Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa
File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json)
Hash identifier: zjUzDOzTMpUuEjfIh4+rguUY4GCaHayuvvktUdaLTKc=
Subject key identifier: 33:BB:E3:93:19:6E:38:D9:ED:DF:A9:2B:82:8A:86:C0:F6:55:D4:84
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 3A6070967BC442283504FE55946463074D82B885
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:60:70:96:7b:c4:42:28:35:04:fe:55:94:64:63:07:4d:82:b8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=326eacbca2bb2a07e0a80af6216ca326a0f3e7f8950532c21dd93cbf60befb3e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:41:0e:e6:08:e5:f0:e9:8a:0b:a0:7a:30:2b:
7d:49:45:19:56:a5:b3:b8:ef:8d:d5:b8:91:f1:ab:
82:23:f4:4c:d7:0e:9d:ba:ce:ea:29:c9:55:d1:9c:
28:a8:4e:04:8a:4e:5a:12:2a:af:ae:63:68:9e:1e:
4d:45:9e:eb:ea:02:b9:7c:c6:62:11:1c:5b:68:11:
af:47:04:d1:c1:b9:de:ff:51:dc:51:9d:64:23:1f:
af:10:d5:a0:49:06:3c:9b:a5:a5:71:94:2c:e5:45:
b5:68:08:a3:29:14:70:46:3d:96:e4:74:8c:58:3a:
ca:51:b3:35:cd:bd:0b:fa:6d:ac:f5:d7:ad:aa:69:
e5:d4:b7:3c:94:3f:61:77:df:73:b0:4b:d0:22:c0:
93:df:69:a1:b1:7e:6e:8a:97:3c:20:68:12:40:93:
c2:2b:30:d9:c6:16:b8:51:87:4a:02:46:f3:87:a2:
7e:2e:2a:e9:c9:96:83:ed:d0:c8:76:2b:44:5e:09:
6d:26:6a:2e:d9:16:a1:40:b6:1d:fe:83:e9:87:77:
ae:2b:fa:26:38:09:c9:32:88:bb:d0:8e:aa:78:74:
71:15:89:4c:04:3c:3a:de:0f:f1:e6:7e:42:d7:15:
a2:2a:83:7b:e7:26:30:d0:00:85:0d:22:79:97:45:
54:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BB:E3:93:19:6E:38:D9:ED:DF:A9:2B:82:8A:86:C0:F6:55:D4:84
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.224.0/21
Signature Algorithm: sha256WithRSAEncryption
47:e7:2f:6b:c5:52:a8:90:74:bc:03:bb:91:1e:92:af:74:b5:
d9:db:04:5c:96:96:a2:b8:28:1f:a9:96:1d:08:be:8a:60:91:
35:40:aa:b5:92:76:db:01:8b:6d:aa:93:71:00:b5:ec:53:7c:
7e:26:8c:57:b8:b1:12:61:23:95:a4:71:ff:3d:9e:59:ec:2f:
ca:db:49:d2:71:02:4c:a3:76:cc:36:01:bf:98:ce:e6:ca:f0:
a1:e6:f8:63:4a:a1:76:a4:c8:30:ca:58:03:7b:14:fb:34:d2:
75:a3:a7:59:7e:d7:f4:df:fd:74:76:01:d5:2d:34:00:9a:b3:
41:e7:34:53:68:69:90:f9:fa:de:0a:57:7f:3f:fe:43:d7:2a:
94:74:b0:ab:52:24:2f:6b:79:c0:3d:65:4d:e6:ef:bd:39:83:
66:c4:4d:2d:95:7b:64:e6:4e:c8:28:28:b2:aa:c4:4f:e8:61:
58:49:00:96:d3:8d:25:4c:5f:69:ec:e3:07:01:7f:db:ac:1c:
f8:c3:18:3c:3a:94:95:03:dc:fa:59:44:ed:58:54:0c:e7:04:
90:66:a2:20:ca:2e:2a:87:8c:f7:10:85:8a:2d:f8:2d:7f:b2:
cd:aa:12:ac:53:5f:ec:4e:83:6b:8c:6b:e9:f9:40:ec:fd:58:
8a:d3:d4:a1
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUOmBwlnvEQig1BP5VlGRjB02CuIUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAMzI2ZWFjYmNhMmJiMmEwN2UwYTgw
YWY2MjE2Y2EzMjZhMGYzZTdmODk1MDUzMmMyMWRkOTNjYmY2MGJlZmIzZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEEO5gjl8OmKC6B6MCt9SUUZVqWz
uO+N1biR8auCI/RM1w6dus7qKclV0ZwoqE4Eik5aEiqvrmNonh5NRZ7r6gK5fMZi
ERxbaBGvRwTRwbne/1HcUZ1kIx+vENWgSQY8m6WlcZQs5UW1aAijKRRwRj2W5HSM
WDrKUbM1zb0L+m2s9detqmnl1Lc8lD9hd99zsEvQIsCT32mhsX5uipc8IGgSQJPC
KzDZxha4UYdKAkbzh6J+LirpyZaD7dDIditEXgltJmou2RahQLYd/oPph3euK/om
OAnJMoi70I6qeHRxFYlMBDw63g/x5n5C1xWiKoN75yYw0ACFDSJ5l0VUgwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDO745MZbjjZ7d+pK4KKhsD2VdSEMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQBH5y9rxVKokHS8A7uRHpKv
dLXZ2wRclpaiuCgfqZYdCL6KYJE1QKq1knbbAYttqpNxALXsU3x+JoxXuLESYSOV
pHH/PZ5Z7C/K20nScQJMo3bMNgG/mM7myvCh5vhjSqF2pMgwylgDexT7NNJ1o6dZ
ftf03/10dgHVLTQAmrNB5zRTaGmQ+freCld/P/5D1yqUdLCrUiQva3nAPWVN5u+9
OYNmxE0tlXtk5k7IKCiyqsRP6GFYSQCW040lTF9p7OMHAX/brBz4wxg8OpSVA9z6
WUTtWFQM5wSQZqIgyi4qh4z3EIWKLfgtf7LNqhKsU1/sToNrjGvp+UDs/ViK09Sh
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:13:58 2025 by rpki-client