Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa
File: 05bc8dbb-c70a-48da-b45b-4448364614ff.roa (raw, json)
Hash identifier: ocvLASQXz8rTlhkLDkDlkLfx5oTzgW1cnsfFcbyEZJM=
Subject key identifier: CF:9F:C2:CD:75:43:0A:6B:C4:BB:26:82:2E:E8:0E:7F:A3:A4:3B:8A
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 0FC6B41700B706CAC7442BE19E1841B30FF75BD6
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa
Signing time: Sat 29 Mar 2025 00:00:11 +0000
ROA not before: Sat 29 Mar 2025 00:00:11 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c6:b4:17:00:b7:06:ca:c7:44:2b:e1:9e:18:41:b3:0f:f7:5b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:11 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:df:c4:05:63:43:8d:ff:15:39:9e:ae:bc:
bc:f4:bf:d2:d6:27:4a:6e:38:3e:6c:6d:7e:33:d8:
18:00:a6:b8:ed:4b:bc:24:f0:ec:1a:55:96:a8:7e:
ef:e6:8f:14:e8:28:c8:81:fd:83:1c:fb:b4:47:ef:
4f:c2:72:68:0b:8c:fa:b3:38:43:a5:d9:62:15:ea:
44:69:c2:76:c7:7f:98:8a:a2:f7:e0:97:db:15:74:
22:96:d8:76:b8:93:8e:09:64:e0:55:6c:3f:07:e7:
0d:67:54:be:cb:24:ba:be:78:96:b2:ca:79:64:40:
69:98:a0:a7:f5:19:a5:37:25:94:23:6f:d9:a4:75:
c1:1a:1d:34:72:f8:a8:49:b6:54:e8:89:7b:a0:72:
84:32:5a:7a:88:17:1f:a1:4a:06:71:2c:dc:71:95:
c9:a2:15:9d:fb:50:ed:c1:17:c5:b2:ef:d2:5d:5a:
a2:bf:8b:4b:20:06:ca:57:e8:0e:43:4d:13:fc:35:
92:8e:09:1c:15:b2:27:33:47:3d:a4:e7:a5:8f:8c:
f4:7f:d9:32:71:30:a7:2d:00:4a:4c:2b:27:af:2a:
90:be:ee:70:97:f7:04:26:8a:98:13:06:50:68:90:
a4:0c:98:b8:63:00:6d:b3:8d:a3:49:d3:66:62:4a:
4b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9F:C2:CD:75:43:0A:6B:C4:BB:26:82:2E:E8:0E:7F:A3:A4:3B:8A
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.208.0/20
Signature Algorithm: sha256WithRSAEncryption
93:c2:79:25:55:85:f3:9e:02:7c:7e:51:05:2c:ee:fa:62:d6:
fb:03:f0:28:76:1a:75:94:0a:ed:fd:32:95:79:25:6e:0f:0c:
ad:18:f8:e2:9b:49:8f:2f:3c:1e:36:f7:76:7a:dd:30:39:c9:
19:8e:d3:bc:70:2b:d9:bc:41:06:31:41:ea:46:90:4b:35:a3:
59:d3:81:85:b6:60:a8:2c:e1:df:b1:1c:a7:f5:1d:58:34:ee:
45:f3:4c:9a:ca:ce:00:48:a5:4f:da:ab:3f:cc:41:ab:fa:ff:
78:f1:a8:51:18:4e:f6:a5:51:6a:d8:82:6a:1b:a9:6f:26:44:
9a:76:1a:5a:1e:fa:de:ba:4f:b5:88:b9:c0:40:6b:62:34:99:
65:ab:d3:74:bb:7f:f1:c8:15:6e:bc:ca:63:ed:59:ca:03:37:
77:ab:99:cc:23:1b:74:48:fd:7f:d6:22:02:4d:0b:ee:a5:c1:
df:35:34:b1:54:4b:e5:21:9a:5f:e4:ff:12:e1:17:53:f8:0d:
f4:d7:b7:1f:19:1d:62:e7:aa:ed:c2:37:fa:35:88:3d:76:ae:
4e:9c:9f:26:27:fb:2c:28:84:b2:05:cc:f9:f4:f2:0c:18:42:
96:a5:01:5d:ea:57:a3:84:4f:3c:2e:0b:28:5b:e9:6f:f9:07:
a1:56:ac:39
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUD8a0FwC3BsrHRCvhnhhBsw/3W9YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAxMVoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAMDQyMGQwNDRiN2IyYmU0MjVkYjgz
NThhNjc3YzI3OGQzYWQ1YjYxMWQwNzM1YmM0YTdmNWRhNGUyMTU2NGNjNzEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubrfxAVjQ43/FTmerry89L/S1idK
bjg+bG1+M9gYAKa47Uu8JPDsGlWWqH7v5o8U6CjIgf2DHPu0R+9PwnJoC4z6szhD
pdliFepEacJ2x3+YiqL34JfbFXQilth2uJOOCWTgVWw/B+cNZ1S+yyS6vniWssp5
ZEBpmKCn9RmlNyWUI2/ZpHXBGh00cvioSbZU6Il7oHKEMlp6iBcfoUoGcSzccZXJ
ohWd+1DtwRfFsu/SXVqiv4tLIAbKV+gOQ00T/DWSjgkcFbInM0c9pOelj4z0f9ky
cTCnLQBKTCsnryqQvu5wl/cEJoqYEwZQaJCkDJi4YwBts42jSdNmYkpLsQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFM+fws11QwprxLsmgi7oDn+jpDuKMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzA1YmM4ZGJiLWM3MGEtNDhkYS1iNDViLTQ0NDgzNjQ2MTRmZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQErynQMA0GCSqGSIb3DQEBCwUAA4IBAQCTwnklVYXzngJ8flEFLO76
Ytb7A/Aodhp1lArt/TKVeSVuDwytGPjim0mPLzweNvd2et0wOckZjtO8cCvZvEEG
MUHqRpBLNaNZ04GFtmCoLOHfsRyn9R1YNO5F80yays4ASKVP2qs/zEGr+v948ahR
GE72pVFq2IJqG6lvJkSadhpaHvreuk+1iLnAQGtiNJllq9N0u3/xyBVuvMpj7VnK
Azd3q5nMIxt0SP1/1iICTQvupcHfNTSxVEvlIZpf5P8S4RdT+A3017cfGR1i56rt
wjf6NYg9dq5OnJ8mJ/ssKISyBcz59PIMGEKWpQFd6lejhE88LgsoW+lv+QehVqw5
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:52 2025 by rpki-client