Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa
File: 43fd8687-12d4-49b5-9958-8536ce8160b4.roa (raw, json)
Hash identifier: H0eraEBku9jJ3cEbqPBYC0Yo9nXLAHvdyUkonjSW370=
Subject key identifier: D3:39:B5:39:C7:A3:EF:78:10:30:2C:A5:6D:F9:F4:F6:C1:F5:99:F1
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 11BCD10E5502D925E1A523D523657A0EDC0EACD0
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa
Signing time: Sat 29 Mar 2025 00:00:15 +0000
ROA not before: Sat 29 Mar 2025 00:00:15 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.160.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:bc:d1:0e:55:02:d9:25:e1:a5:23:d5:23:65:7a:0e:dc:0e:ac:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 29 00:00:15 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2b:f9:66:4b:60:5b:1a:c5:17:e6:86:ef:b4:
79:70:d2:c6:2b:50:d5:83:38:ad:7e:83:ea:03:55:
80:3d:c2:32:ae:7c:f5:9f:5f:d0:5c:40:59:b1:89:
ea:2f:55:4e:92:5f:9f:7b:e2:81:71:cf:9c:93:b9:
38:db:6b:22:ac:8e:cf:09:b2:91:0c:45:fc:2a:0c:
ad:3e:05:09:35:2d:f3:da:4e:df:4d:2e:b8:da:31:
21:e0:c2:99:03:b6:8e:8e:81:b3:51:c5:78:6b:09:
ea:19:d6:34:d6:d4:de:42:6f:a4:3d:e7:84:bf:45:
c8:d5:0d:b2:fb:17:49:e5:bd:51:8e:1b:c3:6e:ad:
1a:67:09:8f:f9:b9:7d:86:d6:0c:09:74:72:6e:c6:
d2:8e:aa:e0:e6:84:a2:f6:f7:2d:5b:ee:70:e0:4c:
c1:d7:d1:de:66:78:92:8d:5b:56:b2:ac:9f:74:ae:
aa:4e:2b:cb:8c:0e:89:e7:a9:e1:f9:48:94:71:3b:
34:4e:4a:9f:47:49:c3:d0:f0:ee:9d:f1:77:18:f7:
56:70:57:24:51:98:80:97:26:9b:60:20:be:09:4e:
78:ce:6b:8c:30:61:7a:82:7c:12:e7:83:5a:42:9e:
b8:a5:6b:ad:a1:bc:a1:7c:7d:65:93:a7:6b:19:c9:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:39:B5:39:C7:A3:EF:78:10:30:2C:A5:6D:F9:F4:F6:C1:F5:99:F1
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.160.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:4b:d6:ed:c0:72:11:32:b0:8f:4e:64:65:13:6e:e8:e1:1f:
c0:fb:35:b3:b7:c8:89:ea:17:07:45:a5:f1:df:25:bc:d9:6f:
4b:be:60:6c:60:76:57:7f:48:d9:45:34:d0:ec:07:6a:df:08:
f8:3d:6d:37:bb:46:bb:78:8b:4d:d7:9a:89:b6:38:f3:9a:44:
dc:9d:aa:61:e1:9e:75:10:f4:d8:4c:16:a0:14:a5:fe:d5:dc:
ed:25:0a:10:63:09:19:29:46:3d:e5:eb:bd:a2:38:48:fb:a8:
1e:ae:64:f2:72:c3:fd:9d:28:b2:35:45:fc:ed:02:fc:cb:f3:
fd:6e:d2:36:24:3d:6e:2d:84:60:73:bb:a5:a2:6f:f8:ef:ca:
38:aa:47:b1:9a:2e:9f:21:b4:e7:02:f3:55:f5:f5:05:16:16:
2b:2e:77:09:1c:f3:24:a0:e0:e1:90:fa:8b:ea:40:78:eb:7f:
00:e2:52:7b:1b:8b:68:4b:1a:9c:2e:64:a4:88:b0:de:56:51:
4d:45:85:50:6d:06:13:9c:53:bb:b7:e1:ae:01:9b:67:b2:68:
28:0f:d8:71:3a:61:9b:e4:67:6c:cd:29:60:ac:58:01:95:c0:
7a:c0:41:ab:d6:b8:d1:13:ec:e5:3c:3d:db:76:4c:93:c9:19:
89:37:94:a2
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUEbzRDlUC2SXhpSPVI2V6DtwOrNAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAxNVoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAYjFjMGE0MTRmMzdlZGMxNzIzZGJi
OTQ0MDVlNDcwN2RiNjA0MTQ2ZTMwNDI1YzcxNmViM2JhOTAxODM2NGRiNDEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiv5ZktgWxrFF+aG77R5cNLGK1DV
gzitfoPqA1WAPcIyrnz1n1/QXEBZsYnqL1VOkl+fe+KBcc+ck7k422sirI7PCbKR
DEX8KgytPgUJNS3z2k7fTS642jEh4MKZA7aOjoGzUcV4awnqGdY01tTeQm+kPeeE
v0XI1Q2y+xdJ5b1RjhvDbq0aZwmP+bl9htYMCXRybsbSjqrg5oSi9vctW+5w4EzB
19HeZniSjVtWsqyfdK6qTivLjA6J56nh+UiUcTs0TkqfR0nD0PDunfF3GPdWcFck
UZiAlyabYCC+CU54zmuMMGF6gnwS54NaQp64pWutobyhfH1lk6drGckf7QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNM5tTnHo+94EDAspW359PbB9ZnxMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzQzZmQ4Njg3LTEyZDQtNDliNS05OTU4LTg1MzZjZTgxNjBiNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQFrymgMA0GCSqGSIb3DQEBCwUAA4IBAQCtS9btwHIRMrCPTmRlE27o
4R/A+zWzt8iJ6hcHRaXx3yW82W9LvmBsYHZXf0jZRTTQ7Adq3wj4PW03u0a7eItN
15qJtjjzmkTcnaph4Z51EPTYTBagFKX+1dztJQoQYwkZKUY95eu9ojhI+6germTy
csP9nSiyNUX87QL8y/P9btI2JD1uLYRgc7ulom/478o4qkexmi6fIbTnAvNV9fUF
FhYrLncJHPMkoODhkPqL6kB4638A4lJ7G4toSxqcLmSkiLDeVlFNRYVQbQYTnFO7
t+GuAZtnsmgoD9hxOmGb5GdszSlgrFgBlcB6wEGr1rjRE+zlPD3bdkyTyRmJN5Si
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:07 2025 by rpki-client