Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/6b15abb6-10b7-4ecd-9947-c96012f824c6.roa
File: 6b15abb6-10b7-4ecd-9947-c96012f824c6.roa (raw, json)
Hash identifier: 8h1Hp/7XiPO7CEP6OPkSbox86MFWNhgtlK/cu5cxKr4=
Subject key identifier: 45:64:EA:8E:88:DA:84:95:8C:CC:67:2F:65:8A:15:A3:35:B1:9F:B5
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 2D7A9CEE10BC1DC8700987A6715DD7A5988F650B
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/6b15abb6-10b7-4ecd-9947-c96012f824c6.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:7a:9c:ee:10:bc:1d:c8:70:09:87:a6:71:5d:d7:a5:98:8f:65:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=655acfa1f6350aee4705748dad28ff0da7be030527908c9e675943e10ac15293, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:e2:a8:b8:5c:ee:33:7a:f3:8e:58:f1:4b:
a4:ac:9c:39:e0:a2:98:47:ab:ee:3f:91:4d:42:68:
45:3a:97:2a:26:12:aa:e0:b7:82:d2:08:e5:85:84:
ef:a8:11:02:ef:b8:30:be:18:c4:f5:a8:86:f3:ed:
a7:df:83:61:f0:bb:73:2f:a5:09:0b:89:80:7f:9d:
86:9f:89:8c:39:34:cc:d7:b2:3a:61:94:80:56:09:
d1:d0:ef:bd:35:68:21:ce:32:da:1c:8c:ee:93:55:
f0:17:27:4a:3d:e7:b4:ad:c2:1f:17:ae:4c:d2:c2:
18:ac:e0:5e:75:00:b4:6d:a9:ae:9a:12:ee:5e:e8:
f0:d0:48:39:87:da:ec:7d:a3:e1:73:70:9e:f9:e2:
7c:cf:35:14:c0:33:a1:26:78:d2:50:c8:65:98:15:
61:4a:d0:60:d1:96:d8:90:71:a8:7a:c4:96:6b:26:
ac:0a:b0:86:d3:a1:07:82:37:e3:78:7a:ad:b1:df:
c1:0a:15:06:50:60:0d:a9:9d:66:26:84:0a:43:db:
48:2c:04:79:e6:55:01:5a:d9:4e:79:a3:e6:ed:b7:
84:ca:42:52:0e:dd:eb:5a:31:70:a2:13:a2:80:89:
d3:08:05:04:bd:ca:25:10:0e:cf:63:6a:be:23:b4:
d4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:64:EA:8E:88:DA:84:95:8C:CC:67:2F:65:8A:15:A3:35:B1:9F:B5
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/6b15abb6-10b7-4ecd-9947-c96012f824c6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.132.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:0f:b4:39:83:17:d7:08:85:7d:22:40:60:99:4f:62:e5:2a:
aa:93:96:95:55:6e:22:9b:5f:a8:79:c0:3b:ba:52:9a:b2:f9:
53:12:ec:c7:7c:19:ee:0e:ce:8e:12:78:48:29:d5:f9:00:ef:
95:42:b0:d7:1e:4c:29:01:67:09:40:3c:e9:25:fb:aa:cd:eb:
98:42:80:c2:44:e1:d6:e6:f6:e5:1a:df:68:c8:f8:c7:04:e5:
4a:4c:23:23:6a:d7:78:4b:13:56:ee:76:ed:3a:ba:f5:b5:76:
7c:b5:17:78:5f:26:4a:df:e2:94:49:4a:4d:10:64:b0:85:aa:
3c:f0:dc:2d:c5:32:a8:b9:d7:e7:be:74:d5:dd:64:22:67:c2:
4b:79:d7:a1:63:ba:25:ff:41:38:fc:22:53:b3:d0:90:c8:14:
70:65:bd:9f:65:18:95:a8:05:77:4b:87:74:f5:1e:2d:35:4f:
9f:c2:37:c3:0d:00:55:92:7c:41:4b:2c:52:ba:fb:0d:e2:96:
8f:ee:94:bb:63:64:30:bb:0f:d7:bb:a1:20:3f:e5:e3:73:53:
f1:71:89:79:1b:92:16:ce:37:1a:21:3a:84:4a:d6:1c:ce:26:
43:50:e4:bc:2e:21:d2:cd:98:4c:2c:87:ee:47:31:5a:9c:0d:
7f:6f:ea:5a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIULXqc7hC8HchwCYemcV3XpZiPZQswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNANjU1YWNmYTFmNjM1MGFlZTQ3MDU3
NDhkYWQyOGZmMGRhN2JlMDMwNTI3OTA4YzllNjc1OTQzZTEwYWMxNTI5MzEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz7iqLhc7jN6845Y8UukrJw54KKY
R6vuP5FNQmhFOpcqJhKq4LeC0gjlhYTvqBEC77gwvhjE9aiG8+2n34Nh8LtzL6UJ
C4mAf52Gn4mMOTTM17I6YZSAVgnR0O+9NWghzjLaHIzuk1XwFydKPee0rcIfF65M
0sIYrOBedQC0bamumhLuXujw0Eg5h9rsfaPhc3Ce+eJ8zzUUwDOhJnjSUMhlmBVh
StBg0ZbYkHGoesSWayasCrCG06EHgjfjeHqtsd/BChUGUGANqZ1mJoQKQ9tILAR5
5lUBWtlOeaPm7beEykJSDt3rWjFwohOigInTCAUEvcolEA7PY2q+I7TUiQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEVk6o6I2oSVjMxnL2WKFaM1sZ+1MB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzZiMTVhYmI2LTEwYjctNGVjZC05OTQ3LWM5NjAxMmY4MjRjNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCrymEMA0GCSqGSIb3DQEBCwUAA4IBAQBqD7Q5gxfXCIV9IkBgmU9i
5Sqqk5aVVW4im1+oecA7ulKasvlTEuzHfBnuDs6OEnhIKdX5AO+VQrDXHkwpAWcJ
QDzpJfuqzeuYQoDCROHW5vblGt9oyPjHBOVKTCMjatd4SxNW7nbtOrr1tXZ8tRd4
XyZK3+KUSUpNEGSwhao88NwtxTKoudfnvnTV3WQiZ8JLedehY7ol/0E4/CJTs9CQ
yBRwZb2fZRiVqAV3S4d09R4tNU+fwjfDDQBVknxBSyxSuvsN4paP7pS7Y2Qwuw/X
u6EgP+Xjc1PxcYl5G5IWzjcaITqEStYcziZDUOS8LiHSzZhMLIfuRzFanA1/b+pa
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:18 2025 by rpki-client