fa:f0:1b:66:5c:
db:1d:1a:e6:45:34:07:c8:db:10:1c:e1:cc:09:d3:6f:db:30:
37:0c:1b:5e:18:9e:77:70:c9:5a:13:f7:8e:d3:d2:0d:51:0b:
e3:4c:2f:a4:32:01:05:ee:bd:37:27:84:84:d4:1e:c2:c2:5f:
99:0d:dc:d9:3e:fc:a4:8d:d3:de:25:3d:2d:77:be:4e:d1:38:
31:af:8e:9c:ee:b5:5e:d0:11:1b:4f:66:81:5e:f4:15:43:1d:
12:66:b2:8b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdhUSQ4eOb/G/Bu/x+bsa7QoiU8MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAY2I2OTkxMDNkZDA0MDYwM2IyMTg2
NzhiNzM0YTcyNmFlNWU2ZTlmMzkzMDhhYzNhZmZlNTQ2ZGM4M2NkMmU3MzEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wr0WcwJkDEUwa0FkYheAY9FSR8d
JJBh12HwoMDaam3AnKork3fHkjU4kVgkKfBm46YimWFfVXuo25t/Z5SeopfbSxFJ
ckuWmN7MeINzNqJvcOVlA5FvkG3SrQfM6cN/JBceqmJu2fTvpQi+w2UjFlKpZvni
t9i/cUKqLci2NMxSfTABYVEywfaqBCnaAZP9SuZYQs9xGP+tMv2smslpPqHGvqEl
29WcgR4d5svFh33vmXJfw8IGo7a0AzFwYe+LW+7fxgDfK64lS8Jtz451CSkiICYC
u9t4387h2HJYrs9SV2sGiVagUz551YlpG4RdaxtkJD/j+1sikbm03zOYmQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF5s99B+8BLvUA8czM+RXE1+e6zxMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBAJo6QlXafRtCkYLDNPAo
FXj/t9aEcbIgbUXIoIx5k0MWBW08UWJBKl841ZtQ28mozxZkAKFoJp6DbBPnbpJM
slLhj8zjaHAIUg/c7uMfIp/yTmIfdezv6A0B9YNedite8TicH+PbtSL6BjxQx0hK
ogOnKbfsQEEK9li7vz2DzBqds2lOHs/McETH/szCJnLw/C8jRmmQ6lPLZr0P/Dn6
8BtmXNsdGuZFNAfI2xAc4cwJ02/bMDcMG14YnndwyVoT947T0g1RC+NML6QyAQXu
vTcnhITUHsLCX5kN3Nk+/KSN094lPS13vk7RODGvjpzutV7QERtPZoFe9BVDHRJm
sos=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:41:15 2025 by rpki-client