Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa
File: 72c1271b-5ed8-4478-ba43-6741904af7c8.roa (raw, json)
Hash identifier: d1oXgo2AhPxsYiN+ZHLJU6UTZpwP7iFk3ei3jaC0TA0=
Subject key identifier: 2A:39:B5:C7:9B:B9:AC:2B:21:FC:87:F1:CC:0A:77:99:8F:18:40:7E
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 6903CD956DBBC09A3AB16430A9B9D05C06499E71
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa
Signing time: Wed 05 Mar 2025 00:00:11 +0000
ROA not before: Wed 05 Mar 2025 00:00:11 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:03:cd:95:6d:bb:c0:9a:3a:b1:64:30:a9:b9:d0:5c:06:49:9e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 5 00:00:11 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b9:0a:7d:65:7b:47:58:fb:96:22:1b:16:b9:
6f:a5:e7:5a:01:ed:c7:52:5b:ec:bd:af:91:53:a2:
77:b1:e3:49:8a:c8:74:c1:cc:e4:91:e5:2a:27:d8:
dc:07:15:08:d7:11:f8:f4:dc:6e:1f:e3:0c:dd:3f:
ef:97:4e:ac:78:a9:d2:e0:12:9b:29:34:3c:1e:a8:
f0:57:b1:bb:78:f8:53:fc:0b:49:9e:4a:0a:71:e9:
a2:ab:f3:86:f7:58:90:52:e3:43:ae:c5:5d:f4:f3:
64:7d:a6:d6:51:21:dc:89:b3:01:ff:ff:62:c8:6f:
f7:44:da:f2:44:47:20:4a:c2:be:f0:c7:4a:35:e3:
23:86:49:46:dd:5a:a3:52:b1:48:d9:3a:3b:7e:aa:
cd:f4:84:3a:91:30:59:d0:eb:e1:cd:0a:8c:10:bf:
e0:73:e2:1c:a8:55:70:4d:e2:85:d6:90:6e:8d:c2:
c6:a0:ae:ab:5f:58:86:58:4d:47:49:83:75:b1:27:
6c:0c:8c:40:56:8d:af:e7:1a:b8:a5:36:bf:3c:83:
b5:54:8b:ea:ba:f9:e8:83:58:b3:30:eb:ea:5b:85:
9a:02:3c:62:c8:e7:68:67:da:bc:ab:30:5f:54:66:
41:86:63:7c:80:39:7d:28:c3:00:0f:40:3e:6c:5b:
04:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:B5:C7:9B:B9:AC:2B:21:FC:87:F1:CC:0A:77:99:8F:18:40:7E
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.0.0/17
Signature Algorithm: sha256WithRSAEncryption
38:03:b3:10:02:95:aa:df:3a:f6:8a:e0:99:49:ad:bf:bb:34:
bd:36:7f:df:03:82:61:43:3f:f8:41:00:28:a6:15:5a:52:8f:
b2:4b:1e:82:d3:82:f0:b4:f5:f6:67:ef:36:ea:cc:5c:70:e3:
c5:17:52:9d:59:ef:24:0c:3b:9c:14:a1:30:2b:0f:43:8e:85:
da:14:2d:b9:07:6b:e6:47:0c:fd:c5:7d:b4:ef:d8:60:43:ff:
98:45:7d:e1:cb:2a:8c:f9:9e:8f:82:06:b5:8a:cd:83:d3:8e:
35:3d:63:d7:85:13:ca:6b:b7:ff:8c:5b:49:79:bd:41:2c:44:
f1:14:7e:7e:29:a0:20:c3:68:f5:a4:44:47:2d:96:4a:b6:88:
93:05:1b:29:4e:05:db:ac:31:cc:ae:29:1c:37:69:5a:5d:86:
eb:6a:43:a1:e0:71:a0:3d:89:b3:0f:fd:2f:e3:61:b2:a1:8a:
ce:97:c9:1c:8a:be:97:8d:95:a0:8d:bc:02:03:58:3f:06:33:
9e:b0:41:8a:2f:eb:62:78:ac:f4:85:3c:ca:3b:4c:7b:c8:ab:
91:92:86:fb:f0:7e:bd:57:56:7a:f9:49:48:b4:36:41:f4:b4:
cb:b7:8a:90:7e:d8:56:92:a4:2f:26:41:cb:d4:8c:e6:cd:2a:
a7:d7:a7:8c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUaQPNlW27wJo6sWQwqbnQXAZJnnEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDMwNTAwMDAxMVoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAMDdjMjViOGIyNzcwODUxOGRhN2Vh
ZWUxYWM0NWZiNmRmNDI1OTEyYjFkMjg0ZjhiZTM4ZmY5ZDJiOGNhMjI1ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbkKfWV7R1j7liIbFrlvpedaAe3H
Ulvsva+RU6J3seNJish0wczkkeUqJ9jcBxUI1xH49NxuH+MM3T/vl06seKnS4BKb
KTQ8HqjwV7G7ePhT/AtJnkoKcemiq/OG91iQUuNDrsVd9PNkfabWUSHcibMB//9i
yG/3RNryREcgSsK+8MdKNeMjhklG3VqjUrFI2To7fqrN9IQ6kTBZ0OvhzQqMEL/g
c+IcqFVwTeKF1pBujcLGoK6rX1iGWE1HSYN1sSdsDIxAVo2v5xq4pTa/PIO1VIvq
uvnog1izMOvqW4WaAjxiyOdoZ9q8qzBfVGZBhmN8gDl9KMMAD0A+bFsEXQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCo5tcebuawrIfyH8cwKd5mPGEB+MB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcyYzEyNzFiLTVlZDgtNDQ3OC1iYTQzLTY3NDE5MDRhZjdjOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQHn/gAMA0GCSqGSIb3DQEBCwUAA4IBAQA4A7MQApWq3zr2iuCZSa2/
uzS9Nn/fA4JhQz/4QQAophVaUo+ySx6C04LwtPX2Z+826sxccOPFF1KdWe8kDDuc
FKEwKw9DjoXaFC25B2vmRwz9xX2079hgQ/+YRX3hyyqM+Z6Pgga1is2D0441PWPX
hRPKa7f/jFtJeb1BLETxFH5+KaAgw2j1pERHLZZKtoiTBRspTgXbrDHMrikcN2la
XYbrakOh4HGgPYmzD/0v42GyoYrOl8kcir6XjZWgjbwCA1g/BjOesEGKL+tieKz0
hTzKO0x7yKuRkob78H69V1Z6+UlItDZB9LTLt4qQfthWkqQvJkHL1IzmzSqn16eM
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:58 2025 by rpki-client