Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa
File: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (raw, json)
Hash identifier: abSulFtbTp7vErOdlar+F+VA1JW0y6cvinC8UGIdqrQ=
Subject key identifier: 23:EA:7F:AC:F9:1A:4D:CD:33:68:B5:B7:7C:9B:BF:7F:C1:B8:9C:0C
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 67DEB9A4CC9728AD19A319DCBEBF011644A78346
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.232.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:de:b9:a4:cc:97:28:ad:19:a3:19:dc:be:bf:01:16:44:a7:83:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=7bfe58ad1c0e905eb2e502756ffb6a0fef7bc73ae730693511a8aeb5e162c82f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:1a:1d:c2:78:2c:68:c1:38:2d:74:4d:d6:
35:a0:b8:22:e4:1a:a8:f9:bb:f9:22:f1:3c:90:ef:
67:6e:2d:0f:b0:92:1a:8b:5a:eb:4a:04:70:60:5e:
0a:c0:53:79:31:33:12:15:db:0b:c9:41:f5:46:a0:
0b:2a:88:07:5d:5e:cc:b7:ad:9c:73:26:05:b6:96:
4a:9d:6c:ab:4b:cf:c9:5a:cb:87:52:eb:95:72:05:
3d:33:6b:8f:8b:06:53:c2:b7:92:b4:ae:4a:bc:b2:
cc:76:52:47:19:f7:82:68:0b:8b:9d:d1:ef:db:38:
0c:e4:26:c1:61:f7:ca:36:7c:9d:4f:cb:c1:10:bf:
de:b3:57:6c:7e:db:2f:63:91:c0:6f:e2:d8:52:1c:
c0:46:dc:f5:d4:fc:18:19:2c:16:5b:65:f2:f2:8e:
ac:b8:84:ee:68:09:32:1a:9a:61:ff:7c:c6:eb:05:
d3:b7:a3:01:08:52:4f:6c:3f:4a:be:b5:83:76:69:
06:0f:18:15:f8:d0:1e:d7:e6:0b:bc:c6:a6:7c:06:
63:cf:39:63:95:8e:a3:e0:05:00:5b:22:79:83:88:
99:7d:4e:3c:af:a1:ef:0d:ff:8e:3c:fe:ec:33:4d:
0c:d7:2b:7c:75:03:e4:d7:c5:e0:d4:e6:a6:fa:dd:
53:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EA:7F:AC:F9:1A:4D:CD:33:68:B5:B7:7C:9B:BF:7F:C1:B8:9C:0C
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.232.0/21
Signature Algorithm: sha256WithRSAEncryption
48:59:56:9b:21:4c:93:af:fa:fa:76:1b:24:0f:dc:74:ac:ec:
44:6e:bc:fc:42:42:e0:80:22:48:6f:39:df:b1:8c:35:0d:48:
5d:9f:63:ac:15:5f:34:bf:b3:06:c3:0c:04:ec:48:91:01:94:
75:62:41:46:25:2a:9e:b6:c1:fe:bc:2e:65:cd:4f:e2:75:f6:
a5:bf:2f:7c:f6:ea:96:c2:7a:5d:0d:e8:9f:16:85:75:ba:c6:
1a:f7:50:e3:8b:dd:61:d6:95:83:55:7f:0c:05:51:7c:c6:87:
2f:86:02:0c:ac:05:98:23:f9:e4:c5:b1:bc:4e:06:98:f5:9b:
d7:63:12:bc:c6:e5:25:8c:ae:31:59:e5:c2:34:a1:80:8d:52:
52:55:ab:0c:0b:29:98:93:dc:bc:b4:2a:c5:f5:aa:c7:e6:7d:
95:4f:46:e0:75:f4:bf:a2:d6:48:58:df:d0:ff:22:5c:81:33:
de:55:8d:98:88:a3:a2:fb:99:41:6c:43:36:cd:fc:69:6d:49:
65:43:ac:47:b9:74:8f:bc:ae:e7:b8:9c:4f:75:5f:a5:3b:8b:
07:10:5a:a6:39:df:ea:f9:ec:5f:56:4b:40:36:13:90:26:79:
49:7d:68:c9:20:e9:63:89:9e:10:55:07:6e:60:30:09:de:0e:
1d:e6:c4:bc
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUZ965pMyXKK0Zoxncvr8BFkSng0YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAN2JmZTU4YWQxYzBlOTA1ZWIyZTUw
Mjc1NmZmYjZhMGZlZjdiYzczYWU3MzA2OTM1MTFhOGFlYjVlMTYyYzgyZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhAaHcJ4LGjBOC10TdY1oLgi5Bqo
+bv5IvE8kO9nbi0PsJIai1rrSgRwYF4KwFN5MTMSFdsLyUH1RqALKogHXV7Mt62c
cyYFtpZKnWyrS8/JWsuHUuuVcgU9M2uPiwZTwreStK5KvLLMdlJHGfeCaAuLndHv
2zgM5CbBYffKNnydT8vBEL/es1dsftsvY5HAb+LYUhzARtz11PwYGSwWW2Xy8o6s
uITuaAkyGpph/3zG6wXTt6MBCFJPbD9KvrWDdmkGDxgV+NAe1+YLvMamfAZjzzlj
lY6j4AUAWyJ5g4iZfU48r6HvDf+OPP7sM00M1yt8dQPk18Xg1Oam+t1TOQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCPqf6z5Gk3NM2i1t3ybv3/BuJwMMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJlNDBlZTBiLTlhYTktNDkxOS1hMDc5LTk3MTIyMTJlMTI3Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQBIWVabIUyTr/r6dhskD9x0
rOxEbrz8QkLggCJIbznfsYw1DUhdn2OsFV80v7MGwwwE7EiRAZR1YkFGJSqetsH+
vC5lzU/idfalvy989uqWwnpdDeifFoV1usYa91Dji91h1pWDVX8MBVF8xocvhgIM
rAWYI/nkxbG8TgaY9ZvXYxK8xuUljK4xWeXCNKGAjVJSVasMCymYk9y8tCrF9arH
5n2VT0bgdfS/otZIWN/Q/yJcgTPeVY2YiKOi+5lBbEM2zfxpbUllQ6xHuXSPvK7n
uJxPdV+lO4sHEFqmOd/q+exfVktANhOQJnlJfWjJIOljiZ4QVQduYDAJ3g4d5sS8
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:19:16 2025 by rpki-client