Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e8d8271-3a39-44e7-8971-4754b2796103.roa
File: 2e8d8271-3a39-44e7-8971-4754b2796103.roa (raw, json)
Hash identifier: o1Aem3hWTMh55ugPZCm4lgcNlz91wCsvCK2ayhQIHcU=
Subject key identifier: CF:5B:6E:9A:A3:84:5B:16:A6:1C:3E:4B:02:B6:B2:74:F1:4B:09:38
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 149332C015B49A591067CADC439C390EEDEDDAA3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e8d8271-3a39-44e7-8971-4754b2796103.roa
Signing time: Wed 26 Mar 2025 00:10:17 +0000
ROA not before: Wed 26 Mar 2025 00:10:17 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 8987
IP address blocks: 43.200.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:93:32:c0:15:b4:9a:59:10:67:ca:dc:43:9c:39:0e:ed:ed:da:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:10:17 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:68:7e:ff:2c:86:d2:c2:61:2a:2f:2a:a3:
7a:ed:d2:ec:22:12:38:30:e9:2f:a6:70:6e:9a:1d:
5b:02:89:b8:ff:c5:ef:63:5a:b9:a4:97:f6:53:27:
39:86:4d:ee:63:27:2d:1b:0b:1f:7b:47:19:6f:6a:
e5:78:15:b4:5e:d1:cd:49:96:d2:21:5e:01:65:1e:
0b:2b:31:cb:5d:ca:d3:f9:0e:04:98:66:db:c4:83:
44:33:6e:fe:e1:2b:04:a9:d7:46:a2:de:33:32:b2:
74:ab:ab:bf:a5:15:e2:24:a0:6b:79:b8:19:79:4c:
e0:84:7e:33:7d:41:77:44:5f:be:2e:bc:f6:fa:70:
24:b4:91:af:e1:cd:f5:b6:d5:cc:6f:82:bd:26:01:
6f:fb:3c:b8:78:4c:39:5f:9d:d9:94:6e:84:7e:8b:
96:02:31:5e:9c:ee:d5:a5:4f:f4:2f:81:6d:43:3c:
c6:c7:b1:96:1c:4c:4b:73:d5:88:1a:09:6f:65:e4:
09:19:4c:ec:fc:1c:55:3f:62:2d:d9:af:bd:85:dd:
fb:ac:7b:b9:2a:77:67:39:09:f9:c6:04:53:9f:31:
37:40:e2:4d:91:dc:5f:b6:36:a2:cc:cd:d6:d7:c3:
86:2d:f4:1a:d8:ee:e8:50:60:bd:3a:9d:39:58:e9:
7c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5B:6E:9A:A3:84:5B:16:A6:1C:3E:4B:02:B6:B2:74:F1:4B:09:38
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e8d8271-3a39-44e7-8971-4754b2796103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.200.0.0/13
Signature Algorithm: sha256WithRSAEncryption
09:c9:f8:cc:c3:b8:54:6d:db:dc:30:75:01:27:88:a9:46:de:
3d:5e:81:72:6b:13:1d:97:49:c0:66:ac:e8:5c:d7:a6:91:1a:
e2:53:94:81:95:4d:03:b0:69:71:25:48:52:d7:e6:57:95:c7:
dc:d0:d4:32:41:96:72:d9:89:0f:af:a4:89:e4:12:87:05:06:
dc:ca:79:7d:b9:4c:d2:c8:3d:a9:ee:ad:20:e6:11:60:f2:15:
4b:15:8d:c9:ae:c8:0f:3d:51:49:5f:e1:48:1d:02:af:ca:30:
5b:6e:38:c0:26:82:08:a2:77:53:8d:46:56:5f:3d:b1:63:00:
4e:4f:17:5b:f4:17:aa:d0:60:22:ae:21:0d:90:f9:6e:e9:c1:
e9:69:c6:d0:e2:4a:f6:49:93:0a:88:a6:24:a0:7f:fd:a4:71:
63:0f:d8:9b:97:d4:47:c2:04:d4:54:14:97:12:a8:32:1e:51:
e8:a3:fb:45:80:7b:52:61:75:b5:5c:35:06:47:f9:ae:15:9b:
c9:97:6b:ef:ef:31:56:1a:55:8a:db:b1:6c:dd:73:93:4c:53:
62:6a:67:80:10:5a:d3:c5:81:cd:d0:49:db:8a:cb:5c:3a:a7:
7e:df:af:70:d4:fb:8c:b6:e1:7d:c4:90:28:10:9e:ff:98:44:
a1:a2:e7:b3
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUFJMywBW0mlkQZ8rcQ5w5Du3t2qMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMTAxN1oX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAN2Y3NTkxZDg5NTVlZWM0YWJiYmY4
NDA1OTI5NzhiNTlmZjZmOTcxNGY1MGZiZmEwNGIzOTMzYjYyOWNhZmE3ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApANofv8shtLCYSovKqN67dLsIhI4
MOkvpnBumh1bAom4/8XvY1q5pJf2Uyc5hk3uYyctGwsfe0cZb2rleBW0XtHNSZbS
IV4BZR4LKzHLXcrT+Q4EmGbbxINEM27+4SsEqddGot4zMrJ0q6u/pRXiJKBrebgZ
eUzghH4zfUF3RF++Lrz2+nAktJGv4c31ttXMb4K9JgFv+zy4eEw5X53ZlG6EfouW
AjFenO7VpU/0L4FtQzzGx7GWHExLc9WIGglvZeQJGUzs/BxVP2It2a+9hd37rHu5
KndnOQn5xgRTnzE3QOJNkdxftjaizM3W18OGLfQa2O7oUGC9Op05WOl85QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFM9bbpqjhFsWphw+SwK2snTxSwk4MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJlOGQ4MjcxLTNhMzktNDRlNy04OTcxLTQ3NTRiMjc5NjEwMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAAnJ+MzDuFRt29wwdQEniKlG
3j1egXJrEx2XScBmrOhc16aRGuJTlIGVTQOwaXElSFLX5leVx9zQ1DJBlnLZiQ+v
pInkEocFBtzKeX25TNLIPanurSDmEWDyFUsVjcmuyA89UUlf4UgdAq/KMFtuOMAm
ggiid1ONRlZfPbFjAE5PF1v0F6rQYCKuIQ2Q+W7pwelpxtDiSvZJkwqIpiSgf/2k
cWMP2JuX1EfCBNRUFJcSqDIeUeij+0WAe1JhdbVcNQZH+a4Vm8mXa+/vMVYaVYrb
sWzdc5NMU2JqZ4AQWtPFgc3QSduKy1w6p37fr3DU+4y24X3EkCgQnv+YRKGi57M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:29:00 2025 by rpki-client