Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa
File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json)
Hash identifier: etCQXSGeBj8t/PYnVeuuWo3IPWZ2UKn5S9mwk7wrJpk=
Subject key identifier: CB:91:7D:31:BB:A1:70:D8:CC:A9:1F:9D:14:C1:E6:79:B4:17:20:34
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 21D4A1E82DE70BD3A9BF91ACE61A2DD4A91F93F6
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa
Signing time: Tue 11 Mar 2025 00:00:07 +0000
ROA not before: Tue 11 Mar 2025 00:00:07 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 7224
IP address blocks: 43.250.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d4:a1:e8:2d:e7:0b:d3:a9:bf:91:ac:e6:1a:2d:d4:a9:1f:93:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 11 00:00:07 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6a:7d:8d:82:24:c2:57:5b:35:3f:df:9f:f6:
31:f5:ec:2c:df:ee:b8:aa:f6:4f:be:70:b0:84:9d:
fd:db:44:1d:41:44:e0:7c:18:fd:b1:66:18:a3:c8:
69:47:3c:88:0b:08:6b:2b:de:43:03:37:8d:28:5a:
05:14:96:29:fe:43:2f:e3:a0:7e:65:ea:e9:fd:5c:
14:75:5c:18:c3:fe:dd:b1:a4:c5:6d:b2:f5:ff:50:
cb:64:b3:d6:75:3b:27:05:0d:c9:5a:c6:7f:74:52:
cc:85:fb:88:a2:f2:45:8e:65:33:42:a3:6a:c3:3d:
a3:df:48:80:8a:34:7f:34:24:bf:d9:03:fd:2e:79:
94:1f:9b:63:99:2f:ee:36:77:37:60:d1:f0:df:21:
5f:c3:3e:43:0f:8c:79:04:f0:c3:1d:8e:4e:06:96:
8d:d0:aa:ed:28:2b:f5:0d:c6:37:d0:05:dd:f0:2b:
9a:53:5d:5b:1f:70:6a:2a:c8:41:86:d3:6b:84:fa:
d2:12:92:6f:0f:36:bd:70:89:09:01:9a:d8:96:e1:
01:d4:be:d2:d7:95:a7:41:bc:8a:54:85:bc:79:25:
c7:5e:bc:08:4b:c3:03:a6:66:06:4c:93:ba:c5:b8:
6f:97:9e:09:bd:72:9c:a8:5f:b7:b5:d6:b3:1b:01:
6b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:91:7D:31:BB:A1:70:D8:CC:A9:1F:9D:14:C1:E6:79:B4:17:20:34
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.196.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:ae:a8:70:e3:a7:ad:e4:b1:95:41:6d:fe:bd:0d:9c:81:35:
90:02:16:06:c7:50:d7:2a:0f:3d:53:bb:b7:f2:e2:f5:a4:b6:
e4:17:1b:c6:ad:5c:dd:3e:b3:a2:10:11:9e:a7:1a:55:c9:bc:
17:80:87:6d:a0:a3:1c:63:f3:55:b9:7e:fd:d6:49:c7:21:52:
5f:5f:6f:32:b0:bd:8b:fd:09:b9:ec:e4:83:a5:d5:92:be:29:
e4:d9:12:38:1d:a0:67:dc:e3:13:bc:26:55:c7:1c:89:80:24:
23:9e:ef:12:43:cb:25:28:67:bf:fa:17:13:0e:8f:98:0f:a6:
74:40:24:f1:d7:03:50:f6:10:14:ce:c1:aa:b4:0a:47:b5:cf:
ab:86:9a:da:60:34:da:53:95:9a:13:32:fc:de:2c:0e:49:09:
e3:29:23:18:6b:e1:c5:5c:7f:78:c6:f5:59:62:c8:33:1e:33:
b3:ef:83:dd:85:c2:8e:c5:04:cd:be:8f:f9:6d:c5:66:aa:3a:
b9:4c:c7:cd:8d:93:63:32:78:f1:77:65:5d:3e:e8:d6:78:71:
0f:94:f2:85:de:d1:f6:ab:01:25:42:40:fa:1b:04:82:da:70:
c0:32:50:b3:e8:0b:bf:0d:e4:88:10:aa:47:65:d7:fc:61:28:
ec:37:be:fb
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUIdSh6C3nC9Opv5Gs5hot1Kkfk/YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMxMTAwMDAwN1oX
DTI1MDQxNTIzNTk1OVowejFJMEcGA1UEBRNANTk0YTc0NzhjOThiNmIwNGFhNTIx
MDQ4NTdmMTc0ODI0ZWJmMTk3NWQzNThlYzNlNzIwZjNjYjQ3NGExMWY1OTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32p9jYIkwldbNT/fn/Yx9ews3+64
qvZPvnCwhJ3920QdQUTgfBj9sWYYo8hpRzyICwhrK95DAzeNKFoFFJYp/kMv46B+
Zerp/VwUdVwYw/7dsaTFbbL1/1DLZLPWdTsnBQ3JWsZ/dFLMhfuIovJFjmUzQqNq
wz2j30iAijR/NCS/2QP9LnmUH5tjmS/uNnc3YNHw3yFfwz5DD4x5BPDDHY5OBpaN
0KrtKCv1DcY30AXd8CuaU11bH3BqKshBhtNrhPrSEpJvDza9cIkJAZrYluEB1L7S
15WnQbyKVIW8eSXHXrwIS8MDpmYGTJO6xbhvl54JvXKcqF+3tdazGwFrGQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMuRfTG7oXDYzKkfnRTB5nm0FyA0MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQB8rqhw46et5LGVQW3+vQ2c
gTWQAhYGx1DXKg89U7u38uL1pLbkFxvGrVzdPrOiEBGepxpVybwXgIdtoKMcY/NV
uX791knHIVJfX28ysL2L/Qm57OSDpdWSvink2RI4HaBn3OMTvCZVxxyJgCQjnu8S
Q8slKGe/+hcTDo+YD6Z0QCTx1wNQ9hAUzsGqtApHtc+rhpraYDTaU5WaEzL83iwO
SQnjKSMYa+HFXH94xvVZYsgzHjOz74PdhcKOxQTNvo/5bcVmqjq5TMfNjZNjMnjx
d2VdPujWeHEPlPKF3tH2qwElQkD6GwSC2nDAMlCz6Au/DeSIEKpHZdf8YSjsN777
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:48 2025 by rpki-client