Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa
File: 43fd8687-12d4-49b5-9958-8536ce8160b4.roa (raw, json)
Hash identifier: VuQGcwYD+6jy9W3sPAkTkXlQsywrVXm/fsA3IhuatAM=
Subject key identifier: BB:18:F1:2B:C5:6E:7F:0B:78:D6:B5:1A:FF:3E:AE:F3:C3:79:A0:FC
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 34860AA840AC51C527B3A97C05FA6BCFF00B243D
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.160.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:86:0a:a8:40:ac:51:c5:27:b3:a9:7c:05:fa:6b:cf:f0:0b:24:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=050e979022d3a2c2f17da16a4199a577422da78821262af643106d8d4f12308b, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b2:a8:c3:a8:5d:00:ee:60:af:77:62:f0:60:
ab:61:33:40:d5:57:5a:3f:76:ec:b5:74:c0:c5:09:
73:0c:f0:a9:84:38:c2:7b:f9:f3:e9:15:cb:57:08:
03:84:d9:56:b6:9e:2d:19:d8:6b:5a:6a:a6:e0:49:
b6:0c:10:93:1b:d6:42:17:98:f5:4c:33:e0:3c:4d:
21:7b:f7:fe:a0:af:a6:42:8d:6c:63:4f:46:3e:1a:
4f:44:e7:86:2b:4c:05:a5:2d:88:53:13:e3:77:ce:
ba:4b:ed:73:57:ce:8d:3c:6a:65:24:cd:31:41:3a:
89:0e:55:69:b3:d8:1f:40:2f:4d:b0:51:65:28:01:
18:8c:f5:a3:19:1e:54:dc:e7:c7:cd:8f:5c:e9:c9:
9e:98:64:b8:fc:68:0c:0a:17:62:bc:6b:b0:eb:87:
aa:1f:b6:0f:ed:bf:87:b9:ad:57:93:b6:8c:2c:07:
2c:59:8b:8a:4c:2c:50:ef:5d:bf:11:c6:7a:80:c5:
ed:5f:b6:68:9f:dd:f6:6a:93:48:62:c1:58:b0:0b:
35:bb:c4:70:aa:5c:4b:2e:83:eb:22:17:7b:ef:e1:
36:c9:4c:21:d6:4d:02:01:74:62:96:f7:c4:a3:33:
e1:d8:fc:42:ee:13:7c:3a:e3:85:9d:cf:e8:1c:a6:
b5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:18:F1:2B:C5:6E:7F:0B:78:D6:B5:1A:FF:3E:AE:F3:C3:79:A0:FC
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.160.0/19
Signature Algorithm: sha256WithRSAEncryption
19:f2:2b:e2:ce:0e:93:da:0d:f1:cb:d5:b7:29:7e:8f:bc:92:
dc:11:31:6f:61:9f:6b:b7:17:7f:1f:99:2b:86:a4:d4:0f:df:
e2:fb:b8:36:46:c6:40:66:25:29:e9:61:8a:4e:28:75:c7:a1:
0a:fe:f4:c6:fa:0c:e9:63:ec:3a:3c:8b:98:97:12:5f:b0:06:
a8:bc:e7:6d:b9:45:0a:97:bc:aa:e1:42:99:4b:af:de:63:75:
16:b6:70:9b:ce:aa:05:e0:9a:93:4b:3e:12:25:d9:f9:f1:97:
77:4d:66:da:47:64:ca:f6:d1:6e:44:ff:5b:be:9d:46:31:9b:
30:6d:40:35:e4:8a:54:4f:02:d6:b2:62:5f:da:c5:ba:1c:72:
b2:af:84:77:14:a8:60:5f:79:fa:e4:df:b9:5d:d2:f9:fc:b5:
8a:17:c4:96:a6:ae:cc:b0:36:65:67:b2:90:36:96:f5:9e:c5:
68:a4:df:ea:a4:67:53:1b:3a:6b:f0:91:8e:55:8f:6b:69:81:
e0:d9:0b:18:9b:a9:3b:e5:34:83:41:78:fe:6b:d4:0b:8c:40:
46:b5:70:93:4c:30:b8:dc:09:10:8d:c2:42:0e:5e:5a:b4:78:
0c:87:a7:de:c6:e1:af:01:0d:fe:25:5e:f6:f4:e2:b7:fc:4d:
53:5a:98:30
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUNIYKqECsUcUns6l8Bfprz/ALJD0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAMDUwZTk3OTAyMmQzYTJjMmYxN2Rh
MTZhNDE5OWE1Nzc0MjJkYTc4ODIxMjYyYWY2NDMxMDZkOGQ0ZjEyMzA4YjEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubKow6hdAO5gr3di8GCrYTNA1Vda
P3bstXTAxQlzDPCphDjCe/nz6RXLVwgDhNlWtp4tGdhrWmqm4Em2DBCTG9ZCF5j1
TDPgPE0he/f+oK+mQo1sY09GPhpPROeGK0wFpS2IUxPjd866S+1zV86NPGplJM0x
QTqJDlVps9gfQC9NsFFlKAEYjPWjGR5U3OfHzY9c6cmemGS4/GgMChdivGuw64eq
H7YP7b+Hua1Xk7aMLAcsWYuKTCxQ712/EcZ6gMXtX7Zon932apNIYsFYsAs1u8Rw
qlxLLoPrIhd77+E2yUwh1k0CAXRilvfEozPh2PxC7hN8OuOFnc/oHKa1mwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLsY8SvFbn8LeNa1Gv8+rvPDeaD8MB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzQzZmQ4Njg3LTEyZDQtNDliNS05OTU4LTg1MzZjZTgxNjBiNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQFrymgMA0GCSqGSIb3DQEBCwUAA4IBAQAZ8ivizg6T2g3xy9W3KX6P
vJLcETFvYZ9rtxd/H5krhqTUD9/i+7g2RsZAZiUp6WGKTih1x6EK/vTG+gzpY+w6
PIuYlxJfsAaovOdtuUUKl7yq4UKZS6/eY3UWtnCbzqoF4JqTSz4SJdn58Zd3TWba
R2TK9tFuRP9bvp1GMZswbUA15IpUTwLWsmJf2sW6HHKyr4R3FKhgX3n65N+5XdL5
/LWKF8SWpq7MsDZlZ7KQNpb1nsVopN/qpGdTGzpr8JGOVY9raYHg2QsYm6k75TSD
QXj+a9QLjEBGtXCTTDC43AkQjcJCDl5atHgMh6fexuGvAQ3+JV729OK3/E1TWpgw
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:38:13 2025 by rpki-client