Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa
File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json)
Hash identifier: O4I8aPz0mNwVu/+BfxeM+jBYftl55rm/HZsQgIrImok=
Subject key identifier: DE:91:54:EB:B2:71:6A:55:3E:68:EF:93:41:E7:69:D9:A7:81:84:8B
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 2834F34F506CA1E6D2DBE1940AE255EF3F8A7A76
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 122.248.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:34:f3:4f:50:6c:a1:e6:d2:db:e1:94:0a:e2:55:ef:3f:8a:7a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=f14b0aaa85431316a1a2386ecfc45781e56b8b6d1995e7bb04c3c4f81858cc69, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ec:24:87:e9:b7:fc:96:7d:d0:6b:70:77:8f:
00:1a:ff:08:69:b5:c3:e1:80:fb:c3:87:d9:68:3a:
d3:0a:5f:30:db:d1:a9:ca:1f:4a:b0:d0:92:47:e8:
3a:4c:79:c0:8e:0d:b6:58:66:06:9e:73:f2:81:d1:
85:e7:02:39:dd:fd:55:56:dd:77:25:29:0d:c5:75:
09:56:dd:24:bf:00:59:ea:f1:a1:7d:fc:38:7b:36:
89:22:a4:40:25:a5:33:02:b1:34:5a:58:24:50:ca:
93:0b:e6:ef:c1:40:e9:11:69:22:a5:e7:4c:5d:52:
91:0b:43:ce:d1:33:42:e4:26:84:42:56:8f:c0:f4:
08:0e:9c:bb:8f:b7:7e:2e:07:21:a6:43:54:e4:2f:
60:01:0d:b9:0b:5e:1b:f9:77:13:39:25:84:7b:e9:
01:7e:88:bf:5b:b2:a6:9b:fb:e7:c9:05:ab:89:89:
62:86:ee:fd:13:52:18:3a:a7:e5:2e:85:ef:a4:62:
9d:b9:8e:74:79:50:31:75:e0:f5:11:cb:9a:cd:24:
c2:5f:c3:2b:dc:ae:fa:1e:3b:3d:87:b6:ff:0d:58:
95:7e:19:c6:8b:3d:bb:79:f1:8b:e8:8f:45:e3:75:
2a:11:db:38:00:03:be:f3:4e:dd:99:74:55:c3:35:
c9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:91:54:EB:B2:71:6A:55:3E:68:EF:93:41:E7:69:D9:A7:81:84:8B
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.224.0/21
Signature Algorithm: sha256WithRSAEncryption
e0:0a:ae:6f:44:21:ea:f1:2c:c8:0c:d1:43:fa:78:e6:fd:34:
27:0b:db:5f:70:7b:2d:1f:a7:fd:2c:a8:5c:de:e8:17:e7:71:
d6:f1:68:0f:02:c5:92:8f:72:04:cc:b6:29:04:8a:7b:fe:63:
b4:e2:74:ef:12:b2:78:3f:7f:91:87:db:52:69:19:f0:3b:1f:
87:a8:34:bf:0a:6f:c1:ee:b3:06:5c:c9:55:0c:c9:94:19:fc:
5c:9e:81:b1:67:de:af:07:e7:64:c5:ac:7d:55:b1:03:94:0a:
a2:2a:95:88:0e:c2:e8:3f:45:85:b6:8f:6f:85:3b:a5:26:2f:
51:f9:57:89:59:af:b8:8d:8d:a2:98:9e:d3:57:a7:cd:49:4b:
de:cb:be:17:74:7b:13:a7:28:40:c4:1c:7f:5f:11:2e:ff:36:
3c:5d:9f:5b:e6:d6:5c:db:56:a0:a7:24:a9:69:59:f0:55:d1:
f7:5f:76:ad:66:4a:0b:6f:1b:44:bf:1b:e1:e5:0c:4f:d7:26:
25:d1:4b:b0:f4:55:cc:b8:99:8d:a3:3e:53:f9:b6:dc:5e:6e:
0a:10:a1:a4:5d:13:d0:b0:aa:6a:57:2a:e1:f0:43:16:fb:9d:
31:64:6f:c2:5b:65:be:ff:e9:6b:43:fe:2a:8b:2f:cd:e2:1f:
d6:dc:19:af
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUKDTzT1BsoebS2+GUCuJV7z+KenYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAZjE0YjBhYWE4NTQzMTMxNmExYTIz
ODZlY2ZjNDU3ODFlNTZiOGI2ZDE5OTVlN2JiMDRjM2M0ZjgxODU4Y2M2OTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuwkh+m3/JZ90Gtwd48AGv8IabXD
4YD7w4fZaDrTCl8w29Gpyh9KsNCSR+g6THnAjg22WGYGnnPygdGF5wI53f1VVt13
JSkNxXUJVt0kvwBZ6vGhffw4ezaJIqRAJaUzArE0WlgkUMqTC+bvwUDpEWkipedM
XVKRC0PO0TNC5CaEQlaPwPQIDpy7j7d+LgchpkNU5C9gAQ25C14b+XcTOSWEe+kB
foi/W7Kmm/vnyQWriYlihu79E1IYOqflLoXvpGKduY50eVAxdeD1EcuazSTCX8Mr
3K76Hjs9h7b/DViVfhnGiz27efGL6I9F43UqEds4AAO+807dmXRVwzXJlQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFN6RVOuycWpVPmjvk0HnadmngYSLMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQDgCq5vRCHq8SzIDNFD+njm
/TQnC9tfcHstH6f9LKhc3ugX53HW8WgPAsWSj3IEzLYpBIp7/mO04nTvErJ4P3+R
h9tSaRnwOx+HqDS/Cm/B7rMGXMlVDMmUGfxcnoGxZ96vB+dkxax9VbEDlAqiKpWI
DsLoP0WFto9vhTulJi9R+VeJWa+4jY2imJ7TV6fNSUvey74XdHsTpyhAxBx/XxEu
/zY8XZ9b5tZc21agpySpaVnwVdH3X3atZkoLbxtEvxvh5QxP1yYl0Uuw9FXMuJmN
oz5T+bbcXm4KEKGkXRPQsKpqVyrh8EMW+50xZG/CW2W+/+lrQ/4qiy/N4h/W3Bmv
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:15:06 2025 by rpki-client