Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa
File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json)
Hash identifier: kSmDqqQV2V4lDFMeoWkK5cfIVoAv5b4i9i9RDFEJRjU=
Subject key identifier: C0:2E:39:9E:7D:4E:5C:83:1E:30:36:B3:18:F5:29:47:84:3D:2D:75
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 1C2FCA4867325E0A8DAA75603DB271A462CC3B17
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa
Signing time: Sat 29 Mar 2025 00:00:01 +0000
ROA not before: Sat 29 Mar 2025 00:00:01 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 122.248.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:2f:ca:48:67:32:5e:0a:8d:aa:75:60:3d:b2:71:a4:62:cc:3b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 29 00:00:01 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:62:c9:62:bb:a9:55:5f:17:41:54:41:49:
d7:aa:ed:65:56:f4:14:ff:30:98:22:d5:41:c4:1b:
cd:75:e1:aa:c7:d1:f5:aa:c3:a8:8e:5e:85:9c:9f:
e4:8a:36:5d:ef:13:78:e0:52:9d:c5:ef:5d:e8:24:
cf:40:c3:08:63:bd:df:93:bb:95:48:3f:94:66:33:
9a:2e:a9:0d:4e:46:5b:7c:bd:37:91:60:80:7f:b6:
78:e9:2a:39:2a:20:44:d3:48:ca:26:e9:40:63:72:
69:bd:b2:d5:2c:52:77:5e:10:65:f9:59:6f:dd:bb:
e6:c0:9f:41:a1:00:09:3c:03:1b:1a:3f:61:06:71:
66:97:d8:7b:7a:e9:2c:93:42:6d:a1:95:56:03:51:
e5:e5:df:00:1b:87:ab:a2:57:71:01:f6:ec:10:28:
45:b1:a3:0b:98:51:77:3e:9f:58:95:6c:d0:cb:8d:
fe:1a:83:ca:ec:a5:c2:95:d0:f7:06:93:3d:a9:c7:
4a:da:71:24:86:62:1f:4f:7a:58:1f:ce:1d:78:46:
b6:2b:f5:80:45:9a:1c:f1:af:45:c2:46:67:f6:42:
11:33:35:e9:fd:63:5e:d9:b3:f5:f2:db:50:57:c2:
a0:98:39:d5:5d:ec:ac:48:82:c1:1a:40:54:de:d9:
db:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2E:39:9E:7D:4E:5C:83:1E:30:36:B3:18:F5:29:47:84:3D:2D:75
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.224.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:97:2b:02:a0:0e:c4:15:2b:2a:35:b7:2d:94:a6:43:67:f9:
f7:bc:72:c7:70:b3:96:09:fc:cd:61:12:eb:c8:de:01:ef:22:
bc:f8:46:78:87:01:b5:45:28:bc:7a:0d:b7:cb:8c:03:72:24:
75:76:a7:94:f9:bb:8f:ea:8f:15:f8:85:aa:a9:96:57:c4:4f:
9f:a7:b1:f9:45:6b:5f:08:36:30:6d:bd:7b:13:4d:68:d0:2f:
f1:f1:70:60:df:f9:ed:5f:1e:32:8f:46:ab:f3:8f:52:e0:bb:
40:29:0c:38:a3:1d:af:31:fc:32:9e:60:b9:36:68:37:03:4c:
ef:e3:53:35:2e:c1:ab:27:76:cc:74:30:93:f2:dc:d6:0b:83:
9c:33:a7:b5:79:ff:62:54:55:b0:9e:4e:2e:02:73:66:3a:75:
43:d5:ec:e6:46:e2:b4:51:5a:70:84:69:65:43:61:b8:46:85:
20:dd:af:fa:da:79:be:db:01:1c:4f:fe:4f:ca:4e:b1:f6:0f:
1f:4c:0c:fd:5a:a7:ee:68:78:39:a7:6d:ee:84:81:7b:02:c2:
25:34:da:ad:15:3b:a1:db:fa:5d:fc:18:9e:ba:1e:9d:fb:d5:
68:c7:b3:25:14:99:cd:d3:69:72:56:de:ca:5a:a9:a4:6d:b0:
1b:75:4e:5b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUHC/KSGcyXgqNqnVgPbJxpGLMOxcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAwMVoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNANjE3NTIwYjNlOWZmMDllNTczYTU3
ZjNjZGE5Y2Y1YjJlMDIxYjNiN2NhZmUxYWZlMGZiZDZhYmNiMDRiMmMwNTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuURiyWK7qVVfF0FUQUnXqu1lVvQU
/zCYItVBxBvNdeGqx9H1qsOojl6FnJ/kijZd7xN44FKdxe9d6CTPQMMIY73fk7uV
SD+UZjOaLqkNTkZbfL03kWCAf7Z46So5KiBE00jKJulAY3JpvbLVLFJ3XhBl+Vlv
3bvmwJ9BoQAJPAMbGj9hBnFml9h7euksk0JtoZVWA1Hl5d8AG4eroldxAfbsEChF
saMLmFF3Pp9YlWzQy43+GoPK7KXCldD3BpM9qcdK2nEkhmIfT3pYH84deEa2K/WA
RZoc8a9FwkZn9kIRMzXp/WNe2bP18ttQV8KgmDnVXeysSILBGkBU3tnbwQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMAuOZ59TlyDHjA2sxj1KUeEPS11MB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQB6lysCoA7EFSsqNbctlKZD
Z/n3vHLHcLOWCfzNYRLryN4B7yK8+EZ4hwG1RSi8eg23y4wDciR1dqeU+buP6o8V
+IWqqZZXxE+fp7H5RWtfCDYwbb17E01o0C/x8XBg3/ntXx4yj0ar849S4LtAKQw4
ox2vMfwynmC5Nmg3A0zv41M1LsGrJ3bMdDCT8tzWC4OcM6e1ef9iVFWwnk4uAnNm
OnVD1ezmRuK0UVpwhGllQ2G4RoUg3a/62nm+2wEcT/5Pyk6x9g8fTAz9WqfuaHg5
p23uhIF7AsIlNNqtFTuh2/pd/Bieuh6d+9Vox7MlFJnN02lyVt7KWqmkbbAbdU5b
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:17:26 2025 by rpki-client