Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa
File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json)
Hash identifier: sP4xz+e87jO3Q2PbKb07BbfqWgnQq0te9EyKJeFFxjc=
Subject key identifier: AF:E6:F8:8D:2A:A3:34:27:49:AF:9C:DD:F9:37:DC:09:AE:F5:0D:DE
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 0B2DC0624E3D4235F6C8FEF6D7160C996DEEDC6C
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa
Signing time: Mon 24 Mar 2025 15:00:05 +0000
ROA not before: Mon 24 Mar 2025 15:00:05 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 7224
IP address blocks: 159.248.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:2d:c0:62:4e:3d:42:35:f6:c8:fe:f6:d7:16:0c:99:6d:ee:dc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 24 15:00:05 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:4c:e4:2e:09:74:8b:60:36:90:43:dd:9f:
45:7e:b8:93:f7:2b:fb:6a:25:7a:0e:fb:5a:74:91:
18:6a:12:eb:42:bc:39:a7:ba:9b:c3:69:48:b6:46:
0f:1d:3a:56:0a:28:77:d1:58:6d:fc:69:10:5d:36:
38:a3:c1:55:6f:7e:69:a0:28:c0:58:d8:38:f2:d3:
f3:ec:f0:bc:f3:a3:b1:3b:91:62:e6:e0:ad:74:2a:
62:34:16:ab:5c:c3:55:5b:2f:eb:48:cb:3d:a3:97:
ca:9b:09:e4:03:e4:73:ec:44:d9:a8:ad:73:6b:f9:
3b:6b:27:b2:be:91:10:77:74:ca:a8:0e:79:5b:e3:
50:cc:53:52:89:34:2b:d2:e3:55:6c:33:4d:1b:84:
ec:61:67:11:0f:73:b2:e0:9b:06:6b:95:ce:d9:ca:
f6:72:34:77:ef:97:64:d1:2d:7b:1e:5c:67:74:03:
f7:f2:d5:1d:9a:37:0e:49:4a:3e:dd:8d:f5:45:64:
45:17:95:67:5e:b5:c2:af:15:36:6b:61:55:d5:1c:
04:90:ec:cf:49:05:ca:ec:8f:70:94:65:d2:d9:e8:
53:e5:e5:e2:c8:d1:44:b8:9c:b3:85:30:42:9d:f1:
5e:af:46:e3:2f:63:3c:7a:21:2e:d0:5b:75:cc:54:
7a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E6:F8:8D:2A:A3:34:27:49:AF:9C:DD:F9:37:DC:09:AE:F5:0D:DE
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.128.0/22
Signature Algorithm: sha256WithRSAEncryption
02:63:37:d7:80:ff:7a:f9:c4:6e:76:19:c7:27:98:e4:00:dd:
fc:47:38:15:3e:7f:d0:62:4d:2b:b8:a6:6c:7b:51:1c:53:74:
46:0d:75:6a:e9:b0:53:f4:44:1d:a9:01:b0:3d:af:58:1e:d7:
92:65:77:40:2f:1d:ef:ef:64:da:05:02:2d:3b:63:82:6e:16:
47:45:5c:b8:11:b6:be:9e:b4:9d:a4:a1:c0:af:42:db:4a:48:
65:ce:ec:f7:b2:ee:42:21:d1:b0:74:26:1e:67:01:4b:77:36:
74:24:74:4c:d8:dc:12:07:1c:99:ca:50:c4:78:6f:a6:27:ae:
7b:39:ed:d8:8d:d9:84:fa:c0:21:d5:51:00:cc:33:97:58:47:
42:16:e5:6c:3e:ce:9a:01:93:c5:9a:c7:81:03:71:52:b7:ca:
7f:5d:bb:fd:2e:10:1c:9d:ea:41:28:be:74:67:c8:5a:7e:e7:
f2:5b:16:e8:c8:06:4b:a1:4b:e1:0e:d8:be:12:8f:a1:ae:97:
18:22:c3:c8:fe:18:aa:a9:68:a3:d5:ee:de:b8:ce:72:af:c4:
bb:3c:db:9e:83:31:90:2f:34:80:1b:88:52:e6:e3:de:d9:7e:
92:dc:ca:e6:15:a3:f8:f4:7b:93:f8:d2:e1:5e:f8:21:a4:ad:
6b:3d:2b:7e
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUCy3AYk49QjX2yP721xYMmW3u3GwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDMyNDE1MDAwNVoX
DTI1MDQyODIzNTk1OVowejFJMEcGA1UEBRNANjY5NzAxMWM1MDdmNTQ2MWMyOGM3
OGMzMjFhODlmMTdhNTdiYTdjOGNiZWFmNDdkNjQzZWQ4NmNhMmY3MGRjYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEJM5C4JdItgNpBD3Z9FfriT9yv7
aiV6DvtadJEYahLrQrw5p7qbw2lItkYPHTpWCih30Vht/GkQXTY4o8FVb35poCjA
WNg48tPz7PC886OxO5Fi5uCtdCpiNBarXMNVWy/rSMs9o5fKmwnkA+Rz7ETZqK1z
a/k7ayeyvpEQd3TKqA55W+NQzFNSiTQr0uNVbDNNG4TsYWcRD3Oy4JsGa5XO2cr2
cjR375dk0S17HlxndAP38tUdmjcOSUo+3Y31RWRFF5VnXrXCrxU2a2FV1RwEkOzP
SQXK7I9wlGXS2ehT5eXiyNFEuJyzhTBCnfFer0bjL2M8eiEu0Ft1zFR6BwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFK/m+I0qozQnSa+c3fk33Amu9Q3eMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQACYzfXgP96+cRudhnHJ5jk
AN38RzgVPn/QYk0ruKZse1EcU3RGDXVq6bBT9EQdqQGwPa9YHteSZXdALx3v72Ta
BQItO2OCbhZHRVy4Eba+nrSdpKHAr0LbSkhlzuz3su5CIdGwdCYeZwFLdzZ0JHRM
2NwSBxyZylDEeG+mJ657Oe3YjdmE+sAh1VEAzDOXWEdCFuVsPs6aAZPFmseBA3FS
t8p/Xbv9LhAcnepBKL50Z8hafufyWxboyAZLoUvhDti+Eo+hrpcYIsPI/hiqqWij
1e7euM5yr8S7PNuegzGQLzSAG4hS5uPe2X6S3MrmFaP49HuT+NLhXvghpK1rPSt+
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:52:47 2025 by rpki-client