Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa
File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json)
Hash identifier: N6MzdsglHPqyIJ2ziW2KTvNsdUMIViJMVPd3UPXQy+8=
Subject key identifier: DD:29:D4:2F:BF:07:88:7F:B3:C6:5A:74:6A:95:CB:47:0E:6A:8F:C2
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 06B40DC8EFF7BBE5183B2562FC2A0DCA5A947DDE
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fe:4000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b4:0d:c8:ef:f7:bb:e5:18:3b:25:62:fc:2a:0d:ca:5a:94:7d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=7b27dd261e3798803d1b6703db1d04becebac256734622a60bab5532f649014d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:1c:bf:8c:3d:14:10:f8:39:ea:bb:48:11:
e4:17:52:e7:12:14:67:74:bd:df:ad:fa:50:ce:2b:
70:52:73:bb:4b:6f:fd:e4:9a:94:8b:4a:00:35:2b:
20:77:67:6c:de:de:6e:ef:cb:c8:0a:54:d5:70:4d:
55:ee:41:db:ec:55:8c:66:db:1b:af:00:3a:4d:f2:
06:ec:7a:2f:54:f8:ee:4e:90:9b:a2:c8:07:56:34:
8e:0d:74:a1:e0:1f:f7:6e:fc:1a:25:26:fb:f6:e8:
88:0b:70:a6:ac:81:30:42:3c:02:a4:4d:65:bb:01:
ac:d1:5a:10:12:40:74:70:e6:eb:29:69:e1:3d:ac:
07:a6:6d:f8:bd:41:03:aa:0e:6e:27:4e:08:d8:90:
ec:79:1e:2a:d5:49:80:2a:ae:3e:95:de:52:a0:91:
6f:e7:1d:3f:c7:eb:24:8a:b8:46:55:ff:3f:7e:89:
8f:6f:7f:ee:09:53:8e:ae:d3:c5:11:1a:72:1d:3f:
51:79:d9:09:f3:64:31:60:87:76:f0:22:91:8d:23:
e4:c7:bd:ec:71:db:72:a3:7e:50:b8:40:f7:4a:8e:
20:b5:c9:22:fe:80:0f:3e:98:ab:10:a2:48:07:b5:
72:17:04:8c:2a:23:94:1f:36:c9:96:ba:02:09:6e:
0b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:29:D4:2F:BF:07:88:7F:B3:C6:5A:74:6A:95:CB:47:0E:6A:8F:C2
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fe:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4d:40:12:da:4e:d6:69:88:c1:44:db:d1:f3:66:cc:d3:c3:0a:
ff:6e:ab:d1:86:3b:17:52:e1:3d:79:63:d5:b2:a9:37:8f:48:
fd:47:16:8e:6d:e7:d3:8e:4f:75:fa:0e:93:66:d3:73:2a:c5:
38:01:00:6e:db:08:20:b2:67:f4:7e:7f:51:3a:27:35:8b:bf:
a2:38:9f:28:11:80:d7:a0:aa:38:92:b5:f9:98:d1:5c:0e:ce:
0e:5d:69:53:9e:c2:17:06:9a:2e:35:de:ad:1d:2c:df:72:d8:
89:e8:55:90:16:52:ac:dc:3a:c9:02:2c:6e:a3:00:58:4f:18:
51:40:b7:4f:59:14:e3:79:30:e5:7d:10:16:b3:07:70:84:72:
71:ba:3d:1c:e5:c8:e9:25:0b:3a:a2:48:2b:7d:89:e5:e6:ae:
5a:1a:09:bb:ec:de:50:17:2a:7d:5d:4e:38:83:00:92:60:0b:
42:35:70:b0:46:71:59:e6:34:12:a6:03:2d:41:2f:b6:82:ce:
54:c1:66:36:32:9c:48:69:3e:64:91:b4:fe:53:c7:96:6b:83:
e3:99:4d:8c:e4:e7:47:38:fa:e6:17:ec:8c:1f:b0:b2:62:8f:
c3:64:96:fb:02:22:e8:ec:04:d8:23:45:7a:f7:56:38:a3:eb:
57:1c:f6:c9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBrQNyO/3u+UYOyVi/CoNylqUfd4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAN2IyN2RkMjYxZTM3OTg4MDNkMWI2
NzAzZGIxZDA0YmVjZWJhYzI1NjczNDYyMmE2MGJhYjU1MzJmNjQ5MDE0ZDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunEcv4w9FBD4Oeq7SBHkF1LnEhRn
dL3frfpQzitwUnO7S2/95JqUi0oANSsgd2ds3t5u78vIClTVcE1V7kHb7FWMZtsb
rwA6TfIG7HovVPjuTpCbosgHVjSODXSh4B/3bvwaJSb79uiIC3CmrIEwQjwCpE1l
uwGs0VoQEkB0cObrKWnhPawHpm34vUEDqg5uJ04I2JDseR4q1UmAKq4+ld5SoJFv
5x0/x+skirhGVf8/fomPb3/uCVOOrtPFERpyHT9RedkJ82QxYId28CKRjSPkx73s
cdtyo35QuED3So4gtcki/oAPPpirEKJIB7VyFwSMKiOUHzbJlroCCW4LDQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFN0p1C+/B4h/s8ZadGqVy0cOao/CMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAE1AEtpO1mmIwUTb0fNm
zNPDCv9uq9GGOxdS4T15Y9WyqTePSP1HFo5t59OOT3X6DpNm03MqxTgBAG7bCCCy
Z/R+f1E6JzWLv6I4nygRgNegqjiStfmY0VwOzg5daVOewhcGmi413q0dLN9y2Ino
VZAWUqzcOskCLG6jAFhPGFFAt09ZFON5MOV9EBazB3CEcnG6PRzlyOklCzqiSCt9
ieXmrloaCbvs3lAXKn1dTjiDAJJgC0I1cLBGcVnmNBKmAy1BL7aCzlTBZjYynEhp
PmSRtP5Tx5Zrg+OZTYzk50c4+uYX7IwfsLJij8NklvsCIujsBNgjRXr3Vjij61cc
9sk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:22:20 2025 by rpki-client