Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa
File: 1dffeac8-b779-49ef-ba27-58bc19891e60.roa (raw, json)
Hash identifier: 3lXT6hs0oYXp5hbA9/qR5XY3jr1zOFTNp6Qy5cGsDv4=
Subject key identifier: 11:B1:07:94:54:DA:F5:AA:F0:07:CD:0B:24:3F:B7:BE:F3:3E:EA:4D
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 21E65CDA4213BD1C37A739FFCD249F21221A18
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e6:5c:da:42:13:bd:1c:37:a7:39:ff:cd:24:9f:21:22:1a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=198904783a4baea7e84ac1a02e436ad6e0c824ba3e1c8e0241badddee26ecfad, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4e:78:cd:69:f1:b1:48:8a:7c:85:41:8f:57:
79:06:e4:35:aa:4f:0b:db:a0:3c:1c:c1:dd:45:de:
55:d5:d3:b5:45:73:b4:4e:cd:34:c3:c7:3b:43:1c:
47:74:e8:c3:5f:5c:27:33:79:d3:44:1f:26:d6:94:
66:91:32:5e:36:0b:57:69:5d:81:b1:b6:ea:41:9c:
ce:a6:c9:d5:75:a2:26:de:70:27:52:37:0b:0c:a7:
c0:35:cb:1f:ee:5c:d6:0a:68:72:64:8a:4f:05:fa:
fd:b6:07:06:61:18:a5:86:43:de:43:e5:c5:7f:af:
f9:8b:90:95:eb:28:a6:a9:e0:c6:61:8c:8c:27:14:
7f:f3:5b:4d:04:f1:2b:c9:4e:6d:36:93:c1:c1:71:
23:aa:d1:66:37:3f:98:21:dd:eb:1d:97:f1:25:96:
d3:9c:63:a1:14:0c:2a:59:5a:26:27:df:61:a1:23:
98:5c:13:5a:02:64:c0:38:e1:b7:97:9f:4f:1f:c4:
4d:ed:2e:43:3a:c3:8e:c9:a3:88:83:e6:fc:81:c6:
f6:f5:7a:e0:a8:ee:52:99:9b:38:0f:c7:9b:b2:3a:
5f:3f:6f:cd:aa:04:e2:d1:15:44:8c:91:d5:d9:b4:
83:23:90:99:1c:c9:85:7c:19:5a:a0:75:28:72:66:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B1:07:94:54:DA:F5:AA:F0:07:CD:0B:24:3F:B7:BE:F3:3E:EA:4D
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.144.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:e3:3a:0d:a3:45:b7:61:f3:cb:62:e9:ad:5b:50:94:8b:27:
d8:42:cd:aa:8c:44:53:9d:32:5f:5e:4d:36:fe:93:d7:1c:f4:
fc:0c:ec:af:7d:b5:00:68:ce:78:ad:00:94:91:fd:5e:8a:75:
f9:d6:aa:0a:fb:b6:a1:83:40:f3:84:64:b0:00:97:0a:91:0f:
62:8c:21:8f:58:c5:f6:09:9f:93:87:8e:69:1a:fe:fe:a9:90:
47:3c:a7:6c:90:cf:9b:6f:64:e9:58:c0:65:df:ed:43:d5:3e:
5f:e6:50:36:32:11:5b:83:64:ec:d9:1a:c7:1c:8a:26:d3:e3:
ac:e5:30:a2:72:5d:f7:e3:1a:64:4a:1b:cc:9a:b4:49:a8:9d:
6f:2f:e0:43:63:28:28:b7:4a:1c:53:97:61:5f:2c:fc:bc:71:
39:85:aa:e1:15:42:32:86:c1:d1:f7:b1:f8:18:dd:c5:55:97:
65:13:2a:1a:0c:43:27:06:a5:83:19:be:21:a6:b3:3a:04:d7:
e7:6b:fc:a0:f5:15:6b:75:11:49:57:98:d0:af:10:b6:d7:4f:
75:4c:82:dc:6b:78:9a:da:9e:ad:2f:78:c3:46:77:f4:3b:d5:
a5:dc:71:d3:78:54:cd:15:55:ff:b6:ea:05:67:d7:b5:e7:10:
25:c8:df:00
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgITIeZc2kITvRw3pzn/zSSfISIaGDANBgkqhkiG9w0BAQsF
ADBKMRUwEwYDVQQDEwxBOTE2MDkwNDAwMDExMTAvBgNVBAUTKEJDRTlCQTExMjky
Rjg0NzUxMkMwQTg0MTJFNTFFNkUzQkEwRDk5MUQwHhcNMjUwMTEzMDAwMDAwWhcN
MjUwMjE3MjM1OTU5WjB6MUkwRwYDVQQFE0AxOTg5MDQ3ODNhNGJhZWE3ZTg0YWMx
YTAyZTQzNmFkNmUwYzgyNGJhM2UxYzhlMDI0MWJhZGRkZWUyNmVjZmFkMS0wKwYD
VQQDEyQxNjg0MTExZS0zMWMxLTQyZTYtOGYyMC1mYzlhYjhiNWNmNTcwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDATnjNafGxSIp8hUGPV3kG5DWqTwvb
oDwcwd1F3lXV07VFc7ROzTTDxztDHEd06MNfXCczedNEHybWlGaRMl42C1dpXYGx
tupBnM6mydV1oibecCdSNwsMp8A1yx/uXNYKaHJkik8F+v22BwZhGKWGQ95D5cV/
r/mLkJXrKKap4MZhjIwnFH/zW00E8SvJTm02k8HBcSOq0WY3P5gh3esdl/ElltOc
Y6EUDCpZWiYn32GhI5hcE1oCZMA44beXn08fxE3tLkM6w47Jo4iD5vyBxvb1euCo
7lKZmzgPx5uyOl8/b82qBOLRFUSMkdXZtIMjkJkcyYV8GVqgdShyZpBDAgMBAAGj
ggJIMIICRDAdBgNVHQ4EFgQUEbEHlFTa9arwB80LJD+3vvM+6k0wHwYDVR0jBBgw
FoAUvOm6ESkvhHUSwKhBLlHm47oNmR0wDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF
BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv
c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3ZPbTZFU2t2
aEhVU3dLaEJMbEhtNDdvTm1SMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2Yjk2ODEzZTQv
MWRmZmVhYzgtYjc3OS00OWVmLWJhMjctNThiYzE5ODkxZTYwLnJvYTCBlQYDVR0f
BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt
YXpvbmF3cy5jb20vdm9sdW1lL2JkNDhhMWZhLTM0NzEtNGFiMi04NTA4LWFkMzZi
OTY4MTNlNC8yMjBjZWUwYy02MDAyLTQwOWEtODE5NC0zOGUyMTZjMDA5NmMuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAKvKZAwDQYJKoZIhvcNAQELBQADggEBALbjOg2jRbdh88ti6a1bUJSL
J9hCzaqMRFOdMl9eTTb+k9cc9PwM7K99tQBoznitAJSR/V6KdfnWqgr7tqGDQPOE
ZLAAlwqRD2KMIY9YxfYJn5OHjmka/v6pkEc8p2yQz5tvZOlYwGXf7UPVPl/mUDYy
EVuDZOzZGscciibT46zlMKJyXffjGmRKG8yatEmonW8v4ENjKCi3ShxTl2FfLPy8
cTmFquEVQjKGwdH3sfgY3cVVl2UTKhoMQycGpYMZviGmszoE1+dr/KD1FWt1EUlX
mNCvELbXT3VMgtxreJranq0veMNGd/Q71aXccdN4VM0VVf+26gVn17XnECXI3wA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:18 2025 by rpki-client