Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa
File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json)
Hash identifier: flWc9GKvZYhFvGoRjBYrlT5j+NMQl+txSY7MAROpiIg=
Subject key identifier: 48:CF:EA:66:5F:B9:DD:08:CB:37:9A:17:A9:3B:35:83:4F:1D:23:D5
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 54E9FFC916AEA3FF81DB11C2FE08A08D6CA4FF50
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa
Signing time: Sat 29 Mar 2025 00:00:03 +0000
ROA not before: Sat 29 Mar 2025 00:00:03 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:e9:ff:c9:16:ae:a3:ff:81:db:11:c2:fe:08:a0:8d:6c:a4:ff:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Mar 29 00:00:03 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b8:70:c4:2b:76:67:48:37:02:cb:1f:77:fb:
50:bd:77:74:ab:6b:05:f9:96:2c:15:a9:94:85:16:
fb:5f:c7:0b:a4:a9:25:18:1c:4e:4f:4a:a2:0b:5b:
4b:51:f9:58:56:11:6a:5d:7d:4a:e8:5a:f6:68:5d:
c5:73:ea:5b:7f:7d:0f:f4:d8:72:68:e4:f3:93:c1:
5a:ba:be:e2:da:ab:d7:2a:34:02:0b:95:e5:1e:7a:
04:5f:1d:a7:96:d5:bb:19:9f:56:11:46:c0:97:2f:
37:f8:2b:98:6e:9d:09:f0:6e:16:fa:16:3e:d1:72:
c5:b5:e3:b5:f0:13:15:99:b3:27:b7:c8:be:25:b7:
18:dd:14:cb:08:33:30:6a:10:65:72:d7:2c:8f:58:
ba:02:82:03:1d:a1:cc:81:0a:ae:a3:fa:e8:15:e0:
82:cd:0e:86:c9:0d:6e:95:de:ee:0c:ed:40:12:1c:
f6:c5:4a:44:12:fc:9e:04:81:53:9b:3b:bb:30:f4:
a2:ad:2c:77:5c:f9:e9:ef:6a:4c:b8:fd:3a:ea:0c:
56:41:9c:67:b4:8d:34:d4:03:a6:26:65:cf:d1:81:
cf:e9:a3:1a:0e:c7:2b:a8:6e:d5:6b:71:79:27:67:
fd:eb:7e:7d:2e:6b:5f:cc:11:31:a1:2c:23:8a:b0:
df:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CF:EA:66:5F:B9:DD:08:CB:37:9A:17:A9:3B:35:83:4F:1D:23:D5
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.192.0/24
Signature Algorithm: sha256WithRSAEncryption
91:78:d9:b6:d4:8a:c5:bb:c3:4d:6b:b2:08:e5:43:3f:f1:08:
df:1f:95:8a:e3:ec:57:ab:98:8d:42:c1:2c:ba:4a:62:2d:ee:
bd:6b:fa:99:ab:1c:d1:96:83:26:47:47:ec:0c:fa:c4:94:d1:
d1:68:8f:99:c5:24:54:30:d2:d0:4d:ac:d8:97:28:0e:f0:12:
6a:9c:7c:ab:7c:92:24:6d:25:9a:82:0d:94:32:55:3d:ca:ff:
34:e8:83:4d:a4:b3:e2:78:e4:e7:3e:cb:c0:79:3a:c8:e3:2b:
22:b5:4a:87:c3:0b:f3:17:39:35:bb:8b:40:56:c9:a8:19:71:
0b:fd:0b:57:56:46:3c:21:c3:06:47:3e:b0:41:aa:93:85:f5:
5e:f0:22:22:b0:07:b8:4a:ee:06:04:a3:23:a1:26:3a:1c:c0:
67:2c:ac:75:51:8e:74:b1:07:53:6b:57:82:11:c9:13:bc:15:
22:bc:fe:d8:14:f7:67:31:28:ba:d4:e0:a9:b8:bd:e2:96:69:
42:77:9c:97:d3:c9:a8:df:11:68:04:b3:c9:08:7c:f4:ec:f6:
01:fb:f8:72:5c:fb:41:8b:12:38:38:50:1d:7b:7c:cd:29:e3:
d0:be:7a:e2:25:38:7a:37:0b:6b:44:9b:5f:f3:19:cd:3d:1c:
71:16:c7:12
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUVOn/yRauo/+B2xHC/gigjWyk/1AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwM1oX
DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAMmIyNDNiMjk4OWZlNzgzZTBhNDdi
ZmY0NDMwYzVkMzE5Y2E1ZjQ3NGI0YTI0MzYzNjM2YWQxNWRlYWY4YWVkNDEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLhwxCt2Z0g3Assfd/tQvXd0q2sF
+ZYsFamUhRb7X8cLpKklGBxOT0qiC1tLUflYVhFqXX1K6Fr2aF3Fc+pbf30P9Nhy
aOTzk8Faur7i2qvXKjQCC5XlHnoEXx2nltW7GZ9WEUbAly83+CuYbp0J8G4W+hY+
0XLFteO18BMVmbMnt8i+JbcY3RTLCDMwahBlctcsj1i6AoIDHaHMgQquo/roFeCC
zQ6GyQ1uld7uDO1AEhz2xUpEEvyeBIFTmzu7MPSirSx3XPnp72pMuP066gxWQZxn
tI001AOmJmXP0YHP6aMaDscrqG7Va3F5J2f96359LmtfzBExoSwjirDfGQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEjP6mZfud0IyzeaF6k7NYNPHSPVMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQCReNm21IrFu8NNa7II5UM/
8QjfH5WK4+xXq5iNQsEsukpiLe69a/qZqxzRloMmR0fsDPrElNHRaI+ZxSRUMNLQ
TazYlygO8BJqnHyrfJIkbSWagg2UMlU9yv806INNpLPieOTnPsvAeTrI4ysitUqH
wwvzFzk1u4tAVsmoGXEL/QtXVkY8IcMGRz6wQaqThfVe8CIisAe4Su4GBKMjoSY6
HMBnLKx1UY50sQdTa1eCEckTvBUivP7YFPdnMSi61OCpuL3ilmlCd5yX08mo3xFo
BLPJCHz07PYB+/hyXPtBixI4OFAde3zNKePQvnriJTh6NwtrRJtf8xnNPRxxFscS
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:05:35 2025 by rpki-client