Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80b7e005-6c19-4f9e-9cbc-448f4073dd0c.roa
File: 80b7e005-6c19-4f9e-9cbc-448f4073dd0c.roa (raw, json)
Hash identifier: 9XEITZThDPZRs/bhSXRMWOwBkvgLBlP07hmhZ8y7Nzs=
Subject key identifier: AE:62:87:1E:E6:3D:7B:F2:29:9B:2D:96:0A:3E:B3:EC:31:82:55:94
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2F2B5665B71BD967C85175B83E2187C38FE56922
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80b7e005-6c19-4f9e-9cbc-448f4073dd0c.roa
Signing time: Thu 20 Mar 2025 12:36:59 +0000
ROA not before: Thu 20 Mar 2025 12:36:59 +0000
ROA not after: Thu 24 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.212.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:2b:56:65:b7:1b:d9:67:c8:51:75:b8:3e:21:87:c3:8f:e5:69:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 20 12:36:59 2025 GMT
Not After : Apr 24 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9a:4c:66:73:87:01:ee:5e:bb:7c:5f:04:d7:
17:be:a7:db:40:9c:f5:86:9f:79:fe:33:0f:5c:10:
53:e5:43:3f:e2:6e:9b:99:29:8b:e1:f9:53:3b:f5:
3a:b8:a5:14:df:34:3e:5b:81:c4:57:d7:29:f0:9d:
18:8f:84:37:c5:3a:e8:18:ec:37:c5:e0:ed:9f:5f:
03:5e:72:2a:27:c3:ef:78:cf:9f:cf:64:9d:14:85:
8c:32:76:d7:11:aa:2b:08:61:92:9e:b5:1f:9d:c7:
56:55:e4:c7:b0:62:58:0f:b2:20:51:d5:28:5c:22:
12:b4:67:d9:35:f7:cf:04:49:cf:cb:78:9c:8e:15:
34:61:c9:1d:93:0f:fa:ea:78:ec:e7:40:57:77:35:
63:c5:aa:6a:b0:42:79:7d:4e:07:28:34:1e:ca:f0:
0d:b8:98:9e:6c:5f:20:39:64:86:dd:8e:3b:24:67:
0f:c0:ee:05:53:c2:a9:2d:1c:d3:c8:7d:35:b3:66:
25:62:07:62:18:ab:e7:2b:16:6c:e3:cb:6e:dc:8e:
71:81:05:16:a5:6d:30:0e:35:87:cc:ca:08:a0:16:
fb:57:ee:a7:4a:67:cc:41:d7:f8:9b:5d:04:9f:76:
ee:76:e0:33:40:99:28:f3:91:a9:93:2b:7d:86:f0:
81:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:62:87:1E:E6:3D:7B:F2:29:9B:2D:96:0A:3E:B3:EC:31:82:55:94
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80b7e005-6c19-4f9e-9cbc-448f4073dd0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.212.68.0/24
Signature Algorithm: sha256WithRSAEncryption
86:8f:d0:b6:79:fa:dc:ff:f0:06:01:31:89:55:1c:96:9d:6b:
a8:3a:d9:05:a9:55:4d:a0:c4:78:66:6c:d6:20:6c:d7:4a:27:
64:e5:3d:1a:85:75:1a:c0:0d:cf:21:be:00:04:3e:b2:29:6c:
58:fd:03:ed:a5:32:7c:c9:ac:4f:fb:18:88:72:dc:39:4b:ad:
b1:1b:38:62:62:31:dd:c4:3f:ff:f3:da:92:ed:b3:67:cb:43:
90:7e:71:61:51:76:3f:ee:5c:0d:e5:9d:ba:1d:ec:ea:1e:19:
e3:4a:0d:74:c0:39:8c:06:44:da:f7:16:44:04:35:26:2c:c6:
a2:73:0f:56:8c:5e:05:4b:e2:dc:a6:53:dc:09:a0:63:e3:52:
86:1a:28:55:e6:80:e4:a6:58:4a:19:3e:13:8a:75:54:39:15:
d6:b7:37:93:89:1c:69:cd:84:ef:27:7d:00:3f:d1:1a:7a:79:
14:59:2e:46:91:8a:da:00:42:15:61:ea:3c:d7:ec:0b:6e:12:
20:21:07:fd:83:cb:d0:61:93:5b:e8:d8:8d:33:34:e7:ef:75:
ac:71:b0:bc:6b:8b:47:4b:82:6e:6b:0d:ea:9b:ce:37:b6:54:
59:34:70:d2:d1:22:e7:bd:14:18:02:d5:38:45:43:a5:65:c7:
3f:ac:52:47
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIULytWZbcb2WfIUXW4PiGHw4/laSIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMDEyMzY1OVoX
DTI1MDQyNDIzNTk1OVowejFJMEcGA1UEBRNAZDZmMzE5NzFhNGU2MzZkYTE3OTU3
MmQxMWYzNGRmODM4ODFmNTJjYzVlMWRlMmJlZjcwMThiZTMwNmRiNGZhNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5pMZnOHAe5eu3xfBNcXvqfbQJz1
hp95/jMPXBBT5UM/4m6bmSmL4flTO/U6uKUU3zQ+W4HEV9cp8J0Yj4Q3xTroGOw3
xeDtn18DXnIqJ8PveM+fz2SdFIWMMnbXEaorCGGSnrUfncdWVeTHsGJYD7IgUdUo
XCIStGfZNffPBEnPy3icjhU0Yckdkw/66njs50BXdzVjxapqsEJ5fU4HKDQeyvAN
uJiebF8gOWSG3Y47JGcPwO4FU8KpLRzTyH01s2YlYgdiGKvnKxZs48tu3I5xgQUW
pW0wDjWHzMoIoBb7V+6nSmfMQdf4m10En3buduAzQJko85Gpkyt9hvCB7wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFK5ihx7mPXvyKZstlgo+s+wxglWUMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgwYjdlMDA1LTZjMTktNGY5ZS05Y2JjLTQ0OGY0MDczZGQwYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAK9REMA0GCSqGSIb3DQEBCwUAA4IBAQCGj9C2efrc//AGATGJVRyW
nWuoOtkFqVVNoMR4ZmzWIGzXSidk5T0ahXUawA3PIb4ABD6yKWxY/QPtpTJ8yaxP
+xiIctw5S62xGzhiYjHdxD//89qS7bNny0OQfnFhUXY/7lwN5Z26HezqHhnjSg10
wDmMBkTa9xZEBDUmLMaicw9WjF4FS+LcplPcCaBj41KGGihV5oDkplhKGT4TinVU
ORXWtzeTiRxpzYTvJ30AP9EaenkUWS5GkYraAEIVYeo81+wLbhIgIQf9g8vQYZNb
6NiNMzTn73WscbC8a4tHS4Juaw3qm843tlRZNHDS0SLnvRQYAtU4RUOlZcc/rFJH
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:00:09 2025 by rpki-client