Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa
File: 0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa (raw, json)
Hash identifier: ajby4SBcL7viiqBlsrhU5zek82xmkiOHrOcWywgKr70=
Subject key identifier: EE:74:18:A4:37:11:98:78:65:72:D6:4A:CD:40:71:1C:78:C1:91:33
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 30B210C80A6CDFD55C663E386CDF42A73E643E4C
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa
Signing time: Sat 29 Mar 2025 00:00:08 +0000
ROA not before: Sat 29 Mar 2025 00:00:08 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.232.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b2:10:c8:0a:6c:df:d5:5c:66:3e:38:6c:df:42:a7:3e:64:3e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:08 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:25:b2:17:69:15:8e:b2:3d:22:40:6f:cc:79:
60:4e:11:c1:96:8d:33:bf:8c:c4:7f:c5:49:c8:23:
fd:0e:2c:4b:e1:15:2f:3b:94:9a:09:ef:d6:64:cf:
e5:2c:2f:27:81:b0:3b:34:bf:ab:2a:22:b9:54:5d:
3d:b0:23:cb:5c:29:31:71:a8:74:82:83:57:d3:60:
47:ff:cb:89:0b:34:31:00:76:3c:b0:d3:6c:1e:15:
14:04:32:cb:3d:2b:ab:26:2a:90:b5:79:cb:87:56:
39:23:8d:a6:cc:8d:39:9f:32:b1:fb:68:d8:c8:b8:
60:fd:60:ce:e7:12:cf:80:fe:be:6c:3d:e6:c4:b4:
d0:cc:26:3d:4c:46:13:ba:1b:21:2f:7b:6e:b2:ed:
8c:25:8a:60:33:00:15:80:98:69:a3:8f:09:b6:55:
e2:3a:09:01:80:2c:6e:65:6e:bf:3d:a4:52:88:ff:
0f:4f:e5:52:91:5a:00:63:d5:8d:a4:a4:4b:0f:01:
79:fd:0a:0d:43:64:4f:00:c5:7a:18:20:65:9d:63:
59:d6:39:de:36:d1:db:cf:37:2d:8a:46:7a:73:d2:
a1:06:c3:e5:85:f1:18:c2:18:e4:17:aa:58:91:ee:
98:ca:38:6b:ea:f7:99:09:e5:18:dc:8b:53:ae:da:
ef:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:74:18:A4:37:11:98:78:65:72:D6:4A:CD:40:71:1C:78:C1:91:33
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:c5:f2:97:d6:41:c3:48:f3:56:78:7d:5e:9b:1e:94:d0:26:
67:cb:c6:2e:08:04:c6:3d:64:b1:a6:31:48:bd:cb:bf:46:ee:
b7:36:ba:2c:91:73:92:76:cb:7b:78:3c:8f:b7:51:06:c7:25:
63:fb:03:14:f3:de:e0:20:58:22:da:90:65:a8:8a:8f:6d:90:
29:0c:04:3a:1a:00:cf:8d:18:04:9b:7a:3a:32:65:c4:75:61:
3b:0a:83:ff:ae:ac:99:8b:e9:03:2c:3e:5c:97:c7:86:17:02:
91:8a:3d:39:7b:8f:c1:df:b4:58:c2:f4:15:e5:b9:dc:37:6b:
b2:2b:9d:cb:3a:b5:bc:87:33:f9:48:7b:d8:38:6c:1b:f5:a0:
8e:5d:9f:06:d6:66:34:56:cd:9d:bd:c4:a3:95:de:7d:c0:92:
8f:cd:1b:5b:e7:35:81:7b:2b:7b:eb:c0:4a:3e:0f:eb:d1:57:
cd:4e:ee:1e:c8:68:42:bd:73:13:e6:5f:bc:72:99:91:17:33:
ef:c3:c4:00:ed:96:c1:82:36:8e:8f:87:b8:1d:1d:d7:8f:e5:
9e:dd:ca:38:66:51:78:ec:a2:cc:00:d2:e1:de:a7:34:f8:2d:
84:3c:85:36:c4:1d:c7:ea:4a:51:da:5a:fa:07:3e:7b:10:7a:
19:33:6b:aa
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUMLIQyAps39VcZj44bN9Cpz5kPkwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwOFoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAMDY3Y2FkYzNiZjdkNzg3MWZmMmFi
MTUyYzliODg2OTYyOWM5ZDkwODFkZTU2MmEzMDBiZWM5ZGUwY2ExYzI2NDEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiWyF2kVjrI9IkBvzHlgThHBlo0z
v4zEf8VJyCP9DixL4RUvO5SaCe/WZM/lLC8ngbA7NL+rKiK5VF09sCPLXCkxcah0
goNX02BH/8uJCzQxAHY8sNNsHhUUBDLLPSurJiqQtXnLh1Y5I42mzI05nzKx+2jY
yLhg/WDO5xLPgP6+bD3mxLTQzCY9TEYTuhshL3tusu2MJYpgMwAVgJhpo48JtlXi
OgkBgCxuZW6/PaRSiP8PT+VSkVoAY9WNpKRLDwF5/QoNQ2RPAMV6GCBlnWNZ1jne
NtHbzzctikZ6c9KhBsPlhfEYwhjkF6pYke6Yyjhr6veZCeUY3ItTrtrvxwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFO50GKQ3EZh4ZXLWSs1AcRx4wZEzMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzBjNWM1NGZmLWY5NzctNGI5Ni04Y2U5LWExZWFmMDgyZmU5Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCrynoMA0GCSqGSIb3DQEBCwUAA4IBAQC2xfKX1kHDSPNWeH1emx6U
0CZny8YuCATGPWSxpjFIvcu/Ru63NroskXOSdst7eDyPt1EGxyVj+wMU897gIFgi
2pBlqIqPbZApDAQ6GgDPjRgEm3o6MmXEdWE7CoP/rqyZi+kDLD5cl8eGFwKRij05
e4/B37RYwvQV5bncN2uyK53LOrW8hzP5SHvYOGwb9aCOXZ8G1mY0Vs2dvcSjld59
wJKPzRtb5zWBeyt768BKPg/r0VfNTu4eyGhCvXMT5l+8cpmRFzPvw8QA7ZbBgjaO
j4e4HR3Xj+We3co4ZlF47KLMANLh3qc0+C2EPIU2xB3H6kpR2lr6Bz57EHoZM2uq
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:02 2025 by rpki-client