Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa
File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json)
Hash identifier: tvirpfkTHYgHGbzTrs5HVrTUoWoDP38XiXDABac42SE=
Subject key identifier: 14:DE:7D:2D:9E:D4:6D:9F:57:6E:29:18:4A:07:38:7D:FF:20:C1:93
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 493746419BE7BE8FEE89B2FCED4224D0F73FACF8
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa
Signing time: Tue 11 Mar 2025 00:00:04 +0000
ROA not before: Tue 11 Mar 2025 00:00:04 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 103.8.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:37:46:41:9b:e7:be:8f:ee:89:b2:fc:ed:42:24:d0:f7:3f:ac:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Mar 11 00:00:04 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c2:64:28:3d:87:17:86:1b:a7:0d:c5:45:c9:
4e:e0:bd:e0:e1:87:3e:28:b4:45:90:39:11:1e:4a:
21:1f:3f:f1:84:7e:42:1d:63:ae:09:b2:54:e0:7d:
f1:ff:97:5a:35:f8:fc:e9:e5:0b:0e:98:91:06:09:
86:ce:27:15:db:82:87:d8:aa:82:b9:04:a4:55:ff:
c1:d0:9d:27:5e:ad:eb:e0:21:27:1f:3b:6d:22:0a:
f0:a6:0c:0a:78:33:ff:85:8b:f5:9a:e1:cb:cb:bc:
f6:cf:d2:53:6b:55:09:cc:29:c3:46:53:a4:b6:86:
b0:39:01:3a:f3:20:d8:f6:a2:af:90:53:68:1c:12:
7a:55:e1:03:89:3d:5c:86:8d:83:f4:56:e5:e0:5f:
4e:05:85:f3:9e:5e:7b:44:03:b3:50:13:4b:2a:44:
69:4c:de:c5:64:e8:05:96:a0:6b:84:c5:ca:e8:73:
8c:f5:c3:4c:2c:ec:7d:db:51:8e:05:05:ff:4d:83:
49:c0:1f:c6:73:28:59:e5:08:9f:98:60:d9:61:26:
85:53:32:d9:19:23:2d:37:38:c3:e7:69:51:0e:9f:
f8:83:96:f8:63:7b:06:3b:dc:c1:a0:ef:8d:8b:0b:
98:82:b3:95:b9:8f:66:14:78:34:1e:34:17:a7:6f:
a6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DE:7D:2D:9E:D4:6D:9F:57:6E:29:18:4A:07:38:7D:FF:20:C1:93
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.8.172.0/22
Signature Algorithm: sha256WithRSAEncryption
17:ae:f7:d3:af:2c:af:e9:34:a3:b9:0d:35:f7:af:47:7a:2d:
b3:7b:10:af:17:8d:14:9f:9b:ab:a9:b8:91:cf:62:19:03:71:
1e:5e:30:61:b8:63:aa:13:a5:8e:24:f3:c7:59:76:37:7c:34:
95:19:1c:4b:ec:dc:a3:17:9a:5a:55:c0:5b:23:1e:c4:79:eb:
48:62:4f:af:3e:db:9a:c5:29:d5:a1:f6:ce:62:cc:b1:29:59:
03:f1:a3:7f:bb:84:c1:53:03:eb:df:b6:cd:66:fe:81:0c:d0:
22:fc:fe:e8:9e:be:76:82:6f:70:b4:bf:81:26:e4:29:63:75:
a0:38:57:e3:94:b7:be:ec:ff:be:9f:42:56:35:8a:94:21:25:
39:ae:97:f1:37:cf:14:2f:46:7a:63:9b:7a:8c:47:bb:a0:c4:
59:f5:ef:bd:93:93:5b:9d:a7:e7:b9:e0:46:0d:39:c5:a5:00:
1c:14:ff:ba:36:20:cf:c1:b3:06:dc:b5:d0:88:41:c2:ad:fb:
b6:84:7d:08:85:c4:a6:1f:4d:ed:20:61:52:ab:04:79:7a:e1:
ed:e3:33:ee:52:64:f5:9f:6d:ad:4d:f9:07:60:83:44:08:aa:
50:f4:a7:b6:24:93:ee:17:e6:aa:01:29:d0:51:bb:e6:fd:4d:
ea:88:23:0d
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUSTdGQZvnvo/uibL87UIk0Pc/rPgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDMxMTAwMDAwNFoX
DTI1MDQxNTIzNTk1OVowejFJMEcGA1UEBRNAZWVmMmNhNTljMWM5MjQ5MzhkOWE0
NmJiNjQyZTZhMmU0NjBjZmM1NTkwNDM2MzAwNzE1NGMyMDZjYmMxMWY1NjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMJkKD2HF4Ybpw3FRclO4L3g4Yc+
KLRFkDkRHkohHz/xhH5CHWOuCbJU4H3x/5daNfj86eULDpiRBgmGzicV24KH2KqC
uQSkVf/B0J0nXq3r4CEnHzttIgrwpgwKeDP/hYv1muHLy7z2z9JTa1UJzCnDRlOk
toawOQE68yDY9qKvkFNoHBJ6VeEDiT1cho2D9Fbl4F9OBYXznl57RAOzUBNLKkRp
TN7FZOgFlqBrhMXK6HOM9cNMLOx921GOBQX/TYNJwB/GcyhZ5QifmGDZYSaFUzLZ
GSMtNzjD52lRDp/4g5b4Y3sGO9zBoO+NiwuYgrOVuY9mFHg0HjQXp2+mzQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBTefS2e1G2fV24pGEoHOH3/IMGTMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQAXrvfTryyv6TSjuQ01969H
ei2zexCvF40Un5urqbiRz2IZA3EeXjBhuGOqE6WOJPPHWXY3fDSVGRxL7NyjF5pa
VcBbIx7EeetIYk+vPtuaxSnVofbOYsyxKVkD8aN/u4TBUwPr37bNZv6BDNAi/P7o
nr52gm9wtL+BJuQpY3WgOFfjlLe+7P++n0JWNYqUISU5rpfxN88UL0Z6Y5t6jEe7
oMRZ9e+9k5NbnafnueBGDTnFpQAcFP+6NiDPwbMG3LXQiEHCrfu2hH0IhcSmH03t
IGFSqwR5euHt4zPuUmT1n22tTfkHYINECKpQ9Ke2JJPuF+aqASnQUbvm/U3qiCMN
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:13 2025 by rpki-client