Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa
File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json)
Hash identifier: 6tqB0O+C6bqQLhBA8PheKesjhoFQpvvd4OhIV4tAmM8=
Subject key identifier: BF:C9:27:16:A5:6B:C8:F9:92:09:77:8E:46:38:6A:F5:D9:75:81:64
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 57F37E0C7268786B8E96F401DFBF94344CB453D5
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa
Signing time: Sat 29 Mar 2025 00:00:01 +0000
ROA not before: Sat 29 Mar 2025 00:00:01 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 122.248.232.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f3:7e:0c:72:68:78:6b:8e:96:f4:01:df:bf:94:34:4c:b4:53:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Mar 29 00:00:01 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d8:25:f1:3c:6e:93:21:d1:ec:15:22:3a:18:
e3:7a:57:54:ec:71:ca:9e:0d:18:a3:d3:a2:71:d2:
86:25:84:4a:97:8e:b0:1f:31:2c:d3:1e:9c:60:7d:
c4:5f:6e:47:f3:3c:eb:a5:af:3d:e8:89:8a:a6:5f:
82:8f:49:66:47:cb:db:77:b7:75:aa:52:6c:a6:00:
cc:20:a5:62:32:e5:0e:d8:2f:14:41:b1:a7:d4:2b:
e2:af:61:7a:e6:a5:04:5d:04:3e:1b:5c:22:b0:f8:
c5:da:91:44:f1:3b:87:65:81:91:7c:9c:03:12:27:
14:a3:2d:8e:ca:1b:8f:ae:dc:da:29:f9:97:a6:57:
78:6b:9d:ad:4f:16:f3:9f:2e:1d:c1:ff:e4:c1:19:
7e:11:7d:7a:c2:56:14:82:0f:76:4a:7a:b4:6b:b2:
db:47:34:5a:86:b6:83:67:2b:66:f2:a4:aa:6f:7b:
d5:bc:62:e7:06:14:3f:3b:78:f1:82:d2:98:b4:3c:
3c:5e:9a:5b:eb:ac:83:11:5c:d6:bf:39:5e:59:1a:
b3:d6:af:46:73:25:b9:34:ed:e6:78:24:1c:6c:11:
01:f0:d9:3e:96:57:12:83:e8:05:f8:71:06:2e:8a:
e5:4d:b1:c5:e3:2e:98:07:48:45:fc:66:5f:df:79:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C9:27:16:A5:6B:C8:F9:92:09:77:8E:46:38:6A:F5:D9:75:81:64
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.232.0/21
Signature Algorithm: sha256WithRSAEncryption
94:b8:9c:bf:2b:20:14:42:b5:43:e5:39:83:5a:73:7f:f3:b7:
ac:51:da:17:41:07:2e:61:65:d5:20:0c:b6:63:53:77:0a:3e:
d9:64:b1:a0:82:a1:02:8c:c7:da:b0:06:f8:29:f2:6a:4b:89:
0f:15:eb:22:23:7b:0d:80:bc:ba:ce:1b:bf:4a:90:cd:29:9d:
fb:d6:a7:af:61:e1:6c:6a:67:fa:b3:80:e0:e5:e8:35:f2:7b:
9f:06:76:ee:c4:86:f8:18:c6:2c:b6:be:be:5c:1e:d1:70:ad:
99:aa:c1:e9:53:f4:12:45:26:cb:0c:93:05:c0:e3:b2:12:5d:
9c:1a:91:f3:40:9d:09:6f:aa:66:a5:bc:d9:bb:8d:af:38:ac:
69:b1:e4:39:6f:e3:f6:47:df:06:f7:64:a1:a8:0c:63:86:c1:
60:78:44:1b:3d:5e:94:3a:9b:2c:96:0f:25:c2:5f:59:c1:56:
0b:f8:bc:0b:65:32:45:a7:ac:58:1c:ea:b2:26:5e:b3:be:f7:
be:e4:48:7d:59:2d:e2:cc:bb:df:24:04:3f:e8:59:d4:82:b4:
51:73:95:58:b8:bd:5a:0f:b7:6e:d6:86:20:b2:1b:a6:f0:9c:
d5:f8:07:77:88:2e:69:01:c0:24:ed:9b:2b:f4:ec:80:4c:6d:
5a:8b:c4:75
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUV/N+DHJoeGuOlvQB37+UNEy0U9UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAwMVoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNANzhlNWNiZjFiZTc3ZTRiYmEyYTA3
M2IxNTUxYjlhMWM4OTczYzEyYzgyZDAxYTU0NzgwYTVhY2JlM2Q1NTMwNDEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNgl8TxukyHR7BUiOhjjeldU7HHK
ng0Yo9OicdKGJYRKl46wHzEs0x6cYH3EX25H8zzrpa896ImKpl+Cj0lmR8vbd7d1
qlJspgDMIKViMuUO2C8UQbGn1Cvir2F65qUEXQQ+G1wisPjF2pFE8TuHZYGRfJwD
EicUoy2OyhuPrtzaKfmXpld4a52tTxbzny4dwf/kwRl+EX16wlYUgg92Snq0a7Lb
RzRahraDZytm8qSqb3vVvGLnBhQ/O3jxgtKYtDw8Xppb66yDEVzWvzleWRqz1q9G
cyW5NO3meCQcbBEB8Nk+llcSg+gF+HEGLorlTbHF4y6YB0hF/GZf33kmHQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFL/JJxala8j5kgl3jkY4avXZdYFkMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQCUuJy/KyAUQrVD5TmDWnN/
87esUdoXQQcuYWXVIAy2Y1N3Cj7ZZLGggqECjMfasAb4KfJqS4kPFesiI3sNgLy6
zhu/SpDNKZ371qevYeFsamf6s4Dg5eg18nufBnbuxIb4GMYstr6+XB7RcK2ZqsHp
U/QSRSbLDJMFwOOyEl2cGpHzQJ0Jb6pmpbzZu42vOKxpseQ5b+P2R98G92ShqAxj
hsFgeEQbPV6UOpsslg8lwl9ZwVYL+LwLZTJFp6xYHOqyJl6zvve+5Eh9WS3izLvf
JAQ/6FnUgrRRc5VYuL1aD7du1oYgshum8JzV+Ad3iC5pAcAk7Zsr9OyATG1ai8R1
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:18 2025 by rpki-client