Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa
File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json)
Hash identifier: 2k1jD7o/X6Sa5EuyjbKVKlsugYMhTbS0DRKdKo3acGI=
Subject key identifier: 69:BA:8E:5C:2F:D4:44:AE:1D:1E:75:CF:30:F8:19:C6:E9:69:85:0D
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 2D6AAC3878C453E8266CF52B356A45721D7E6436
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fc::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:6a:ac:38:78:c4:53:e8:26:6c:f5:2b:35:6a:45:72:1d:7e:64:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=df9a521e620f3ff4d19746da6a8d9c7c0a7ebe5fb092b7fa79c286afc2613202, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c9:42:1f:83:c4:06:30:50:6d:b0:c3:d4:cf:
5e:bb:6d:d6:b1:a1:d0:a0:53:5e:98:8b:fd:1d:64:
fe:bf:b1:90:b5:62:8e:f7:50:aa:bc:06:7d:ab:d6:
e3:8f:4b:e5:dd:7f:70:d5:07:e2:5a:de:2d:50:47:
93:e3:4d:76:f0:da:2e:12:e4:02:e0:b6:06:9e:10:
08:44:27:10:b6:3d:91:e9:ef:8f:aa:59:b6:d0:9a:
bc:0b:27:25:7e:37:9a:35:d2:82:a7:38:32:93:33:
48:4f:c2:77:a9:de:8b:da:5b:07:4f:2d:6b:b9:92:
53:e2:a8:b7:75:b4:e4:c6:01:84:3c:ab:84:a6:65:
ba:38:24:b5:54:da:c0:84:e4:3f:a0:9f:7e:6d:f5:
cf:45:6d:a9:2e:cb:f5:2d:8a:05:d4:bb:0b:71:00:
d9:e4:28:d2:f2:be:3b:ba:52:93:3c:0e:2d:e2:9a:
dc:d7:e2:58:c8:66:10:4e:d4:89:f6:2e:3f:95:bd:
5c:51:40:64:6e:03:7d:73:e7:a4:6d:fa:12:20:f1:
1a:1e:a7:65:aa:46:8e:23:e6:04:a4:39:97:f3:d6:
18:22:49:6f:26:f9:6e:f1:2a:ab:4c:e9:17:cc:85:
6e:7a:b5:31:09:0c:79:31:4e:bc:02:5e:4c:81:50:
6b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BA:8E:5C:2F:D4:44:AE:1D:1E:75:CF:30:F8:19:C6:E9:69:85:0D
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fc::/32
Signature Algorithm: sha256WithRSAEncryption
40:4c:34:ee:db:1e:ec:7e:e7:54:bf:e2:a7:d1:75:ad:a5:fa:
73:9f:5e:e5:48:71:dd:12:23:b0:6f:9e:6d:94:00:b5:4d:2d:
8f:63:f6:8b:dc:fa:c1:45:ee:b3:29:6f:ff:2f:52:05:14:90:
e6:9e:d4:46:63:82:c5:58:df:21:20:92:19:1e:f9:d7:36:87:
be:08:00:81:cc:41:d7:69:af:5d:cd:a0:f6:df:87:dc:48:2a:
87:39:9e:92:e5:d2:1a:fc:55:10:cc:06:a2:e5:eb:03:63:77:
00:87:83:50:d9:03:d6:05:8e:a6:a9:b6:75:e0:ad:ec:fc:e0:
cd:d9:c9:e2:2e:46:cc:c8:a2:31:77:8b:f1:3f:24:ed:1e:34:
cd:5f:62:7c:3e:dc:58:4c:89:86:18:ee:b3:cd:3e:87:88:d9:
7c:e6:29:04:ea:fd:f4:7a:92:84:2e:75:5b:9d:04:46:9d:eb:
1e:6f:45:3c:17:81:8f:4f:5c:29:f4:29:36:d7:b6:21:10:c9:
5f:f1:2b:42:1e:4c:77:b3:80:dd:35:cf:dc:04:92:d7:f7:7d:
bb:e7:da:b9:01:47:c3:55:a1:40:8f:09:9f:7d:f3:55:27:2f:
de:5e:30:be:19:4f:70:ed:db:6d:17:1f:8d:b8:da:28:ba:bd:
be:ee:40:e3
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIULWqsOHjEU+gmbPUrNWpFch1+ZDYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAZGY5YTUyMWU2MjBmM2ZmNGQxOTc0
NmRhNmE4ZDljN2MwYTdlYmU1ZmIwOTJiN2ZhNzljMjg2YWZjMjYxMzIwMjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MlCH4PEBjBQbbDD1M9eu23WsaHQ
oFNemIv9HWT+v7GQtWKO91CqvAZ9q9bjj0vl3X9w1QfiWt4tUEeT40128NouEuQC
4LYGnhAIRCcQtj2R6e+Pqlm20Jq8CyclfjeaNdKCpzgykzNIT8J3qd6L2lsHTy1r
uZJT4qi3dbTkxgGEPKuEpmW6OCS1VNrAhOQ/oJ9+bfXPRW2pLsv1LYoF1LsLcQDZ
5CjS8r47ulKTPA4t4prc1+JYyGYQTtSJ9i4/lb1cUUBkbgN9c+ekbfoSIPEaHqdl
qkaOI+YEpDmX89YYIklvJvlu8SqrTOkXzIVuerUxCQx5MU68Al5MgVBrPwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGm6jlwv1ESuHR51zzD4GcbpaYUNMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAQEw07tse7H7nVL/ip9F1
raX6c59e5Uhx3RIjsG+ebZQAtU0tj2P2i9z6wUXusylv/y9SBRSQ5p7URmOCxVjf
ISCSGR751zaHvggAgcxB12mvXc2g9t+H3EgqhzmekuXSGvxVEMwGouXrA2N3AIeD
UNkD1gWOpqm2deCt7PzgzdnJ4i5GzMiiMXeL8T8k7R40zV9ifD7cWEyJhhjus80+
h4jZfOYpBOr99HqShC51W50ERp3rHm9FPBeBj09cKfQpNte2IRDJX/ErQh5Md7OA
3TXP3ASS1/d9u+fauQFHw1WhQI8Jn33zVScv3l4wvhlPcO3bbRcfjbjaKLq9vu5A
4w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:32 2025 by rpki-client