Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa
File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json)
Hash identifier: Zn1Faw/6CPlSraChFthBDaP5Lmw7kCRmSBautZAZcX8=
Subject key identifier: 1A:85:41:61:4B:08:C0:2F:C8:0F:79:AA:46:F2:01:73:D3:A6:B4:93
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3C64FC45D13E352D4316B36E1D1E886A73B1974E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa
Signing time: Wed 26 Mar 2025 00:10:11 +0000
ROA not before: Wed 26 Mar 2025 00:10:11 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.198.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:64:fc:45:d1:3e:35:2d:43:16:b3:6e:1d:1e:88:6a:73:b1:97:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:10:11 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:6a:ae:a9:12:b0:57:dc:55:4d:31:3f:ad:
dc:08:b7:b6:7b:b1:4f:31:95:d1:12:14:1c:0f:21:
8b:d7:1f:43:b2:a6:bb:c8:39:89:e3:12:da:97:0f:
37:11:b0:da:e4:d6:bc:34:0e:6b:c0:24:9e:1d:c2:
55:37:35:87:21:2a:ee:57:f3:6b:ef:06:67:ec:b6:
0e:6d:d8:41:e1:64:8a:0b:c6:3f:6d:74:5a:d3:62:
4d:7a:59:39:8d:45:24:f0:53:65:f7:95:9d:30:69:
4e:d6:cc:6c:dc:dd:80:52:05:34:3b:b0:b9:bf:88:
eb:c0:64:84:cb:20:47:7d:08:d6:9b:01:96:00:59:
fc:f1:e9:45:8c:d7:8e:a9:48:0f:1a:17:ef:8a:ed:
41:59:3d:5f:f8:13:9f:de:20:01:54:0b:6f:ca:a2:
f0:2d:f6:ac:5b:23:21:9c:72:78:92:77:4b:77:ad:
e3:14:14:c0:96:7f:bc:12:6a:ae:8d:e6:e7:1d:75:
43:d6:d5:94:d5:18:d1:57:10:d6:d3:f6:6d:2d:38:
2e:62:82:cb:1c:63:e3:26:e5:17:30:13:f3:92:d1:
48:77:a3:84:f0:b9:f5:19:f4:23:8d:eb:6d:00:91:
43:ef:d1:a4:36:c4:25:18:f9:0c:99:98:ff:30:d9:
74:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:85:41:61:4B:08:C0:2F:C8:0F:79:AA:46:F2:01:73:D3:A6:B4:93
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.198.0.0/15
Signature Algorithm: sha256WithRSAEncryption
42:74:24:37:90:4f:74:92:04:4e:c9:ad:9f:54:4a:94:55:31:
8c:c6:c6:1b:72:69:9a:7a:18:65:b3:4a:73:8d:95:19:9a:16:
0b:14:a2:33:fe:67:90:1a:dd:8c:b0:97:76:e3:a2:44:6f:45:
ca:d1:73:aa:67:2d:bb:d9:c3:f6:53:c9:1f:98:82:a5:78:94:
cb:ff:cd:eb:50:0d:32:48:62:ae:a9:1b:62:37:58:94:a1:ef:
09:af:a9:72:e8:61:6f:70:f9:f7:dd:e2:83:df:d0:23:18:8d:
3a:b5:14:12:dc:a2:ee:7f:05:db:b9:ba:bb:80:54:f7:73:aa:
8c:61:8e:ef:35:e1:75:a9:29:93:81:95:a1:17:1c:50:cf:b3:
10:8a:ae:e3:ab:18:ae:0b:57:8c:a0:b9:37:3d:3c:c6:71:ea:
1f:9b:5c:24:85:7f:ee:be:0f:23:b5:39:bd:2c:5d:f6:4c:b2:
43:2c:52:5e:d4:3f:65:d8:af:bc:ce:38:95:1a:72:79:2c:ce:
84:db:75:87:16:bd:dc:a6:32:ae:06:dc:20:8d:5d:ad:e8:eb:
ce:47:a8:15:e3:6b:76:9e:09:90:e0:f8:7f:b8:4c:82:1d:66:
09:24:49:22:18:38:7a:e8:95:26:d0:dc:c9:92:87:de:50:3a:
7b:40:db:3a
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUPGT8RdE+NS1DFrNuHR6IanOxl04wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMTAxMVoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAN2FkODA3NmVlNjgyYmU5YTgxYzZl
MDNjZjZhYWQ3NjJkZTE1NmE1YzIyZWFjZmQwMGM2N2QzZmNiYjYzOWNiMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvihqrqkSsFfcVU0xP63cCLe2e7FP
MZXREhQcDyGL1x9Dsqa7yDmJ4xLalw83EbDa5Na8NA5rwCSeHcJVNzWHISruV/Nr
7wZn7LYObdhB4WSKC8Y/bXRa02JNelk5jUUk8FNl95WdMGlO1sxs3N2AUgU0O7C5
v4jrwGSEyyBHfQjWmwGWAFn88elFjNeOqUgPGhfviu1BWT1f+BOf3iABVAtvyqLw
LfasWyMhnHJ4kndLd63jFBTAln+8EmqujebnHXVD1tWU1RjRVxDW0/ZtLTguYoLL
HGPjJuUXMBPzktFId6OE8Ln1GfQjjettAJFD79GkNsQlGPkMmZj/MNl0fwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBqFQWFLCMAvyA95qkbyAXPTprSTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAEJ0JDeQT3SSBE7JrZ9USpRV
MYzGxhtyaZp6GGWzSnONlRmaFgsUojP+Z5Aa3Yywl3bjokRvRcrRc6pnLbvZw/ZT
yR+YgqV4lMv/zetQDTJIYq6pG2I3WJSh7wmvqXLoYW9w+ffd4oPf0CMYjTq1FBLc
ou5/Bdu5uruAVPdzqoxhju814XWpKZOBlaEXHFDPsxCKruOrGK4LV4yguTc9PMZx
6h+bXCSFf+6+DyO1Ob0sXfZMskMsUl7UP2XYr7zOOJUacnkszoTbdYcWvdymMq4G
3CCNXa3o685HqBXja3aeCZDg+H+4TIIdZgkkSSIYOHrolSbQ3MmSh95QOntA2zo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:57:22 2025 by rpki-client