Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa
File: 0bf15d3f-c546-4bb6-a764-82165c384d37.roa (raw, json)
Hash identifier: UAg3zdQs9f6TURCal/DbHrdZFr3QPbQ5YWln3Tgmxo4=
Subject key identifier: 85:48:34:3A:51:2D:05:CF:D6:D3:8B:44:D2:14:56:0D:4A:49:0B:02
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 4578AA9A623D2B3163F0AD7C93D1B5ABCC8FD26C
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa
Signing time: Sat 29 Mar 2025 00:00:08 +0000
ROA not before: Sat 29 Mar 2025 00:00:08 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.200.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:78:aa:9a:62:3d:2b:31:63:f0:ad:7c:93:d1:b5:ab:cc:8f:d2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:08 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0c:aa:ae:fb:72:b5:18:e9:b5:d5:ad:ff:3f:
96:50:73:3a:85:42:85:77:88:df:74:ee:5f:60:2e:
47:95:61:1d:46:31:9f:1f:7d:cd:e1:4b:e9:43:7b:
4d:85:b6:ec:29:9e:7f:e6:88:d9:19:a8:f5:33:01:
7b:43:22:22:fa:15:11:19:0d:b8:69:fc:9f:17:3a:
f1:22:24:a5:ea:f1:56:30:98:23:8e:74:3b:c4:c7:
d6:4d:18:0d:3a:0c:c5:02:01:9e:1a:fb:76:52:19:
1e:37:46:34:2b:bd:25:11:b3:77:06:18:89:01:b1:
73:ca:b2:af:ad:b0:22:49:66:f8:45:ba:97:b4:04:
a5:a7:5e:59:7c:46:a7:63:2a:a3:57:f1:15:3a:25:
c4:aa:d7:a7:c0:ce:fd:d4:9a:c5:4f:c7:12:58:80:
3e:29:69:c6:fa:9b:a2:0c:4b:e8:40:c7:dc:71:5c:
c5:e2:85:2e:ba:a0:7b:57:e3:a8:0e:e0:19:61:d4:
b2:76:0f:3b:e6:58:8a:08:4a:bb:a8:df:02:c2:f4:
ec:1e:40:6c:5c:00:cb:01:f9:83:4e:77:48:4b:3a:
01:b7:4f:bf:24:4b:0f:47:b6:70:6a:c5:56:4b:21:
32:d7:9a:27:14:6a:0f:90:79:81:f1:96:1a:1c:60:
7f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:48:34:3A:51:2D:05:CF:D6:D3:8B:44:D2:14:56:0D:4A:49:0B:02
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.200.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:a5:65:bc:b1:23:eb:95:42:c5:b8:56:e2:70:57:67:40:ab:
23:df:8c:2e:80:fd:56:a1:9f:bb:d2:d4:67:26:65:4f:8f:14:
33:52:ea:46:06:f4:ed:0f:25:72:68:04:22:52:35:83:5b:c2:
79:a1:72:78:3b:30:b5:f2:26:9f:14:37:a5:3a:78:c2:b8:f8:
37:8b:74:7b:47:48:07:95:a2:31:47:13:ac:74:f0:e1:eb:35:
ff:13:63:48:2c:e1:c2:97:aa:db:2f:b1:99:9f:6f:11:25:51:
65:88:d6:c1:49:18:24:1a:1a:cc:c9:8f:19:d6:0b:e5:5c:05:
e8:2d:f8:ab:6d:61:01:fe:8e:2b:eb:f3:2c:4d:40:d9:48:94:
cb:69:4d:08:d3:17:48:05:3a:bf:09:65:28:0b:28:66:ae:1d:
0d:e2:af:4e:7c:dd:0c:af:94:71:03:c6:18:f5:9a:ff:75:d8:
4f:4c:fa:36:a1:b2:37:7e:67:49:1c:f6:5a:f8:17:81:6d:73:
bd:50:7d:ef:95:0b:49:54:32:a5:c9:48:1f:5b:84:07:04:8a:
e0:2f:83:0f:22:f7:b7:82:78:6d:0c:b7:8e:b0:5a:04:5d:af:
5a:02:33:ad:97:9e:a3:31:9d:f6:46:e9:63:1e:d8:d8:73:d1:
c8:03:0c:93
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIURXiqmmI9KzFj8K18k9G1q8yP0mwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwOFoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAOWRhZDI2ODY4NTdmNmM5OWFhNTll
MzRkNzlmNDliYmE1N2YwYTZiOWQ3ZDRhNjJiNTg2MTM0YmMwOTQwNWYwMzEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAyqrvtytRjptdWt/z+WUHM6hUKF
d4jfdO5fYC5HlWEdRjGfH33N4UvpQ3tNhbbsKZ5/5ojZGaj1MwF7QyIi+hURGQ24
afyfFzrxIiSl6vFWMJgjjnQ7xMfWTRgNOgzFAgGeGvt2UhkeN0Y0K70lEbN3BhiJ
AbFzyrKvrbAiSWb4RbqXtASlp15ZfEanYyqjV/EVOiXEqtenwM791JrFT8cSWIA+
KWnG+puiDEvoQMfccVzF4oUuuqB7V+OoDuAZYdSydg875liKCEq7qN8CwvTsHkBs
XADLAfmDTndISzoBt0+/JEsPR7ZwasVWSyEy15onFGoPkHmB8ZYaHGB/EQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIVINDpRLQXP1tOLRNIUVg1KSQsCMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzBiZjE1ZDNmLWM1NDYtNGJiNi1hNzY0LTgyMTY1YzM4NGQzNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDrynIMA0GCSqGSIb3DQEBCwUAA4IBAQC0pWW8sSPrlULFuFbicFdn
QKsj34wugP1WoZ+70tRnJmVPjxQzUupGBvTtDyVyaAQiUjWDW8J5oXJ4OzC18iaf
FDelOnjCuPg3i3R7R0gHlaIxRxOsdPDh6zX/E2NILOHCl6rbL7GZn28RJVFliNbB
SRgkGhrMyY8Z1gvlXAXoLfirbWEB/o4r6/MsTUDZSJTLaU0I0xdIBTq/CWUoCyhm
rh0N4q9OfN0Mr5RxA8YY9Zr/ddhPTPo2obI3fmdJHPZa+BeBbXO9UH3vlQtJVDKl
yUgfW4QHBIrgL4MPIve3gnhtDLeOsFoEXa9aAjOtl56jMZ32RuljHtjYc9HIAwyT
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:21:19 2025 by rpki-client