Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa
File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json)
Hash identifier: zleg3iLUDvzfE9AAMQ4RXtmzwE02ahDI+utvfhS8txo=
Subject key identifier: E2:5A:23:7A:6A:30:AA:69:94:0B:FC:7E:F0:BC:97:84:44:9D:47:25
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 098A22FD2655B4DE6B65B1E6F996EF81011649D3
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa
Signing time: Sat 29 Mar 2025 00:00:09 +0000
ROA not before: Sat 29 Mar 2025 00:00:09 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:8a:22:fd:26:55:b4:de:6b:65:b1:e6:f9:96:ef:81:01:16:49:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:09 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e5:45:e5:58:e9:da:e6:08:17:10:cc:44:8b:
3d:5e:68:32:cc:28:1d:4c:6b:83:e1:bf:f7:1c:0e:
b3:27:b0:5f:14:07:2e:d7:8b:0e:90:bb:5e:ee:df:
36:01:3c:58:ab:2f:51:03:22:94:2c:5f:1c:69:34:
d3:1a:ed:c7:6d:d1:92:06:be:70:d6:0b:75:d1:d3:
c0:2d:01:43:19:75:09:e5:8b:dd:69:4b:83:01:5f:
03:c5:8e:87:51:65:ce:2c:5a:78:cb:eb:fb:d9:d9:
23:9f:6f:93:93:09:bf:d4:f5:27:2f:15:38:5d:52:
4f:a1:07:48:63:a9:90:02:bd:ae:e5:46:a2:d2:ff:
86:ef:3f:19:c1:64:58:f9:29:39:11:8f:62:b3:51:
b0:2c:56:5b:55:2d:cb:65:f0:38:54:23:99:a6:c6:
d4:68:43:3b:34:71:95:1c:8a:fd:fd:9a:a6:d1:1c:
b4:b6:e3:37:b3:8a:5a:8a:bb:80:a1:36:fd:b2:7e:
76:9a:e1:fc:51:dc:56:ec:f8:e3:2c:f2:21:c5:83:
43:1b:40:e0:72:2b:8a:35:a4:3e:20:3d:9d:fa:67:
cd:82:90:81:9b:73:09:a1:21:c8:a8:f3:b3:92:dd:
c2:22:a2:1c:a0:5c:79:2c:85:a9:7a:6a:3f:bd:53:
b1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5A:23:7A:6A:30:AA:69:94:0B:FC:7E:F0:BC:97:84:44:9D:47:25
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.224.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:0d:5a:d5:b9:3c:e3:02:fc:48:88:cb:3e:a4:0b:1f:45:de:
2f:10:b2:b9:c9:50:4e:71:d4:9b:ae:8c:c7:37:c4:96:42:f5:
4b:af:d0:69:81:c2:a9:32:ca:4a:97:09:19:af:1b:41:12:21:
d5:f8:e8:7e:8c:b1:5c:77:c1:da:cf:0e:14:49:db:66:9d:10:
1e:d5:7d:09:1e:19:d4:03:aa:87:dc:92:df:9f:67:5c:f7:5c:
50:14:98:31:af:ec:34:6e:3d:61:89:09:90:6a:a8:16:fb:9c:
54:3a:16:14:ab:02:91:ac:27:36:20:fb:6e:30:d6:da:7f:5f:
dc:96:59:30:f4:e1:5e:bc:9b:3e:ca:15:09:32:2c:68:5d:d0:
4f:54:e7:96:b6:f9:79:2d:6a:d8:e9:fb:5a:6b:68:37:d7:87:
1d:eb:c9:69:22:9b:1d:86:10:a4:f9:67:9e:44:0e:8d:2f:ee:
e2:66:b7:99:ee:fb:ca:f2:77:97:0a:47:84:48:25:bb:3f:eb:
9b:7d:50:06:c3:9c:4d:fa:03:35:92:aa:61:41:48:8b:a0:cb:
71:53:69:1a:66:b9:58:3d:f5:c8:9f:d0:58:d3:5e:b5:a6:db:
cc:95:06:76:37:e9:b5:4d:24:86:f5:e4:12:8e:de:98:33:a6:
60:56:cb:ad
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUCYoi/SZVtN5rZbHm+ZbvgQEWSdMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwOVoX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNANzdkMTE4ZmYxY2IxZTY2YWIxZWFk
ZGNkZmE5Mzc1YmIyODE2YTI4NjlkNWUyYzNjNDNjYzJkODY5MTVjNDQ4MjEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+VF5Vjp2uYIFxDMRIs9XmgyzCgd
TGuD4b/3HA6zJ7BfFAcu14sOkLte7t82ATxYqy9RAyKULF8caTTTGu3HbdGSBr5w
1gt10dPALQFDGXUJ5YvdaUuDAV8DxY6HUWXOLFp4y+v72dkjn2+Tkwm/1PUnLxU4
XVJPoQdIY6mQAr2u5Uai0v+G7z8ZwWRY+Sk5EY9is1GwLFZbVS3LZfA4VCOZpsbU
aEM7NHGVHIr9/Zqm0Ry0tuM3s4pairuAoTb9sn52muH8UdxW7PjjLPIhxYNDG0Dg
ciuKNaQ+ID2d+mfNgpCBm3MJoSHIqPOzkt3CIqIcoFx5LIWpemo/vVOxEwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOJaI3pqMKpplAv8fvC8l4REnUclMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQAODVrVuTzjAvxIiMs+pAsf
Rd4vELK5yVBOcdSbrozHN8SWQvVLr9BpgcKpMspKlwkZrxtBEiHV+Oh+jLFcd8Ha
zw4USdtmnRAe1X0JHhnUA6qH3JLfn2dc91xQFJgxr+w0bj1hiQmQaqgW+5xUOhYU
qwKRrCc2IPtuMNbaf1/cllkw9OFevJs+yhUJMixoXdBPVOeWtvl5LWrY6ftaa2g3
14cd68lpIpsdhhCk+WeeRA6NL+7iZreZ7vvK8neXCkeESCW7P+ubfVAGw5xN+gM1
kqphQUiLoMtxU2kaZrlYPfXIn9BY0161ptvMlQZ2N+m1TSSG9eQSjt6YM6ZgVsut
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:49:58 2025 by rpki-client