Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa
File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json)
Hash identifier: L+4XuFpUUrq1LMGzd/T/TeCNVmn14M1sVtjGZm7TymM=
Subject key identifier: 4F:29:A6:B6:2C:7E:3A:AA:66:86:7B:E5:96:CA:04:A9:7E:F3:82:93
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 7A21770F3A43CA3953D5722F4894DE44DB792633
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa
Signing time: Wed 05 Mar 2025 00:00:10 +0000
ROA not before: Wed 05 Mar 2025 00:00:10 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:21:77:0f:3a:43:ca:39:53:d5:72:2f:48:94:de:44:db:79:26:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 5 00:00:10 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d6:7c:ef:42:03:38:5d:b6:9f:6e:a0:37:3b:
17:df:c8:0e:b2:fb:a3:4c:77:95:a0:ee:05:f8:3a:
36:ef:01:dc:31:5b:81:09:ce:b1:cb:27:b5:a9:b8:
ef:61:bc:e3:0c:05:e0:29:50:16:85:37:a1:81:3c:
91:8f:c5:54:68:fd:78:c7:b0:28:5b:ec:fd:0a:53:
98:34:d9:d7:1d:09:72:11:7b:12:0d:a6:75:69:1a:
3b:bc:fb:ad:3b:b4:be:0b:ae:29:f4:19:58:df:26:
12:6d:59:48:8c:ae:bf:0f:0e:56:0f:b8:12:40:c9:
c8:4b:4f:68:f5:b8:02:ef:64:18:41:bf:48:6b:0f:
31:a8:69:09:ea:a5:2d:49:59:0f:52:4e:db:25:03:
ab:af:58:78:64:d1:3b:09:13:61:ca:72:6a:da:b7:
ff:70:9e:d6:09:7a:5b:69:75:e4:c4:48:e9:16:c6:
e6:c5:93:ba:ed:83:44:2d:20:73:1c:4f:29:af:e5:
3a:01:cd:bd:be:97:bd:37:2c:22:7b:57:89:e3:ee:
3f:b7:a7:39:b6:f3:99:3d:71:0d:57:b9:11:63:b8:
f4:1d:cd:a0:31:f3:b6:77:30:7c:ec:25:2f:33:1f:
34:18:bb:6a:9e:74:a1:40:bd:13:f0:2c:e2:28:30:
cd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:29:A6:B6:2C:7E:3A:AA:66:86:7B:E5:96:CA:04:A9:7E:F3:82:93
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.224.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:43:15:06:17:54:cb:a5:13:c0:a7:fc:94:c6:c6:e2:bb:a1:
a6:48:33:62:08:f7:fb:91:a3:70:34:4a:43:19:0b:61:b2:3c:
db:7d:3c:3a:39:c4:77:04:73:31:94:16:46:13:6c:6a:0c:09:
f7:ca:2e:46:53:4e:fd:09:0c:02:17:4e:7a:47:59:52:97:c7:
3d:7c:89:2b:c9:c9:96:99:88:6a:b6:24:99:21:09:f4:7f:ec:
8e:c5:47:2a:e2:cb:09:ad:8f:4d:aa:08:15:b2:05:5c:80:25:
68:a3:4a:95:95:9e:be:ec:ac:06:69:45:e6:bd:19:b2:3d:4f:
78:fc:a9:e9:b4:92:32:ad:e3:a1:e9:5f:6c:12:ee:28:a5:d0:
a1:ca:57:82:5f:23:8a:2d:d4:c9:26:f5:d3:47:82:41:20:6a:
54:0b:cd:55:ad:2c:fa:ed:ac:36:82:ed:14:77:0a:eb:b4:23:
8d:5a:50:b4:fb:08:34:5c:12:22:9d:30:43:33:cb:c5:c7:46:
15:64:82:6b:0f:e4:d1:9f:32:3b:5f:0b:f3:53:77:0c:fb:57:
17:2e:d0:f8:74:4e:dc:3c:8a:d3:61:33:32:6f:d7:39:bf:92:
0a:9f:d0:d7:63:f5:75:c3:ae:06:6f:d2:f3:c2:b1:93:56:8e:
5b:a7:e1:d6
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUeiF3DzpDyjlT1XIvSJTeRNt5JjMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDMwNTAwMDAxMFoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNANjRjMzIyYzEyOTliYjUxZTM2ZDI1
MTUwNzU5Njk5NzRmZTJiMjRiZWUwNjg0ZmEyMTRkYmY1ZjI1ZWQ2MTQ3YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptZ870IDOF22n26gNzsX38gOsvuj
THeVoO4F+Do27wHcMVuBCc6xyye1qbjvYbzjDAXgKVAWhTehgTyRj8VUaP14x7Ao
W+z9ClOYNNnXHQlyEXsSDaZ1aRo7vPutO7S+C64p9BlY3yYSbVlIjK6/Dw5WD7gS
QMnIS09o9bgC72QYQb9Iaw8xqGkJ6qUtSVkPUk7bJQOrr1h4ZNE7CRNhynJq2rf/
cJ7WCXpbaXXkxEjpFsbmxZO67YNELSBzHE8pr+U6Ac29vpe9Nywie1eJ4+4/t6c5
tvOZPXENV7kRY7j0Hc2gMfO2dzB87CUvMx80GLtqnnShQL0T8CziKDDNUwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFE8pprYsfjqqZoZ75ZbKBKl+84KTMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQCNQxUGF1TLpRPAp/yUxsbi
u6GmSDNiCPf7kaNwNEpDGQthsjzbfTw6OcR3BHMxlBZGE2xqDAn3yi5GU079CQwC
F056R1lSl8c9fIkrycmWmYhqtiSZIQn0f+yOxUcq4ssJrY9NqggVsgVcgCVoo0qV
lZ6+7KwGaUXmvRmyPU94/KnptJIyreOh6V9sEu4opdChyleCXyOKLdTJJvXTR4JB
IGpUC81VrSz67aw2gu0UdwrrtCONWlC0+wg0XBIinTBDM8vFx0YVZIJrD+TRnzI7
XwvzU3cM+1cXLtD4dE7cPIrTYTMyb9c5v5IKn9DXY/V1w64Gb9LzwrGTVo5bp+HW
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:03 2025 by rpki-client