Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa
File: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (raw, json)
Hash identifier: 1/22g6eOGmgkV9JOoqzafozeNBlYYxms4KdtahSysjU=
Subject key identifier: 93:EF:A1:4F:C4:78:A3:8B:D4:F3:A3:43:83:A1:39:37:52:61:D3:1B
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 07ED524465E7F2DE482C8445198F8AE918C3B6C1
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa
Signing time: Wed 05 Mar 2025 00:00:04 +0000
ROA not before: Wed 05 Mar 2025 00:00:04 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ed:52:44:65:e7:f2:de:48:2c:84:45:19:8f:8a:e9:18:c3:b6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 5 00:00:04 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:18:f7:8f:ec:d4:8f:7c:de:76:62:9f:28:67:
01:35:ea:46:fd:4c:01:1a:b7:2f:ed:38:b9:1c:4d:
60:41:d4:82:8a:5e:54:e8:dc:df:aa:43:25:57:bc:
72:82:44:a6:c0:c8:18:12:8c:c3:2d:ee:98:26:a1:
a3:30:76:81:dd:b9:67:cd:34:4f:42:7f:3d:cc:fc:
e2:22:d4:9f:3b:1a:c9:00:22:bf:c5:2e:00:43:a8:
c8:77:af:e7:84:83:1a:a9:98:1b:90:ce:73:29:3b:
26:3c:70:fa:70:5b:c1:02:62:98:c2:7a:2e:2b:2b:
bb:96:25:9f:08:cd:31:25:f3:57:90:9a:a5:eb:1c:
66:0f:e9:70:75:ae:1b:34:68:34:0a:3a:de:be:b0:
2e:e2:e4:77:02:33:34:40:b6:92:cc:32:73:33:8e:
e1:52:d3:7a:cf:b4:b4:dc:fa:e2:10:0c:e0:0f:92:
78:c3:d8:15:35:6e:f5:e6:82:a6:22:94:9f:8d:6a:
15:b1:fe:50:97:2c:0b:fc:73:20:d7:4a:bb:46:d1:
94:39:cf:b1:ca:a0:73:67:8f:96:b9:67:14:ac:89:
9a:ee:73:95:ff:f2:ce:ef:e3:90:b3:68:b2:75:7d:
35:46:a6:06:3f:e6:c8:ce:e0:13:f3:a8:4f:79:37:
b2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:EF:A1:4F:C4:78:A3:8B:D4:F3:A3:43:83:A1:39:37:52:61:D3:1B
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.240.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:63:e5:aa:99:9b:d3:b5:fb:0a:c4:dc:93:5e:77:8d:37:5e:
8e:c9:2c:db:a6:0e:b4:fc:00:5d:6c:cd:09:3a:59:9f:66:54:
4c:62:82:b2:35:50:47:ba:54:ca:cc:0e:79:27:f5:56:d0:e7:
d2:15:5b:6e:76:94:05:94:75:cf:cb:eb:4e:f5:b0:11:b7:df:
ba:d2:70:ff:6a:83:20:02:a8:07:26:c3:a9:26:7c:12:11:20:
c4:68:83:47:de:ff:a0:99:d9:6e:17:77:1d:9f:18:5e:28:66:
59:f0:19:44:0f:74:2d:cf:da:ad:45:0b:9c:4e:b1:b1:1a:e1:
e7:47:ed:cf:50:6b:78:27:44:7e:5f:58:26:51:79:d9:8e:20:
fb:54:c3:bd:51:b0:fa:ef:b4:76:f9:7d:d2:2d:fd:4a:e9:bd:
7c:8a:76:f7:3a:26:bf:64:1c:dc:d2:ca:88:99:06:e5:3e:9d:
3d:0b:f3:00:71:50:5c:a3:81:ff:cf:e3:f6:5c:3f:90:da:aa:
3d:3d:e9:29:ce:9c:94:c8:b3:af:1c:0c:57:46:f0:c4:21:72:
ad:d0:d2:fb:95:6d:e3:53:02:75:4c:89:40:d2:51:33:bb:65:
4b:ee:ac:e9:24:0b:75:06:d4:f1:b2:b4:01:a6:d2:a2:14:4d:
ff:40:19:d7
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUB+1SRGXn8t5ILIRFGY+K6RjDtsEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDMwNTAwMDAwNFoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNANTEyYTJlNzlkNjAzNTUwZWUxMmQ0
MTE4NDU3NWI0MzBhZmIzMmJhYWVlZDg3YjUyNzU5YTkwZjI5OTJmMDEyNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhj3j+zUj3zedmKfKGcBNepG/UwB
Grcv7Ti5HE1gQdSCil5U6NzfqkMlV7xygkSmwMgYEozDLe6YJqGjMHaB3blnzTRP
Qn89zPziItSfOxrJACK/xS4AQ6jId6/nhIMaqZgbkM5zKTsmPHD6cFvBAmKYwnou
Kyu7liWfCM0xJfNXkJql6xxmD+lwda4bNGg0CjrevrAu4uR3AjM0QLaSzDJzM47h
UtN6z7S03PriEAzgD5J4w9gVNW715oKmIpSfjWoVsf5QlywL/HMg10q7RtGUOc+x
yqBzZ4+WuWcUrIma7nOV//LO7+OQs2iydX01RqYGP+bIzuAT86hPeTey5wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJPvoU/EeKOL1POjQ4OhOTdSYdMbMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQwOTU2NjkwLTM2NjEtNDlmMi04ZWJjLTJmYTVhNDdhOThhZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQBuY+WqmZvTtfsKxNyTXneN
N16OySzbpg60/ABdbM0JOlmfZlRMYoKyNVBHulTKzA55J/VW0OfSFVtudpQFlHXP
y+tO9bARt9+60nD/aoMgAqgHJsOpJnwSESDEaINH3v+gmdluF3cdnxheKGZZ8BlE
D3Qtz9qtRQucTrGxGuHnR+3PUGt4J0R+X1gmUXnZjiD7VMO9UbD677R2+X3SLf1K
6b18inb3Oia/ZBzc0sqImQblPp09C/MAcVBco4H/z+P2XD+Q2qo9PekpzpyUyLOv
HAxXRvDEIXKt0NL7lW3jUwJ1TIlA0lEzu2VL7qzpJAt1BtTxsrQBptKiFE3/QBnX
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:13 2025 by rpki-client