Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/abbc8be4-07db-4e6d-8e79-d43813f48041.roa
File: abbc8be4-07db-4e6d-8e79-d43813f48041.roa (raw, json)
Hash identifier: 46nmpPRj7uxOBlObVTziJqOkiZnK7olY01qkxCYHlJQ=
Subject key identifier: 32:12:87:3F:32:12:17:49:DF:02:D0:86:2F:30:41:20:5C:BA:2F:F4
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 1EE2F3B71D5A48C95DFD9D3C118A5DC99CAF05E1
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/abbc8be4-07db-4e6d-8e79-d43813f48041.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 103.4.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:e2:f3:b7:1d:5a:48:c9:5d:fd:9d:3c:11:8a:5d:c9:9c:af:05:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0e:a5:43:42:17:f9:ac:01:e6:16:32:73:b3:
f9:b5:c6:d0:4c:d4:f1:1b:5d:5d:2b:37:6c:30:83:
c9:a4:e3:cc:91:ab:21:fc:e7:db:05:12:0d:99:0f:
48:1e:89:6f:ab:94:8a:07:1b:f6:da:b8:d6:03:86:
9f:b1:a2:0d:4f:6b:a1:92:4e:cd:28:9b:a5:95:55:
65:f1:4c:9a:9c:56:4d:29:d6:18:57:54:e1:06:43:
39:48:d6:48:0a:1f:07:a8:a2:e9:4b:db:ce:71:79:
11:75:36:bd:0b:3c:36:fb:8b:5b:5d:49:64:79:1c:
de:a6:b0:50:9c:a6:b1:e9:93:7d:22:d6:a1:be:c6:
10:61:73:b8:a7:37:52:4c:f9:06:c3:39:85:a0:e5:
7b:b2:f4:9a:1a:f3:5d:9e:c1:2f:b7:68:4c:77:1d:
9c:04:9a:d2:89:8c:5e:f4:17:a7:04:9b:9b:b8:42:
07:c3:a0:38:e3:8c:4e:2e:8e:43:b6:4b:0c:ec:91:
b7:14:08:6d:ce:93:d9:d8:0e:59:ad:c3:17:75:51:
4a:78:5c:39:06:d3:14:51:0b:f9:e6:99:e8:c8:e8:
60:0f:49:a7:23:cb:4b:b9:85:99:46:7c:4d:c4:d3:
65:02:f8:b0:c9:2a:7d:33:db:ad:b0:76:70:cd:b9:
88:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:12:87:3F:32:12:17:49:DF:02:D0:86:2F:30:41:20:5C:BA:2F:F4
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/abbc8be4-07db-4e6d-8e79-d43813f48041.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.4.8.0/21
Signature Algorithm: sha256WithRSAEncryption
86:4a:ea:61:e1:0d:a4:be:48:64:22:20:52:ed:a4:20:14:18:
ac:02:e6:aa:49:f3:50:b2:77:dd:44:2e:ab:e0:7c:03:2b:7f:
69:d0:eb:99:ba:b1:cf:bd:4e:84:61:1f:e1:d5:42:94:eb:1f:
ca:73:09:b8:36:5a:8f:31:ed:26:49:6d:ce:ee:24:04:cd:31:
84:02:f6:93:af:16:30:c0:a1:35:da:c1:19:3f:43:84:73:5a:
e0:28:3e:be:5e:23:a9:fc:62:14:e0:1c:e0:22:3a:27:98:b8:
b2:e1:84:73:7d:e6:6f:9b:81:f6:94:3d:b5:45:7d:41:16:81:
19:76:d8:dd:6c:e3:f6:2e:69:56:5f:83:79:ce:24:c2:e5:f4:
e0:6d:70:ea:16:e8:1c:5b:cb:dd:4b:fa:17:bb:b3:fd:dc:d8:
4f:da:9a:7e:d6:59:09:d9:ed:10:5c:67:fb:7c:c1:29:f9:79:
a2:01:df:d0:99:e4:da:ae:00:91:00:6b:95:ab:68:76:0e:4d:
d4:32:81:2b:75:2f:97:de:d0:3f:d3:eb:d7:9e:a4:26:93:c4:
fd:9e:18:b2:95:eb:23:df:fd:2f:e7:70:c7:f2:43:b6:3c:6e:
37:9f:fc:c8:67:c3:87:a5:4d:f8:35:50:29:76:da:ab:48:4b:
b3:8b:08:e3
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUHuLztx1aSMld/Z08EYpdyZyvBeEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNAM2VhOThlZjgxYjBmY2QzZDBhNDEw
NjRjZDk2NTkzOGE3OGJjZGYzNDMyOWRkOGVmNDI5MTJlNWE2YzRkMTllMTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzA6lQ0IX+awB5hYyc7P5tcbQTNTx
G11dKzdsMIPJpOPMkash/OfbBRINmQ9IHolvq5SKBxv22rjWA4afsaINT2uhkk7N
KJullVVl8UyanFZNKdYYV1ThBkM5SNZICh8HqKLpS9vOcXkRdTa9Czw2+4tbXUlk
eRzeprBQnKax6ZN9ItahvsYQYXO4pzdSTPkGwzmFoOV7svSaGvNdnsEvt2hMdx2c
BJrSiYxe9BenBJubuEIHw6A444xOLo5DtksM7JG3FAhtzpPZ2A5ZrcMXdVFKeFw5
BtMUUQv55pnoyOhgD0mnI8tLuYWZRnxNxNNlAviwySp9M9utsHZwzbmIZQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDIShz8yEhdJ3wLQhi8wQSBcui/0MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2FiYmM4YmU0LTA3ZGItNGU2ZC04ZTc5LWQ0MzgxM2Y0ODA0MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQCGSuph4Q2kvkhkIiBS7aQg
FBisAuaqSfNQsnfdRC6r4HwDK39p0OuZurHPvU6EYR/h1UKU6x/Kcwm4NlqPMe0m
SW3O7iQEzTGEAvaTrxYwwKE12sEZP0OEc1rgKD6+XiOp/GIU4BzgIjonmLiy4YRz
feZvm4H2lD21RX1BFoEZdtjdbOP2LmlWX4N5ziTC5fTgbXDqFugcW8vdS/oXu7P9
3NhP2pp+1lkJ2e0QXGf7fMEp+XmiAd/QmeTargCRAGuVq2h2Dk3UMoErdS+X3tA/
0+vXnqQmk8T9nhiylesj3/0v53DH8kO2PG43n/zIZ8OHpU34NVApdtqrSEuziwjj
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:34 2025 by rpki-client