Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa
File: 35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa (raw, json)
Hash identifier: 1HpKJ7EB/6NDAEo7hr7/DqV5bu9mgujpqbRPlt7tHKY=
Subject key identifier: A3:64:CC:91:38:CB:FF:56:5B:9A:87:C7:27:D0:A7:A9:F6:ED:74:0D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 103F8F9B539BBABD34A8F0CE87405216D4955BF3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa
Signing time: Wed 26 Mar 2025 00:10:16 +0000
ROA not before: Wed 26 Mar 2025 00:10:16 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.200.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:3f:8f:9b:53:9b:ba:bd:34:a8:f0:ce:87:40:52:16:d4:95:5b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:10:16 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:4a:aa:bf:7f:d9:a3:2e:61:12:6c:d5:9d:
13:8c:4c:20:22:97:22:3d:38:40:01:c7:37:47:fc:
f5:eb:c4:1b:78:ee:54:0e:b3:60:2c:1e:c8:3a:cb:
f8:23:d7:d1:fc:df:a1:15:5d:a9:7d:5a:41:19:ef:
3a:f3:df:f3:87:83:d1:d6:f1:30:9d:20:6a:3a:5f:
89:61:9e:cf:26:ba:36:c9:32:75:a9:7e:39:a0:e2:
ff:be:85:78:cb:f5:97:90:1f:fe:ee:3c:31:6f:1a:
80:ae:aa:be:7d:38:6b:c4:8c:8f:a6:55:f2:5a:f6:
e9:e1:c1:c2:d3:63:a5:2e:78:9b:47:aa:65:c2:d4:
f8:9f:75:97:80:ac:2c:89:e1:71:e4:c9:ed:25:9f:
11:52:68:2e:98:5f:f4:29:f2:8a:ca:e8:6d:c3:97:
20:fd:fb:b2:fc:0a:33:28:1a:af:46:0a:59:88:44:
d0:e4:28:cd:61:cb:bf:11:b5:88:fa:e1:24:00:26:
30:af:d5:72:93:7d:3a:d3:74:4e:82:5e:dd:2c:7e:
cc:2b:20:2d:3a:c3:cc:f0:8c:2b:ac:40:8e:5b:56:
6f:d9:de:9f:c2:ee:ec:65:32:b0:77:5e:b4:a9:5c:
ee:5c:c9:b8:63:d4:ce:df:a0:9c:f5:1e:f5:60:48:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:64:CC:91:38:CB:FF:56:5B:9A:87:C7:27:D0:A7:A9:F6:ED:74:0D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.200.0.0/13
Signature Algorithm: sha256WithRSAEncryption
9c:b2:bb:9e:90:7c:26:55:27:b1:8d:6b:10:77:6a:db:67:09:
0e:69:3c:68:bf:f7:51:9d:3e:4d:79:61:77:14:68:bf:4a:c4:
ca:b7:05:c3:ed:2d:44:87:6f:1c:43:93:5b:60:71:a8:c4:7a:
d9:02:06:a0:b2:d9:97:c2:cb:5e:e6:e1:cf:55:88:94:1d:54:
d9:eb:d5:f3:c2:4f:9e:10:6a:48:b8:64:45:3d:08:08:33:43:
13:04:a9:cc:0e:9d:c3:a0:0f:c9:6d:1a:8b:40:40:8f:7f:2b:
41:9c:cd:9c:6e:a5:1e:c8:10:05:18:f6:42:1a:23:37:70:c5:
be:02:34:68:ed:fa:f0:00:51:ec:f5:b8:91:0c:69:12:b0:21:
e6:ed:32:81:67:bd:5f:6c:1a:c6:91:a6:7a:fb:61:8b:d2:79:
17:ac:05:cc:af:5c:7f:2c:28:ff:97:b9:c4:d7:c1:b2:d3:ec:
6a:a0:73:b2:25:7d:b9:3d:9e:b9:22:a1:b4:16:05:ba:46:49:
3b:a4:7c:aa:a5:e7:bc:af:1a:db:5a:d9:b8:05:15:3f:f0:28:
de:01:6c:7b:83:b5:ed:b4:1f:1a:06:fb:a0:54:7e:62:30:eb:
e1:64:00:ac:65:f5:49:cd:de:f9:9b:fa:c3:e7:56:7f:86:4b:
a9:98:65:6d
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUED+Pm1Obur00qPDOh0BSFtSVW/MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMTAxNloX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAZWVkY2Q4NDk3ZjM5ZDZiMTc5Mzhj
MTQ5ZTk0NmFhZWI5NGQ3YjdjNjgxNGMyZDY0OGU4ZjM5MWJkYjk2OTFlZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2JKqr9/2aMuYRJs1Z0TjEwgIpci
PThAAcc3R/z168QbeO5UDrNgLB7IOsv4I9fR/N+hFV2pfVpBGe8689/zh4PR1vEw
nSBqOl+JYZ7PJro2yTJ1qX45oOL/voV4y/WXkB/+7jwxbxqArqq+fThrxIyPplXy
Wvbp4cHC02OlLnibR6plwtT4n3WXgKwsieFx5MntJZ8RUmgumF/0KfKKyuhtw5cg
/fuy/AozKBqvRgpZiETQ5CjNYcu/EbWI+uEkACYwr9Vyk30603ROgl7dLH7MKyAt
OsPM8IwrrECOW1Zv2d6fwu7sZTKwd160qVzuXMm4Y9TO36Cc9R71YEhJDQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKNkzJE4y/9WW5qHxyfQp6n27XQNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM1ZGZiMzNmLWI3YjktNDAyOC1hZjViLWMzNmJmNTRhNDllOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAJyyu56QfCZVJ7GNaxB3attn
CQ5pPGi/91GdPk15YXcUaL9KxMq3BcPtLUSHbxxDk1tgcajEetkCBqCy2ZfCy17m
4c9ViJQdVNnr1fPCT54Qaki4ZEU9CAgzQxMEqcwOncOgD8ltGotAQI9/K0GczZxu
pR7IEAUY9kIaIzdwxb4CNGjt+vAAUez1uJEMaRKwIebtMoFnvV9sGsaRpnr7YYvS
eResBcyvXH8sKP+XucTXwbLT7Gqgc7Ilfbk9nrkiobQWBbpGSTukfKql57yvGtta
2bgFFT/wKN4BbHuDte20HxoG+6BUfmIw6+FkAKxl9UnN3vmb+sPnVn+GS6mYZW0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:00 2025 by rpki-client