Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22707524-2248-48ea-815f-578f49b19436.roa
File: 22707524-2248-48ea-815f-578f49b19436.roa (raw, json)
Hash identifier: Pibeg5rPToorZqOocOzTLDBzROBUdaMr9+uprk5L5eg=
Subject key identifier: 9D:4C:15:D1:AC:65:65:AC:C3:6C:94:9A:49:D7:74:1C:D3:62:0C:15
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 3D0EF9FAA61F6E44C7AEF6B7196046913346C843
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22707524-2248-48ea-815f-578f49b19436.roa
Signing time: Sat 29 Mar 2025 00:00:04 +0000
ROA not before: Sat 29 Mar 2025 00:00:04 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:0e:f9:fa:a6:1f:6e:44:c7:ae:f6:b7:19:60:46:91:33:46:c8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 29 00:00:04 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:80:1d:3f:7e:30:4e:42:8d:8c:e9:5e:b6:a2:
66:10:cf:fb:2f:21:aa:22:f0:cc:bf:22:9b:c7:e7:
04:b3:1b:9d:b1:22:71:74:d9:27:1e:f8:53:6e:1f:
f1:96:83:40:e4:46:5a:20:46:01:8e:23:ab:cc:03:
dd:19:38:4b:a0:5d:8d:f0:a3:78:d1:39:04:5b:47:
65:12:98:e2:08:67:eb:20:9e:d1:10:89:92:9f:ab:
cc:84:a4:91:87:11:69:d5:1d:95:cd:cd:0a:84:b1:
f8:bc:6a:a6:60:6f:a7:c0:03:90:f6:ee:86:2a:34:
58:55:48:02:1b:36:80:23:a1:51:cd:8e:9a:3e:0f:
4d:65:4d:1d:6e:c6:d4:34:ca:55:dc:c6:31:f7:2c:
af:88:ce:fe:ba:01:c1:9b:fb:95:cc:10:3f:4b:35:
5c:31:f2:d7:a8:53:01:49:88:30:19:9b:38:a8:2b:
28:45:cf:65:36:d7:c8:55:15:52:9b:b9:79:5d:17:
38:32:9b:42:8a:c0:1d:a7:54:2d:2f:af:19:16:2b:
2a:e5:ff:52:30:a8:80:4d:1c:ad:d0:ca:e1:62:d7:
67:1c:a2:33:e2:ea:90:b4:d7:af:f8:96:06:82:70:
c2:42:be:12:f6:1b:e4:e0:1b:a2:b9:a4:16:c6:9f:
5a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4C:15:D1:AC:65:65:AC:C3:6C:94:9A:49:D7:74:1C:D3:62:0C:15
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22707524-2248-48ea-815f-578f49b19436.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.150.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:88:c3:5f:86:13:ae:67:2c:8f:7d:d2:09:95:2a:2a:63:e0:
3b:5e:f3:07:17:b4:f9:dd:46:17:6d:5d:7e:33:a0:e5:e9:ae:
de:03:cd:2f:03:32:6c:fc:1b:d3:36:a9:be:12:1c:80:f8:a2:
a0:22:1e:0f:ae:e2:af:88:1e:11:99:cd:7f:3d:69:c0:78:d0:
3b:c8:51:4f:1a:09:6f:91:dc:0f:b6:e0:a6:2c:18:64:3e:df:
70:2a:12:fd:9a:04:20:dd:d0:22:89:ba:66:de:c5:31:53:8f:
08:b5:34:75:c0:ac:41:84:47:8c:20:92:16:b6:b7:21:03:ae:
3c:64:82:d7:89:70:1e:a6:50:46:43:32:7d:3e:09:ce:06:39:
a9:ce:36:0c:67:c3:7c:0b:65:69:4d:93:b9:24:5e:53:ae:ec:
c0:a8:ab:fb:f9:4d:98:fa:02:33:4b:cb:18:58:0f:58:44:86:
5c:9d:58:f8:71:bb:5d:5a:6b:28:25:72:60:71:11:6a:d7:74:
79:c4:44:33:81:4b:73:49:e2:a3:c0:ea:d6:ce:ac:3b:04:41:
fa:2f:f8:ea:0f:a4:1a:ac:4e:a7:22:88:3c:87:9d:b8:6c:c5:
0f:7d:3b:cf:e6:71:33:63:69:68:6c:2d:db:3c:19:fe:85:f4:
71:5d:b8:e6
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUPQ75+qYfbkTHrva3GWBGkTNGyEMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAwNFoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAN2FkMjViMjcwZDE0YjA1MWRjZWI2
N2Y3ZGQ5ZjM5Mzc5NWM2OWRjMDAwOWJmOTIyYjg2NzY1MWQzOWRmNTZiNTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoAdP34wTkKNjOletqJmEM/7LyGq
IvDMvyKbx+cEsxudsSJxdNknHvhTbh/xloNA5EZaIEYBjiOrzAPdGThLoF2N8KN4
0TkEW0dlEpjiCGfrIJ7REImSn6vMhKSRhxFp1R2Vzc0KhLH4vGqmYG+nwAOQ9u6G
KjRYVUgCGzaAI6FRzY6aPg9NZU0dbsbUNMpV3MYx9yyviM7+ugHBm/uVzBA/SzVc
MfLXqFMBSYgwGZs4qCsoRc9lNtfIVRVSm7l5XRc4MptCisAdp1QtL68ZFisq5f9S
MKiATRyt0MrhYtdnHKIz4uqQtNev+JYGgnDCQr4S9hvk4BuiuaQWxp9azwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJ1MFdGsZWWsw2yUmknXdBzTYgwVMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzIyNzA3NTI0LTIyNDgtNDhlYS04MTVmLTU3OGY0OWIxOTQzNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQArymWMA0GCSqGSIb3DQEBCwUAA4IBAQCLiMNfhhOuZyyPfdIJlSoq
Y+A7XvMHF7T53UYXbV1+M6Dl6a7eA80vAzJs/BvTNqm+EhyA+KKgIh4PruKviB4R
mc1/PWnAeNA7yFFPGglvkdwPtuCmLBhkPt9wKhL9mgQg3dAiibpm3sUxU48ItTR1
wKxBhEeMIJIWtrchA648ZILXiXAeplBGQzJ9PgnOBjmpzjYMZ8N8C2VpTZO5JF5T
ruzAqKv7+U2Y+gIzS8sYWA9YRIZcnVj4cbtdWmsoJXJgcRFq13R5xEQzgUtzSeKj
wOrWzqw7BEH6L/jqD6QarE6nIog8h524bMUPfTvP5nEzY2lobC3bPBn+hfRxXbjm
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:52:54 2025 by rpki-client