Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa
File: adf75e2e-9d2c-4718-a49d-ad44079b266b.roa (raw, json)
Hash identifier: 3p9SMj6HqOg2tRHc6wE/ToWCo/C6aysljs5YWDx8w9Q=
Subject key identifier: D0:C3:8C:BF:EB:FD:E8:04:C6:B0:19:EC:8B:6F:B1:41:24:1D:F7:A4
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 2197CB1492E68417ABAA122A09DB6A650A7E52AE
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa
Signing time: Sat 29 Mar 2025 00:00:14 +0000
ROA not before: Sat 29 Mar 2025 00:00:14 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:97:cb:14:92:e6:84:17:ab:aa:12:2a:09:db:6a:65:0a:7e:52:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 29 00:00:14 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cc:d9:89:f8:51:71:43:c2:82:bb:df:d4:4d:
98:09:f6:bd:6e:52:51:9d:9c:df:83:03:9d:85:28:
e8:c1:0a:37:92:11:af:bd:9d:25:be:a9:65:9d:b0:
42:3d:28:fa:ea:1c:a2:1b:d7:cb:89:58:a5:83:ab:
84:43:20:48:ae:ec:47:0e:be:d0:b0:3d:78:fb:69:
26:3b:62:7d:36:cb:c5:99:05:81:52:9b:c7:6c:43:
ec:50:28:a5:34:07:f3:63:f4:24:8a:80:05:05:6d:
71:04:d0:fd:58:26:00:98:79:41:ef:d2:a1:20:bd:
45:de:71:98:10:99:9c:25:7d:71:ba:7d:78:06:55:
26:7f:65:67:c2:04:ec:ea:7a:67:0b:68:9f:76:08:
b6:8c:d7:91:68:c6:e7:b1:71:90:28:6b:27:c3:31:
ec:3d:cd:3c:9c:02:c9:57:85:55:2f:31:84:a2:50:
bd:9c:6a:8e:86:04:1b:e5:0f:d6:75:a6:9e:4c:dd:
e9:95:4c:6d:1f:d6:bc:19:63:b2:9b:8e:3b:42:92:
52:ac:30:e8:09:2f:5f:46:d8:d7:31:d9:8b:d5:d5:
c5:f8:bb:08:d8:f9:b7:d9:9c:0c:85:d2:c2:35:c4:
96:da:d4:83:90:88:f1:5e:d9:39:3b:05:87:57:76:
c4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C3:8C:BF:EB:FD:E8:04:C6:B0:19:EC:8B:6F:B1:41:24:1D:F7:A4
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.152.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:c6:a6:d2:bb:76:d8:22:dc:ee:50:b7:a0:d8:82:4c:a0:95:
9f:8a:a0:34:15:44:b9:8c:c3:4d:5c:16:da:9d:a9:ac:8c:36:
ae:c6:02:42:cf:6c:9c:ae:27:40:d1:1b:ff:43:c3:1b:a0:c3:
27:41:0e:b3:5f:e1:ab:45:91:74:c1:bb:9c:37:6f:92:95:5b:
4e:e3:37:56:75:b8:c9:4a:c0:d2:23:4b:5d:37:45:d9:39:df:
d9:4d:aa:e6:04:ee:cf:81:61:27:35:ca:79:a9:f2:af:c9:1b:
55:c6:a7:9e:23:7d:89:90:d3:36:dc:95:a0:fc:35:94:f8:a3:
84:ad:95:d3:f5:30:1e:fa:56:de:2a:6d:39:8b:3e:e2:47:7d:
e3:81:e2:2d:72:d6:d5:61:01:06:49:bb:50:21:13:a4:14:69:
1d:84:a3:85:45:f1:7c:5f:74:12:76:6f:44:85:83:dd:39:38:
e0:de:a1:cd:cf:a0:7e:e3:3c:69:bb:cd:1a:29:a0:57:e3:3f:
ac:4b:23:e4:3c:08:21:69:c1:46:9b:9c:cd:46:ba:92:c1:ea:
f2:cb:f6:eb:5c:a8:87:c6:64:d0:90:ea:43:72:9a:ec:95:15:
e3:ab:04:ba:d3:a1:d4:55:80:4b:6a:9a:aa:ab:b2:b1:7a:6b:
69:4c:09:72
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUIZfLFJLmhBerqhIqCdtqZQp+Uq4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAxNFoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZTIxY2Y2YjFjNmU1YTVjY2FkNDc2
YjFlMTg0OWNiOTFhMDBmZjQ5OTg0NjUwNDg2M2UwZjE2NTc4MDZmMjY3NjEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtszZifhRcUPCgrvf1E2YCfa9blJR
nZzfgwOdhSjowQo3khGvvZ0lvqllnbBCPSj66hyiG9fLiVilg6uEQyBIruxHDr7Q
sD14+2kmO2J9NsvFmQWBUpvHbEPsUCilNAfzY/QkioAFBW1xBND9WCYAmHlB79Kh
IL1F3nGYEJmcJX1xun14BlUmf2VnwgTs6npnC2ifdgi2jNeRaMbnsXGQKGsnwzHs
Pc08nALJV4VVLzGEolC9nGqOhgQb5Q/WdaaeTN3plUxtH9a8GWOym447QpJSrDDo
CS9fRtjXMdmL1dXF+LsI2Pm32ZwMhdLCNcSW2tSDkIjxXtk5OwWHV3bESQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNDDjL/r/egExrAZ7ItvsUEkHfekMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2FkZjc1ZTJlLTlkMmMtNDcxOC1hNDlkLWFkNDQwNzliMjY2Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDrymYMA0GCSqGSIb3DQEBCwUAA4IBAQAsxqbSu3bYItzuULeg2IJM
oJWfiqA0FUS5jMNNXBbanamsjDauxgJCz2ycridA0Rv/Q8MboMMnQQ6zX+GrRZF0
wbucN2+SlVtO4zdWdbjJSsDSI0tdN0XZOd/ZTarmBO7PgWEnNcp5qfKvyRtVxqee
I32JkNM23JWg/DWU+KOErZXT9TAe+lbeKm05iz7iR33jgeItctbVYQEGSbtQIROk
FGkdhKOFRfF8X3QSdm9EhYPdOTjg3qHNz6B+4zxpu80aKaBX4z+sSyPkPAghacFG
m5zNRrqSweryy/brXKiHxmTQkOpDcprslRXjqwS606HUVYBLapqqq7KxemtpTAly
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:45:19 2025 by rpki-client