Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/1c3d5732-1954-4639-aac1-b9229445deac.roa
File: 1c3d5732-1954-4639-aac1-b9229445deac.roa (raw, json)
Hash identifier: qJD4kDa2wjqh5XvKp0vGCmlYV/NlyjouJATrJTZNO/k=
Subject key identifier: 2F:B0:D1:4C:C0:8C:6F:EB:63:5B:35:B5:74:A0:B1:B1:C8:6C:45:D7
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 1C7E72F0A119C31A8E85C2E6D836C886B3E63782
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/1c3d5732-1954-4639-aac1-b9229445deac.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 175.41.192.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:7e:72:f0:a1:19:c3:1a:8e:85:c2:e6:d8:36:c8:86:b3:e6:37:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fb:83:ec:06:75:af:dc:03:37:3a:41:b0:e1:
dc:90:03:2e:84:e0:67:26:f8:3f:79:02:44:27:90:
c8:3d:50:11:c1:29:3c:83:05:24:4e:a6:3b:36:12:
e8:43:7f:78:4b:d2:5c:40:1c:54:2c:e2:92:22:f2:
96:0c:a5:a8:7b:85:db:a8:ab:a6:fb:55:d6:cd:b1:
cb:b1:d0:d1:94:dc:92:b7:6d:7b:a9:8e:41:ea:82:
ac:ce:87:90:dc:b6:4b:a5:b2:08:cb:ec:d8:49:2e:
4a:60:c9:1f:8a:7e:36:2f:ba:4b:48:b7:64:88:80:
2c:8a:29:b7:8f:00:30:b0:c2:e2:33:03:ee:01:8e:
92:5e:74:ac:28:8c:37:6d:13:ce:94:0f:37:e8:a0:
9a:8f:30:93:f1:29:79:66:a4:70:ba:e6:7a:66:8b:
aa:bd:a9:63:64:13:d0:4e:bb:48:53:74:04:56:d2:
1c:1e:33:bc:2b:c1:d4:4e:dc:2d:53:aa:40:19:4e:
98:05:ef:48:12:26:2a:91:f0:8d:86:a9:ef:f3:e4:
80:54:ca:25:70:ef:f5:b0:12:d7:0e:a9:20:06:88:
b6:82:e6:b8:0b:ac:74:40:3e:91:12:ff:63:ee:62:
bb:24:4e:dd:5f:b3:66:2d:c4:31:af:c5:0c:19:8e:
38:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B0:D1:4C:C0:8C:6F:EB:63:5B:35:B5:74:A0:B1:B1:C8:6C:45:D7
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/1c3d5732-1954-4639-aac1-b9229445deac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.192.0/18
Signature Algorithm: sha256WithRSAEncryption
6c:f5:58:86:c0:47:47:0c:61:aa:87:c8:1a:58:b0:2d:ee:6d:
90:1e:b2:18:7f:c9:e7:14:84:8d:5b:c5:21:15:ed:ca:92:28:
4b:e6:58:9c:15:20:2a:3f:3c:da:21:ed:a0:ec:db:f1:d1:92:
89:96:33:7f:cb:fd:4b:f9:9d:d4:c3:7e:07:78:86:1f:7a:9a:
c0:e3:69:fe:e2:04:0d:a5:b3:fb:cb:99:44:1b:e2:b7:a3:9a:
01:7c:cb:79:63:a9:d4:16:9f:15:d5:c3:91:47:b7:6c:9c:29:
8b:a5:07:f4:c0:73:6b:f7:b6:bc:4f:19:6b:f4:3d:5a:15:9b:
6a:63:c0:9f:bd:ab:0c:71:f1:5c:8b:fb:58:39:96:24:46:66:
a7:a6:a8:c0:6e:2b:2b:c1:aa:f4:46:2c:61:26:8c:64:a9:63:
6d:cf:91:ee:b7:63:f8:ac:e2:5f:78:ef:c6:b2:97:e9:bd:6b:
d5:24:22:bc:02:85:37:3a:b3:51:38:0d:96:d0:b7:9a:aa:99:
b4:b0:c8:d8:cb:7b:ef:a4:fd:48:42:a1:5d:25:07:0d:00:b6:
cd:bf:41:e5:77:75:a5:4e:68:2a:d5:91:9c:51:03:20:fb:de:
64:8e:93:08:e3:12:f7:88:1f:b4:0c:c9:4a:90:52:4c:c2:c7:
4a:a7:00:bd
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUHH5y8KEZwxqOhcLm2DbIhrPmN4IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNAZTk2YTNhOWU4ZjdjZWY0MmQ5NjIx
NDVhMjUwYmQ0NGFlOThkNjFmMjYwODUxMmRiMWNlMjMwMWNjNzkzOGFlNTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfuD7AZ1r9wDNzpBsOHckAMuhOBn
Jvg/eQJEJ5DIPVARwSk8gwUkTqY7NhLoQ394S9JcQBxULOKSIvKWDKWoe4XbqKum
+1XWzbHLsdDRlNySt217qY5B6oKszoeQ3LZLpbIIy+zYSS5KYMkfin42L7pLSLdk
iIAsiim3jwAwsMLiMwPuAY6SXnSsKIw3bRPOlA836KCajzCT8Sl5ZqRwuuZ6Zouq
valjZBPQTrtIU3QEVtIcHjO8K8HUTtwtU6pAGU6YBe9IEiYqkfCNhqnv8+SAVMol
cO/1sBLXDqkgBoi2gua4C6x0QD6REv9j7mK7JE7dX7NmLcQxr8UMGY44tQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFC+w0UzAjG/rY1s1tXSgsbHIbEXXMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzFjM2Q1NzMyLTE5NTQtNDYzOS1hYWMxLWI5MjI5NDQ1ZGVhYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGrynAMA0GCSqGSIb3DQEBCwUAA4IBAQBs9ViGwEdHDGGqh8gaWLAt
7m2QHrIYf8nnFISNW8UhFe3KkihL5licFSAqPzzaIe2g7Nvx0ZKJljN/y/1L+Z3U
w34HeIYfeprA42n+4gQNpbP7y5lEG+K3o5oBfMt5Y6nUFp8V1cORR7dsnCmLpQf0
wHNr97a8Txlr9D1aFZtqY8CfvasMcfFci/tYOZYkRmanpqjAbisrwar0RixhJoxk
qWNtz5Hut2P4rOJfeO/GspfpvWvVJCK8AoU3OrNROA2W0Leaqpm0sMjYy3vvpP1I
QqFdJQcNALbNv0Hld3WlTmgq1ZGcUQMg+95kjpMI4xL3iB+0DMlKkFJMwsdKpwC9
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:54:26 2025 by rpki-client