Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa
File: 25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa (raw, json)
Hash identifier: SLHnbV7fQB6fWN1LRj2pJ4v1KQXKoPNyE/Jxu0mSejQ=
Subject key identifier: 12:F3:75:11:D3:7B:37:43:A6:67:96:89:F1:EA:32:96:D0:D9:AB:65
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0EF9EC1EB1920E2A32EFA25FBF4FFCC179BDD9BE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa
Signing time: Thu 20 Mar 2025 23:37:08 +0000
ROA not before: Thu 20 Mar 2025 23:37:08 +0000
ROA not after: Thu 24 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.212.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:f9:ec:1e:b1:92:0e:2a:32:ef:a2:5f:bf:4f:fc:c1:79:bd:d9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 20 23:37:08 2025 GMT
Not After : Apr 24 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:97:23:1f:98:26:ca:9f:00:a3:b8:f5:61:
5a:6f:02:2b:d2:98:65:be:19:1c:10:d0:7a:31:c8:
59:c6:15:18:2e:f2:22:24:e5:04:d2:98:0b:f7:91:
0e:c3:89:75:1b:24:3b:9f:c2:b0:60:89:e8:52:2f:
5b:e9:69:01:eb:df:d1:95:cc:cb:0c:db:13:72:b2:
53:20:f9:2d:f3:e5:77:0d:a2:f2:35:25:7b:56:c0:
76:ed:1f:5b:c0:e8:40:27:45:6f:c4:47:f8:58:e8:
17:db:66:33:8e:46:22:7b:82:c9:d9:92:23:aa:5c:
73:83:96:1e:b5:27:08:3f:75:8c:2c:86:46:01:71:
25:98:71:aa:86:ce:d5:45:8f:40:f6:4e:15:06:39:
bb:69:e1:95:4d:46:79:b3:37:9a:5a:2c:d3:ff:c6:
f2:31:61:68:5f:c3:69:52:54:86:3d:6f:09:56:f3:
4c:df:bd:8b:17:a8:e5:bb:97:d8:e2:68:0b:5a:2d:
11:f2:3f:82:98:51:ac:d8:58:53:6c:c9:76:e6:fb:
2c:f2:37:f7:1a:ab:54:df:b5:33:f8:87:08:ca:c0:
04:80:9b:bc:15:3b:0e:3f:26:52:fc:d6:8d:ef:91:
7a:30:81:c3:df:b6:97:7b:f7:8f:d3:c4:81:8a:82:
f2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F3:75:11:D3:7B:37:43:A6:67:96:89:F1:EA:32:96:D0:D9:AB:65
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.212.70.0/24
Signature Algorithm: sha256WithRSAEncryption
23:1e:59:56:6f:be:1f:c7:29:4d:f2:ce:6a:3b:7d:cd:20:45:
49:49:24:d6:9b:63:b8:9f:5f:a2:75:0f:4c:11:2a:f7:fe:29:
62:65:83:66:ac:69:72:0d:d2:89:ce:98:fd:2c:57:0d:aa:72:
34:b7:9c:f2:b5:7a:89:86:6d:d5:2e:ec:bd:4a:d4:e7:d4:eb:
73:5e:5d:a1:97:3c:22:84:de:17:a0:e6:48:44:9f:95:c9:80:
74:98:45:a2:c3:7c:06:ee:d6:bf:84:e6:c2:63:93:b3:3f:60:
cf:50:ab:10:92:6c:73:33:c3:c0:af:ce:a2:76:fc:2d:b0:eb:
a6:54:e3:97:04:ac:84:b7:47:4c:34:24:cb:f7:2e:33:af:db:
31:bb:3b:1d:05:ec:88:53:98:8d:ef:93:ca:cb:4e:ea:f5:aa:
0e:18:aa:33:9b:e0:4b:ac:f8:f7:19:47:90:5d:fb:b5:2b:a9:
94:6b:b3:5d:c1:29:b7:89:a4:e8:65:5e:ca:97:79:cd:22:ce:
94:89:b5:0c:84:77:39:b4:5c:80:14:99:03:4c:fc:17:de:7b:
f4:85:d2:d6:f1:80:c7:8b:ad:26:ad:99:d0:7e:11:e3:59:cc:
25:df:8c:08:c6:94:8f:f1:84:8d:a7:74:13:55:cf:d4:2a:4e:
37:62:93:57
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUDvnsHrGSDioy76Jfv0/8wXm92b4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMDIzMzcwOFoX
DTI1MDQyNDIzNTk1OVowejFJMEcGA1UEBRNAMmYyMTdkYWQ2YTFiMDc1MTg2MTI2
ZDllNjU0ZDk1MzFlMThjMzcxNjAxMjg3NDY5NWFhMzgzNjZkZDZlZTIxMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2iXIx+YJsqfAKO49WFabwIr0phl
vhkcENB6MchZxhUYLvIiJOUE0pgL95EOw4l1GyQ7n8KwYInoUi9b6WkB69/RlczL
DNsTcrJTIPkt8+V3DaLyNSV7VsB27R9bwOhAJ0VvxEf4WOgX22YzjkYie4LJ2ZIj
qlxzg5YetScIP3WMLIZGAXElmHGqhs7VRY9A9k4VBjm7aeGVTUZ5szeaWizT/8by
MWFoX8NpUlSGPW8JVvNM372LF6jlu5fY4mgLWi0R8j+CmFGs2FhTbMl25vss8jf3
GqtU37Uz+IcIysAEgJu8FTsOPyZS/NaN75F6MIHD37aXe/eP08SBioLyzQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBLzdRHTezdDpmeWifHqMpbQ2atlMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI1ZTA0YzVkLTRhZTktNDQ3MC04MTM4LWRlYTFlOGIzMTYwZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAK9RGMA0GCSqGSIb3DQEBCwUAA4IBAQAjHllWb74fxylN8s5qO33N
IEVJSSTWm2O4n1+idQ9MESr3/iliZYNmrGlyDdKJzpj9LFcNqnI0t5zytXqJhm3V
Luy9StTn1OtzXl2hlzwihN4XoOZIRJ+VyYB0mEWiw3wG7ta/hObCY5OzP2DPUKsQ
kmxzM8PAr86idvwtsOumVOOXBKyEt0dMNCTL9y4zr9sxuzsdBeyIU5iN75PKy07q
9aoOGKozm+BLrPj3GUeQXfu1K6mUa7NdwSm3iaToZV7Kl3nNIs6UibUMhHc5tFyA
FJkDTPwX3nv0hdLW8YDHi60mrZnQfhHjWcwl34wIxpSP8YSNp3QTVc/UKk43YpNX
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:04:50 2025 by rpki-client