Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa
File: d74980db-a60d-487c-9253-3e131534d8d4.roa (raw, json)
Hash identifier: b8KO4I6eR5+fqRPpv9big8fMvrVWM0Xtc0hydrrFZJU=
Subject key identifier: 56:8A:C9:83:9F:E8:EF:E3:13:3B:86:3A:DF:5E:E0:D1:34:5A:91:9E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 480B0FE549799F4F10276D84B039F88213686177
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa
Signing time: Wed 26 Mar 2025 00:02:10 +0000
ROA not before: Wed 26 Mar 2025 00:02:10 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab9:f000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:0b:0f:e5:49:79:9f:4f:10:27:6d:84:b0:39:f8:82:13:68:61:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:02:10 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:8e:ce:14:0d:21:82:23:87:09:ca:06:db:
f4:ec:2b:aa:4d:f9:bc:60:37:46:f1:bd:d3:f2:b2:
0e:27:32:56:15:a5:fb:3e:98:94:9d:de:b9:96:c3:
c8:dc:55:53:58:81:14:d1:d2:a7:d2:cc:10:3a:eb:
db:50:8c:ba:38:cb:38:6f:64:49:ed:43:85:3f:62:
43:5d:af:56:4c:ad:57:a5:87:35:6d:03:0b:2e:00:
bd:42:b4:b4:69:08:80:6b:75:b9:83:9e:21:bf:dc:
62:a6:24:e4:f4:32:cb:ed:85:1d:e8:24:aa:25:81:
f9:98:27:12:56:33:f1:b6:ec:d0:f4:75:c1:06:aa:
02:b6:07:4e:db:18:d1:45:db:2a:93:21:42:d3:ac:
59:54:ed:b4:74:b9:fb:b0:70:63:e5:3d:eb:08:ac:
cd:33:cb:99:fd:24:a5:58:5a:be:b5:3f:fe:e7:fa:
38:5b:9c:a5:ad:f7:8e:99:c7:52:4f:53:4b:5e:2e:
41:93:c0:b7:6b:9f:af:5d:79:33:02:cb:09:9d:a8:
f8:da:39:85:9e:ac:45:95:f7:96:ee:2f:0f:a8:34:
77:7b:26:e6:2f:da:a8:49:96:df:04:f1:ca:8d:5d:
df:56:dc:c9:1a:39:7a:75:cd:a8:86:62:19:9e:f4:
a7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:8A:C9:83:9F:E8:EF:E3:13:3B:86:3A:DF:5E:E0:D1:34:5A:91:9E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab9:f000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:e8:c4:c0:52:23:9a:be:cb:ee:ee:13:b7:d2:67:0c:5d:2e:
ea:13:74:2f:46:25:ff:8e:6f:34:34:24:ab:01:bc:03:a2:1f:
c1:02:85:8e:3f:ad:0d:4d:40:5f:e8:77:f8:bc:4d:90:ad:41:
2b:48:42:33:52:c3:b9:8a:6e:43:53:9e:d4:17:a4:71:b0:51:
ec:f0:b6:f5:d8:08:45:29:e6:7d:c6:bd:ea:e2:5d:6c:a6:b0:
74:16:49:12:75:f1:68:95:9e:5e:6a:92:df:05:b4:22:c5:33:
b2:fa:24:85:1e:d3:37:e5:39:80:57:7c:26:9e:e1:ff:0d:e4:
c9:94:26:a5:0c:ff:17:53:87:cb:3c:2e:53:22:a5:29:5e:30:
81:54:18:53:2e:15:42:1f:36:7b:3f:88:13:03:ac:34:ed:a4:
ae:7c:3a:7f:1a:8a:7d:6e:24:f3:b0:1c:34:b0:d9:ac:99:3c:
a7:19:b4:62:74:ac:6c:ab:f4:ff:ab:87:97:77:10:ed:40:5a:
ab:97:12:0b:2c:9d:18:10:5a:48:42:75:06:ae:80:e1:a1:13:
77:d2:0f:0f:8c:21:08:55:91:50:3c:e3:d9:41:43:bb:54:e8:
c6:c5:03:cb:28:65:22:c3:0d:7d:b7:1e:2d:19:58:42:8c:c7:
17:32:45:ce
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSAsP5Ul5n08QJ22EsDn4ghNoYXcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMDIxMFoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAYTY4YTMxOGE3NGM2NmM3ZmY4N2M5
YjRhMTc0NDIyNzAzZDU2ZDUwNzVmMjMwMmVhOTk4M2Q2MDliZTUxOGU0ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykOOzhQNIYIjhwnKBtv07CuqTfm8
YDdG8b3T8rIOJzJWFaX7PpiUnd65lsPI3FVTWIEU0dKn0swQOuvbUIy6OMs4b2RJ
7UOFP2JDXa9WTK1XpYc1bQMLLgC9QrS0aQiAa3W5g54hv9xipiTk9DLL7YUd6CSq
JYH5mCcSVjPxtuzQ9HXBBqoCtgdO2xjRRdsqkyFC06xZVO20dLn7sHBj5T3rCKzN
M8uZ/SSlWFq+tT/+5/o4W5ylrfeOmcdST1NLXi5Bk8C3a5+vXXkzAssJnaj42jmF
nqxFlfeW7i8PqDR3eybmL9qoSZbfBPHKjV3fVtzJGjl6dc2ohmIZnvSn8QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFaKyYOf6O/jEzuGOt9e4NE0WpGeMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q3NDk4MGRiLWE2MGQtNDg3Yy05MjUzLTNlMTMxNTM0ZDhkNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaufAwDQYJKoZIhvcNAQELBQADggEBAKHoxMBSI5q+y+7uE7fS
ZwxdLuoTdC9GJf+ObzQ0JKsBvAOiH8EChY4/rQ1NQF/od/i8TZCtQStIQjNSw7mK
bkNTntQXpHGwUezwtvXYCEUp5n3GveriXWymsHQWSRJ18WiVnl5qkt8FtCLFM7L6
JIUe0zflOYBXfCae4f8N5MmUJqUM/xdTh8s8LlMipSleMIFUGFMuFUIfNns/iBMD
rDTtpK58On8ain1uJPOwHDSw2ayZPKcZtGJ0rGyr9P+rh5d3EO1AWquXEgssnRgQ
WkhCdQaugOGhE3fSDw+MIQhVkVA849lBQ7tU6MbFA8soZSLDDX23Hi0ZWEKMxxcy
Rc4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:14 2025 by rpki-client