Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa
File: c7a048e9-67c5-415d-88d4-0acc3454af62.roa (raw, json)
Hash identifier: 5S4gQPsRkfEfYMQ2RHSnY0GnJv5QiwOdSSER1Hshjf8=
Subject key identifier: 0B:8C:C8:A6:70:40:9C:50:F6:8F:40:3F:11:F7:D3:CB:F1:D1:E7:29
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 429B628E98EE44A3C092E743F45D0FD5FE6103A8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa
Signing time: Wed 26 Mar 2025 00:01:03 +0000
ROA not before: Wed 26 Mar 2025 00:01:03 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafe:8000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:9b:62:8e:98:ee:44:a3:c0:92:e7:43:f4:5d:0f:d5:fe:61:03:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:01:03 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a9:dc:81:54:ef:64:f4:82:ce:0a:c6:cb:ad:
58:b0:d2:f5:b2:0d:0e:0c:27:ac:cb:79:62:6e:fc:
7b:4a:52:d4:8c:0a:2c:b8:c5:03:f6:9b:04:05:31:
3e:51:ef:83:fe:34:26:8c:bd:06:2a:e6:e1:9a:0c:
9d:b6:05:2c:9a:b5:19:95:6b:86:47:4d:bb:ac:9d:
87:2b:f5:90:57:c3:47:1a:0a:bb:c8:9f:5c:31:a7:
69:0b:01:bc:85:27:46:0a:99:a9:54:32:b4:2a:cc:
11:2b:89:56:20:7d:4e:7f:e6:41:99:4b:a2:22:f5:
71:c0:1c:87:58:3d:e1:f3:01:c0:7e:5d:47:b3:01:
bb:1a:8f:24:3d:17:6a:24:48:e8:d4:43:3a:74:a2:
d4:19:c7:b8:a5:48:d0:44:7c:34:ce:0b:b3:bb:a0:
82:90:8d:90:79:a3:52:85:5a:31:8f:a4:b7:12:17:
04:e8:30:97:98:47:36:04:51:3f:6d:96:91:70:2b:
9b:ab:fb:5b:14:48:74:b0:b5:fd:6b:d1:2c:1e:f9:
d5:f6:2a:ca:c9:5a:b6:79:18:ba:57:8d:d5:f3:ed:
59:f9:fb:05:76:5c:72:f2:5a:04:78:ad:d4:d2:7b:
1e:e8:79:16:a6:0b:34:d3:cd:f5:08:26:8c:0e:f2:
e9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8C:C8:A6:70:40:9C:50:F6:8F:40:3F:11:F7:D3:CB:F1:D1:E7:29
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a048e9-67c5-415d-88d4-0acc3454af62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafe:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:a8:95:fd:7e:cc:52:fb:ba:b5:ee:fa:7c:44:96:69:ed:43:
df:47:ac:52:0f:e1:09:56:d7:3f:7b:01:38:1f:2c:a1:8d:2c:
f6:6a:20:2e:6c:61:33:da:85:3f:79:5b:0e:eb:60:33:48:28:
62:89:c6:b8:68:bc:6f:54:af:80:2c:77:9c:e6:33:cc:9b:f2:
3f:73:60:c4:96:a0:9a:07:b5:59:9f:aa:d2:6d:67:0d:53:ae:
8e:99:a4:57:0a:c7:24:03:a2:84:f9:87:48:c5:82:c0:b7:19:
40:f3:83:12:19:c7:16:79:51:40:ff:75:1c:2d:ab:e0:31:14:
19:55:46:72:4e:d6:b6:ec:71:87:1a:81:00:e1:9b:98:9e:a5:
ce:40:49:21:29:d5:8c:aa:21:04:78:d4:05:25:a4:82:85:76:
a9:34:e7:5c:76:fc:33:ef:ab:ea:d1:e8:c9:12:f6:85:f9:17:
db:02:4d:75:29:ee:55:4e:d2:84:d3:81:1b:ae:e1:b3:54:14:
9b:36:26:1a:ed:5e:51:5e:5e:00:85:7a:d5:54:14:aa:ef:4e:
dd:78:e6:59:b2:5b:5d:51:5c:79:7b:09:9d:db:8b:b6:62:54:
83:2b:ea:cf:b9:f6:a9:bf:95:43:92:21:70:2b:64:92:17:96:
88:14:58:53
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQptijpjuRKPAkudD9F0P1f5hA6gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDEwM1oX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNANTljNDFiNTAwMjVkZWRjYjQzYzJl
ZmExYWZmZmUyNWMwZTFmNWE5MGQxNWYzOTkxNjA4OWUyNDFiMjNlYmIzMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKncgVTvZPSCzgrGy61YsNL1sg0O
DCesy3libvx7SlLUjAosuMUD9psEBTE+Ue+D/jQmjL0GKubhmgydtgUsmrUZlWuG
R027rJ2HK/WQV8NHGgq7yJ9cMadpCwG8hSdGCpmpVDK0KswRK4lWIH1Of+ZBmUui
IvVxwByHWD3h8wHAfl1HswG7Go8kPRdqJEjo1EM6dKLUGce4pUjQRHw0zguzu6CC
kI2QeaNShVoxj6S3EhcE6DCXmEc2BFE/bZaRcCubq/tbFEh0sLX9a9EsHvnV9irK
yVq2eRi6V43V8+1Z+fsFdlxy8loEeK3U0nse6HkWpgs00831CCaMDvLp9wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAuMyKZwQJxQ9o9APxH308vx0ecpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M3YTA0OGU5LTY3YzUtNDE1ZC04OGQ0LTBhY2MzNDU0YWY2Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/oAwDQYJKoZIhvcNAQELBQADggEBAKOolf1+zFL7urXu+nxE
lmntQ99HrFIP4QlW1z97ATgfLKGNLPZqIC5sYTPahT95Ww7rYDNIKGKJxrhovG9U
r4Asd5zmM8yb8j9zYMSWoJoHtVmfqtJtZw1Tro6ZpFcKxyQDooT5h0jFgsC3GUDz
gxIZxxZ5UUD/dRwtq+AxFBlVRnJO1rbscYcagQDhm5iepc5ASSEp1YyqIQR41AUl
pIKFdqk051x2/DPvq+rR6MkS9oX5F9sCTXUp7lVO0oTTgRuu4bNUFJs2JhrtXlFe
XgCFetVUFKrvTt145lmyW11RXHl7CZ3bi7ZiVIMr6s+59qm/lUOSIXArZJIXlogU
WFM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:24:49 2025 by rpki-client