Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa
File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json)
Hash identifier: Nq+0Bo8Z+u78r9iGgofp8lE33S//35JWtZhdc+5Nuyk=
Subject key identifier: 70:06:8E:5B:0C:18:82:C5:D8:B5:70:51:4D:1B:50:18:BA:72:ED:56
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 480FCECE167748C956DE310EAFCCF6E1B2FDD90C
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa
Signing time: Mon 24 Mar 2025 15:00:00 +0000
ROA not before: Mon 24 Mar 2025 15:00:00 +0000
ROA not after: Mon 28 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.250.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:0f:ce:ce:16:77:48:c9:56:de:31:0e:af:cc:f6:e1:b2:fd:d9:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 24 15:00:00 2025 GMT
Not After : Apr 28 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c7:3d:d6:e2:d9:b7:17:d0:05:11:f0:c1:46:
c7:57:df:dd:c5:30:c4:54:c0:7e:ef:68:2b:3d:d0:
98:e2:98:a9:66:4b:96:88:ec:bb:b0:56:44:1b:1f:
87:47:32:8d:78:e8:97:42:62:0b:98:c2:f2:39:47:
17:eb:ba:38:15:3c:d6:87:df:3c:1f:ed:80:fe:dc:
0c:2f:2f:16:94:17:9c:5c:de:e3:6e:25:c7:0e:7d:
c2:46:db:1d:91:8a:ec:7c:e2:4f:31:30:95:9c:1f:
c2:cd:9e:d0:c5:13:a2:9a:dc:e8:0f:d4:23:32:a6:
5f:cc:1c:c4:9f:23:5f:b2:1d:87:95:f1:3a:f0:92:
6f:df:80:91:bc:2c:c9:d8:03:df:2e:85:bd:84:a9:
e9:2a:5f:44:cd:93:96:3c:e7:2a:92:e0:f6:3b:12:
f1:64:3d:dc:55:07:4e:31:82:2c:72:f9:b2:5f:f5:
c3:db:33:8d:98:70:3e:f2:f6:ad:0d:d1:df:73:e3:
c5:ee:9c:76:98:cd:54:73:c1:1b:35:e5:dd:32:a8:
5e:4d:62:d2:3e:f9:ac:e2:98:5a:5b:9d:49:7f:48:
4c:7a:0b:77:ff:4c:1d:4c:24:c6:66:87:92:3a:e1:
c1:2c:81:91:57:05:51:e6:04:89:bb:06:ad:bc:01:
b4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:06:8E:5B:0C:18:82:C5:D8:B5:70:51:4D:1B:50:18:BA:72:ED:56
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
48:b6:2e:c8:14:f8:6b:9f:24:b6:e8:40:d1:ad:c8:56:6b:16:
6c:5c:47:9d:40:d0:1a:1f:53:72:e9:7a:69:64:b6:b3:3f:8e:
87:b7:6a:f5:2c:86:59:4d:9b:40:6f:cf:2e:90:fc:e1:a4:55:
1d:01:47:89:f6:e4:a9:51:ab:85:6c:92:2c:5b:eb:c9:6d:9a:
b4:89:78:2f:47:77:bd:14:eb:08:f7:39:c8:8e:20:7a:c4:58:
c7:9e:58:e6:8f:41:63:b1:c4:fe:95:bb:a4:c8:fc:8d:6e:ab:
63:62:a4:ff:2e:51:cb:60:7b:85:de:9b:b3:75:f0:4e:f9:f7:
a5:40:18:87:43:f9:2e:fa:2c:b8:37:12:6c:9a:ed:c9:5b:72:
01:b9:cb:f4:c4:a0:ab:48:27:17:38:1e:52:c0:ea:ce:e3:d0:
d6:33:b7:9a:0a:76:ce:e8:65:0d:b7:91:34:1d:3c:8a:d9:d9:
37:6f:1e:f9:47:b0:10:fc:33:07:51:0e:13:d8:fd:b6:b5:bf:
63:f9:96:59:0d:60:ca:95:59:45:c8:e4:56:e1:aa:86:1e:4d:
87:90:c2:f7:b7:09:13:bb:a0:45:27:8a:50:3a:90:89:c3:89:
4c:53:9f:df:9d:6e:11:0c:a7:2e:68:07:7c:a1:97:0a:18:38:
e1:ff:20:45
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUSA/OzhZ3SMlW3jEOr8z24bL92QwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyNDE1MDAwMFoX
DTI1MDQyODIzNTk1OVowejFJMEcGA1UEBRNAMmE0OTI5MWMxZWU5YTdhYmU5YjFm
M2Q3YzcxZGVkZmM5ZWJkYmRmZDFkMDU0NTE1ZmFiYzBhZjAwOGU1NmIwMjEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcc91uLZtxfQBRHwwUbHV9/dxTDE
VMB+72grPdCY4pipZkuWiOy7sFZEGx+HRzKNeOiXQmILmMLyOUcX67o4FTzWh988
H+2A/twMLy8WlBecXN7jbiXHDn3CRtsdkYrsfOJPMTCVnB/CzZ7QxROimtzoD9Qj
MqZfzBzEnyNfsh2HlfE68JJv34CRvCzJ2APfLoW9hKnpKl9EzZOWPOcqkuD2OxLx
ZD3cVQdOMYIscvmyX/XD2zONmHA+8vatDdHfc+PF7px2mM1Uc8EbNeXdMqheTWLS
Pvms4phaW51Jf0hMegt3/0wdTCTGZoeSOuHBLIGRVwVR5gSJuwatvAG02wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHAGjlsMGILF2LVwUU0bUBi6cu1WMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQBIti7IFPhrnyS26EDRrchW
axZsXEedQNAaH1Ny6XppZLazP46Ht2r1LIZZTZtAb88ukPzhpFUdAUeJ9uSpUauF
bJIsW+vJbZq0iXgvR3e9FOsI9znIjiB6xFjHnljmj0FjscT+lbukyPyNbqtjYqT/
LlHLYHuF3puzdfBO+felQBiHQ/ku+iy4NxJsmu3JW3IBucv0xKCrSCcXOB5SwOrO
49DWM7eaCnbO6GUNt5E0HTyK2dk3bx75R7AQ/DMHUQ4T2P22tb9j+ZZZDWDKlVlF
yORW4aqGHk2HkML3twkTu6BFJ4pQOpCJw4lMU5/fnW4RDKcuaAd8oZcKGDjh/yBF
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:22 2025 by rpki-client