Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa
File: 82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa (raw, json)
Hash identifier: FipvBuxAAt9UcMBwE/aNfqxpEQPUF5ijBQUDz2VBT/Y=
Subject key identifier: C8:2B:91:E4:B8:A9:20:74:D7:3F:BE:3C:56:6E:19:02:E1:3C:82:03
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 66F7353C7D71A44C38D94F9B722360A9E94328E5
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa
Signing time: Sat 29 Mar 2025 00:00:07 +0000
ROA not before: Sat 29 Mar 2025 00:00:07 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.196.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f7:35:3c:7d:71:a4:4c:38:d9:4f:9b:72:23:60:a9:e9:43:28:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:07 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:82:30:10:0a:05:23:72:b6:6e:b0:c7:bb:78:
e6:25:69:79:a1:4e:a8:c6:f9:64:7c:2b:cb:b3:1a:
0f:9e:59:f9:b4:66:23:31:ba:f6:87:77:74:65:7b:
1a:33:e7:64:a7:96:9f:f4:ca:4f:e3:4a:ed:96:d5:
46:ea:45:69:37:fc:fa:54:c0:12:1d:10:c5:67:63:
91:96:bb:cd:45:fa:59:17:20:f3:c0:95:46:ef:fd:
dc:4a:88:a9:70:18:f7:96:96:7c:60:3b:d2:1e:7e:
db:57:dc:15:63:83:d6:7d:ad:78:00:79:ae:62:6c:
99:b1:8e:ac:87:fd:9a:7b:60:6b:9d:5c:b2:86:2e:
c6:aa:ba:89:8c:7e:18:8a:f0:80:39:be:76:73:2f:
a0:60:fd:85:f7:e5:7a:fe:9f:23:65:33:9a:e4:be:
1e:a6:5f:4d:1b:d5:fa:9a:21:65:7f:a3:38:75:d9:
9d:6e:41:c0:bd:df:09:58:f1:b5:f7:aa:aa:84:52:
3e:ab:a3:2b:f1:52:fa:77:a6:39:c3:43:be:b4:b2:
14:66:92:e5:fb:81:e0:b9:29:ae:36:b1:d1:20:ac:
fd:f7:08:85:63:e6:27:dd:20:e1:cc:4a:ca:7d:cb:
dd:00:7d:e9:75:63:45:07:03:11:c5:b1:b5:db:17:
bf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2B:91:E4:B8:A9:20:74:D7:3F:BE:3C:56:6E:19:02:E1:3C:82:03
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.196.0/22
Signature Algorithm: sha256WithRSAEncryption
91:78:af:b2:0f:02:c8:dd:da:93:0e:76:48:fd:5d:d6:93:0d:
3e:45:15:4c:3e:83:7d:6b:ff:2a:6b:a8:00:a1:45:a6:7d:1e:
48:1a:5c:1f:31:15:76:97:bc:05:a4:e6:ea:31:e8:b5:67:89:
67:f2:91:b1:47:df:7c:6c:07:c3:4e:41:73:e7:cf:1f:93:7c:
fb:d4:79:e7:76:ce:da:d2:6c:49:67:19:ec:97:c6:d6:71:b6:
a0:8b:66:44:2e:5b:fa:6c:b8:45:5c:7c:87:f8:05:3f:0e:62:
dc:d5:db:8c:4f:0e:8b:36:04:7a:a9:44:d8:a1:e2:2c:57:1a:
95:c4:6c:8e:b6:af:bd:3c:9d:72:b6:4a:a8:7b:b7:7f:96:2a:
53:af:ab:fa:cb:d0:4c:7b:94:7d:28:d9:bd:68:5d:95:14:f3:
8a:37:74:2a:90:44:7f:b9:3f:0c:9f:80:66:9e:d4:f6:30:18:
f2:ce:b5:4b:d4:25:9a:f5:4d:9a:6d:7f:69:32:00:36:a0:fb:
a9:2d:b4:8b:df:19:38:71:d1:69:a4:c7:59:af:e2:b1:e8:fa:
49:1e:72:92:19:82:6b:ec:2c:b2:8c:15:9e:9d:92:41:08:14:
e1:27:48:48:99:5f:8f:4e:da:6f:bd:52:c6:d9:5a:e8:e7:d1:
81:ee:49:cf
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUZvc1PH1xpEw42U+bciNgqelDKOUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwN1oX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAMTI4MzNlMTM3MTI3MDk2NmMzMzU4
MjgyZmM0NzE5YjQ1M2EwNzBhNjg4MjY4YjFiNWFhZTQwNzRmM2Q4NjNhODEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIIwEAoFI3K2brDHu3jmJWl5oU6o
xvlkfCvLsxoPnln5tGYjMbr2h3d0ZXsaM+dkp5af9MpP40rtltVG6kVpN/z6VMAS
HRDFZ2ORlrvNRfpZFyDzwJVG7/3cSoipcBj3lpZ8YDvSHn7bV9wVY4PWfa14AHmu
YmyZsY6sh/2ae2BrnVyyhi7GqrqJjH4YivCAOb52cy+gYP2F9+V6/p8jZTOa5L4e
pl9NG9X6miFlf6M4ddmdbkHAvd8JWPG196qqhFI+q6Mr8VL6d6Y5w0O+tLIUZpLl
+4HguSmuNrHRIKz99wiFY+Yn3SDhzErKfcvdAH3pdWNFBwMRxbG12xe/KwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMgrkeS4qSB01z++PFZuGQLhPIIDMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzgyNDU2ZmYyLWY4YzQtNGM1YS05NDU4LTgyZDkwOWY4M2Y3ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCrynEMA0GCSqGSIb3DQEBCwUAA4IBAQCReK+yDwLI3dqTDnZI/V3W
kw0+RRVMPoN9a/8qa6gAoUWmfR5IGlwfMRV2l7wFpObqMei1Z4ln8pGxR998bAfD
TkFz588fk3z71Hnnds7a0mxJZxnsl8bWcbagi2ZELlv6bLhFXHyH+AU/DmLc1duM
Tw6LNgR6qUTYoeIsVxqVxGyOtq+9PJ1ytkqoe7d/lipTr6v6y9BMe5R9KNm9aF2V
FPOKN3QqkER/uT8Mn4BmntT2MBjyzrVL1CWa9U2abX9pMgA2oPupLbSL3xk4cdFp
pMdZr+Kx6PpJHnKSGYJr7CyyjBWenZJBCBThJ0hImV+PTtpvvVLG2Vro59GB7knP
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:05:35 2025 by rpki-client