Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa
File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json)
Hash identifier: 0Tev00ItlyEUUJUaUp3vHFp67GcONk1kja6WB2n+kG4=
Subject key identifier: 34:9A:C3:57:12:4C:F9:4A:E1:8C:1B:EE:03:B1:DF:DB:BF:14:06:9F
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 4BF452C37653ED4F717E7D8ACE2F76D1FF205F2C
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80ff:40c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f4:52:c3:76:53:ed:4f:71:7e:7d:8a:ce:2f:76:d1:ff:20:5f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=b32537a82ef7e6253413524510a5a24a18d164600d0f5e3d57d5c3ba711a0d90, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:05:3b:e5:1d:96:83:c7:e6:5b:84:8b:1b:17:
bd:d6:1e:27:f6:44:14:db:a4:c6:55:2b:ec:06:81:
42:17:2c:01:96:b5:d5:ee:ce:8e:ba:c1:02:5d:76:
e8:13:5c:52:04:23:47:1a:cf:b6:2a:dd:65:a1:8b:
44:64:72:b4:04:46:43:c9:ec:29:30:eb:60:6a:61:
ef:2c:e7:40:bc:3e:25:6c:21:57:b5:41:1c:f4:0b:
0a:1e:4c:f0:7f:90:36:f4:d5:e4:14:cb:4b:af:01:
80:bb:86:a8:4c:35:61:32:cc:84:35:3d:51:02:7b:
94:8a:43:93:e4:97:f0:22:7d:b7:89:cc:cd:78:63:
b9:05:89:c3:71:6b:88:9a:1c:ff:7d:ca:20:32:fe:
39:57:37:87:c5:92:45:ba:15:34:7b:aa:5a:05:a3:
aa:52:62:f5:2c:13:3a:73:67:15:09:38:3d:51:e1:
7c:81:f0:bb:ca:bc:cf:0b:e5:c4:0d:49:3a:38:27:
f5:bb:7a:a9:06:7e:e2:61:a4:ba:34:b6:3e:91:aa:
7f:3c:05:a3:9b:96:49:8a:77:f6:26:31:64:a6:12:
ca:1c:9f:0e:5d:bf:4f:50:85:57:b0:95:c6:3d:3a:
36:3f:38:67:d8:0a:52:fe:73:8a:9a:eb:d4:c6:b2:
ad:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9A:C3:57:12:4C:F9:4A:E1:8C:1B:EE:03:B1:DF:DB:BF:14:06:9F
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80ff:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
7c:6f:8a:cd:d0:bf:da:93:52:42:93:de:42:25:9c:7f:41:0d:
5b:e7:5b:67:70:c8:1b:56:2d:61:19:e2:67:b4:98:02:c2:48:
28:41:eb:94:76:f3:63:83:6a:27:02:aa:c7:36:d0:46:99:3d:
12:37:aa:a2:fe:c3:ca:e3:76:7e:b4:c7:bb:0a:f5:50:a2:6d:
f4:fa:f7:7f:a0:4f:59:bf:84:55:90:5d:12:86:dd:e8:5d:ee:
02:6e:fe:d3:36:8f:26:41:98:dc:8f:2f:d5:b4:11:5b:29:0f:
32:dd:fc:2d:20:b4:79:9c:00:c6:6a:a8:d8:f4:71:9e:32:3b:
0c:04:92:83:a4:00:5a:aa:e3:a7:f0:06:11:b5:47:4c:f5:19:
18:c9:75:66:0a:8d:59:b6:aa:82:31:d7:46:5c:ee:1f:3b:af:
05:10:da:87:60:56:2a:ea:41:33:95:5b:dd:d5:c2:eb:c2:cb:
bc:5d:40:a6:1a:3a:99:05:07:76:cf:bf:b7:68:bc:d6:59:42:
9c:5b:84:aa:96:38:a8:e6:70:cc:44:57:df:43:e2:9d:f4:b3:
cf:f7:bc:18:f8:19:fb:07:11:63:08:a9:7a:a3:e5:7d:d4:13:
48:e8:44:7c:5b:dc:42:de:87:12:fe:11:23:78:43:11:75:eb:
a0:c4:73:0d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUS/RSw3ZT7U9xfn2Kzi920f8gXywwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAYjMyNTM3YTgyZWY3ZTYyNTM0MTM1
MjQ1MTBhNWEyNGExOGQxNjQ2MDBkMGY1ZTNkNTdkNWMzYmE3MTFhMGQ5MDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gU75R2Wg8fmW4SLGxe91h4n9kQU
26TGVSvsBoFCFywBlrXV7s6OusECXXboE1xSBCNHGs+2Kt1loYtEZHK0BEZDyewp
MOtgamHvLOdAvD4lbCFXtUEc9AsKHkzwf5A29NXkFMtLrwGAu4aoTDVhMsyENT1R
AnuUikOT5JfwIn23iczNeGO5BYnDcWuImhz/fcogMv45VzeHxZJFuhU0e6paBaOq
UmL1LBM6c2cVCTg9UeF8gfC7yrzPC+XEDUk6OCf1u3qpBn7iYaS6NLY+kap/PAWj
m5ZJinf2JjFkphLKHJ8OXb9PUIVXsJXGPTo2Pzhn2ApS/nOKmuvUxrKtuQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDSaw1cSTPlK4Ywb7gOx39u/FAafMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQB8b4rN0L/ak1JCk95C
JZx/QQ1b51tncMgbVi1hGeJntJgCwkgoQeuUdvNjg2onAqrHNtBGmT0SN6qi/sPK
43Z+tMe7CvVQom30+vd/oE9Zv4RVkF0Sht3oXe4Cbv7TNo8mQZjcjy/VtBFbKQ8y
3fwtILR5nADGaqjY9HGeMjsMBJKDpABaquOn8AYRtUdM9RkYyXVmCo1ZtqqCMddG
XO4fO68FENqHYFYq6kEzlVvd1cLrwsu8XUCmGjqZBQd2z7+3aLzWWUKcW4Sqljio
5nDMRFffQ+Kd9LPP97wY+Bn7BxFjCKl6o+V91BNI6ER8W9xC3ocS/hEjeEMRdeug
xHMN
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:39 2025 by rpki-client