Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/098c0cc3-be06-46b9-86e2-aeb99985dd07.roa
File: 098c0cc3-be06-46b9-86e2-aeb99985dd07.roa (raw, json)
Hash identifier: nrPaH8hnSvvLcYmUmDhvgxE3CKD+14R4E0zWvTYp2UQ=
Subject key identifier: C4:95:D0:58:E4:5A:1C:3B:84:0A:B7:F6:D4:7B:D7:8D:C4:FC:6B:ED
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 135D751FF2A595DCA232A8575D48361201BCE847
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/098c0cc3-be06-46b9-86e2-aeb99985dd07.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.192.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:5d:75:1f:f2:a5:95:dc:a2:32:a8:57:5d:48:36:12:01:bc:e8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=23fb79e9096b3a019b749ec80ef7dc2a95c1f9713b0029080db6e99f911dc805, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7a:66:2d:9a:fc:1c:fc:c3:50:01:d6:f4:83:
be:d8:20:ff:bd:a7:41:2d:d1:e0:1c:ba:75:2c:3b:
33:0d:7f:ca:df:c6:c5:de:02:4b:b7:aa:79:06:25:
17:4c:57:2e:58:52:99:b9:70:6c:4d:e3:1f:d2:30:
ca:76:0b:1b:8c:d3:b8:34:26:a8:9b:ac:01:02:66:
8f:bc:ff:fb:22:c4:07:d9:6a:98:45:43:0a:25:ba:
72:ff:a2:ff:5a:eb:17:04:df:fe:68:1b:35:16:d6:
38:72:0c:d2:46:38:86:23:5b:eb:65:1c:d5:51:e3:
dc:37:ac:6b:f5:6e:90:5d:76:24:66:56:3e:ea:a1:
43:41:18:f9:c2:50:d5:88:29:1e:a7:d7:d3:b8:d4:
2b:19:a8:02:96:4f:a5:89:ba:a9:da:41:ba:69:fb:
1f:f3:67:51:98:58:65:9e:68:ce:2a:44:91:16:77:
b2:2b:a5:b5:e1:6f:47:a4:b0:99:29:af:c1:21:f5:
5d:eb:5b:a0:9c:be:e7:c8:ae:31:e8:dc:86:e5:c4:
26:32:d8:d2:05:e5:33:68:44:9f:1f:9e:e8:ea:be:
3c:7c:f3:7c:22:df:04:4f:e4:db:24:b2:da:5b:65:
e4:d1:6f:7d:06:f5:9c:bc:e0:ae:b8:33:8a:01:a6:
94:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:95:D0:58:E4:5A:1C:3B:84:0A:B7:F6:D4:7B:D7:8D:C4:FC:6B:ED
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/098c0cc3-be06-46b9-86e2-aeb99985dd07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:15:cd:cf:dd:29:a7:a6:99:a2:26:4f:3e:9e:89:94:e4:f9:
d9:5a:bd:da:ee:6d:64:48:10:1f:bd:d0:b9:5b:63:c0:62:81:
84:a6:1a:47:ea:bf:7b:f4:97:b7:9e:cb:70:e5:38:13:42:3b:
5a:e5:eb:06:4d:3f:87:09:4c:63:b6:4b:42:b6:49:df:89:54:
93:1d:88:38:54:ad:65:42:25:f7:9b:a0:69:44:05:f4:9c:a1:
51:d3:64:e6:a0:f6:78:0b:f2:17:15:ba:29:21:46:9b:ad:05:
6d:69:b9:87:a2:d6:ae:05:fd:68:43:28:55:54:b5:99:eb:52:
4a:0c:02:c6:67:96:9b:fa:e6:ab:9f:14:50:41:1b:63:3e:ca:
7a:67:96:8a:89:69:29:7f:93:5b:87:cb:20:5a:b5:4b:09:4e:
20:6b:b2:14:03:21:c3:8c:03:8e:69:bf:95:fe:41:b7:33:5c:
84:5b:6d:bd:b4:ab:a6:81:15:32:8e:96:e3:14:7a:2d:8e:5e:
3f:bf:e0:a9:d0:d3:fa:a2:f6:42:53:73:7d:5a:e6:d3:b6:f1:
c2:54:8c:c1:33:5f:fd:44:1b:6a:62:47:b7:63:41:fa:11:a8:
45:be:a6:50:95:e1:03:2b:18:a3:e3:1b:ea:c0:92:45:78:1d:
22:71:6e:15
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUE111H/KlldyiMqhXXUg2EgG86EcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAMjNmYjc5ZTkwOTZiM2EwMTliNzQ5
ZWM4MGVmN2RjMmE5NWMxZjk3MTNiMDAyOTA4MGRiNmU5OWY5MTFkYzgwNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXpmLZr8HPzDUAHW9IO+2CD/vadB
LdHgHLp1LDszDX/K38bF3gJLt6p5BiUXTFcuWFKZuXBsTeMf0jDKdgsbjNO4NCao
m6wBAmaPvP/7IsQH2WqYRUMKJbpy/6L/WusXBN/+aBs1FtY4cgzSRjiGI1vrZRzV
UePcN6xr9W6QXXYkZlY+6qFDQRj5wlDViCkep9fTuNQrGagClk+libqp2kG6afsf
82dRmFhlnmjOKkSRFneyK6W14W9HpLCZKa/BIfVd61ugnL7nyK4x6NyG5cQmMtjS
BeUzaESfH57o6r48fPN8It8ET+TbJLLaW2Xk0W99BvWcvOCuuDOKAaaU7QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMSV0FjkWhw7hAq39tR7143E/GvtMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA5OGMwY2MzLWJlMDYtNDZiOS04NmUyLWFlYjk5OTg1ZGQwNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGn/jAMA0GCSqGSIb3DQEBCwUAA4IBAQBfFc3P3SmnppmiJk8+nomU
5PnZWr3a7m1kSBAfvdC5W2PAYoGEphpH6r979Je3nstw5TgTQjta5esGTT+HCUxj
tktCtknfiVSTHYg4VK1lQiX3m6BpRAX0nKFR02TmoPZ4C/IXFbopIUabrQVtabmH
otauBf1oQyhVVLWZ61JKDALGZ5ab+uarnxRQQRtjPsp6Z5aKiWkpf5Nbh8sgWrVL
CU4ga7IUAyHDjAOOab+V/kG3M1yEW229tKumgRUyjpbjFHotjl4/v+Cp0NP6ovZC
U3N9WubTtvHCVIzBM1/9RBtqYke3Y0H6EahFvqZQleEDKxij4xvqwJJFeB0icW4V
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:33:08 2025 by rpki-client