Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa
File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json)
Hash identifier: 4ySp1svFhCkdpOI6sirVxL1DbXa3WnzoSfwDJqHAFvg=
Subject key identifier: 36:02:89:46:CB:06:A0:89:2A:44:D6:94:CC:A7:37:67:5F:04:26:BF
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 2F4DB76FFB681B0EA9165CAE731012970A2446A1
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.250.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:4d:b7:6f:fb:68:1b:0e:a9:16:5c:ae:73:10:12:97:0a:24:46:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=106fe2c4b81f9bcb6ae2e8d16867a7e6b4089cfeec6d3c245bd65e3df1400d7a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6f:18:02:f5:d5:40:ee:d7:1f:7e:6c:1b:c6:
ae:96:2d:13:02:b6:43:08:de:a6:25:6f:c0:18:c9:
61:80:cf:5d:82:36:94:c9:ef:40:49:e9:21:5c:ba:
15:7f:06:96:a2:b5:9d:66:0e:bb:fe:bd:1c:54:2c:
1d:b5:40:60:a5:2e:fc:bb:15:65:87:3b:b5:0d:1c:
39:c5:fb:be:0a:18:49:77:45:3e:cd:15:53:ce:e6:
c9:38:f3:50:ec:de:e0:e3:75:36:08:3b:cd:6c:a8:
26:e6:b6:9e:fd:37:1d:dc:57:af:7f:32:ab:9c:a3:
87:c4:0e:35:4e:98:95:87:51:04:95:fd:4e:c3:84:
33:af:92:e5:18:40:38:e5:f7:ac:6d:fa:5c:86:f6:
cd:cb:96:3e:5f:8e:a8:87:91:0a:b5:ba:1e:3f:bf:
5b:0e:34:39:7f:9d:e1:b1:c2:71:5e:a0:e2:e8:16:
85:1f:e7:f0:37:ea:74:6b:3b:14:5f:7d:ba:2b:6f:
75:a0:a9:28:a8:ba:e3:4e:59:7f:f8:24:60:64:bc:
08:c7:f7:9f:3a:39:da:bb:43:60:9f:ef:d5:ef:69:
d3:e2:f6:68:ca:08:be:bf:b3:2b:00:a9:13:ac:4e:
67:a0:e9:d9:5b:bc:c1:68:2c:46:05:71:20:7d:0b:
c7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:02:89:46:CB:06:A0:89:2A:44:D6:94:CC:A7:37:67:5F:04:26:BF
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
ea:ac:b6:fc:a6:db:9b:bd:01:3b:10:31:78:21:7e:4a:16:d4:
bc:66:58:f1:d4:b2:58:3c:ae:9f:a3:85:70:90:4e:89:12:3f:
81:4b:e8:5c:d9:2a:60:78:b7:cc:9e:31:02:e5:16:82:5b:97:
f0:0c:a5:c4:26:27:4c:98:fa:7e:60:7e:ae:b2:c3:1e:69:21:
c0:1c:b2:20:6a:cb:d1:19:f6:50:3e:45:30:ee:85:27:05:51:
ad:38:f8:9e:4c:86:11:4f:8b:4c:ec:53:42:15:27:02:e3:ab:
93:07:56:64:93:fc:5d:83:2c:7b:61:65:6c:d9:da:7f:67:4d:
2e:d2:19:b1:60:6e:01:a1:a8:fe:3c:d6:20:a6:c7:f9:4b:d0:
75:82:d3:f8:d4:e2:7e:a8:2b:33:f5:e6:26:2c:5a:53:8a:31:
c6:d1:93:65:4e:1e:65:97:06:70:d0:d8:26:a9:ec:1d:16:d0:
26:9e:34:0d:b1:77:07:98:a0:01:fb:0f:17:ec:38:bc:b4:a9:
16:a6:97:c3:76:18:ca:bb:90:52:e0:fc:fa:cd:66:ea:28:6c:
74:01:39:6d:a4:df:08:a4:66:df:77:05:70:39:ec:cd:47:37:
ec:87:70:75:81:93:87:30:0b:bc:1e:c7:7b:f6:dc:97:60:e6:
af:0f:69:5d
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUL023b/toGw6pFlyucxASlwokRqEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTA2ZmUyYzRiODFmOWJjYjZhZTJl
OGQxNjg2N2E3ZTZiNDA4OWNmZWVjNmQzYzI0NWJkNjVlM2RmMTQwMGQ3YTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA228YAvXVQO7XH35sG8auli0TArZD
CN6mJW/AGMlhgM9dgjaUye9ASekhXLoVfwaWorWdZg67/r0cVCwdtUBgpS78uxVl
hzu1DRw5xfu+ChhJd0U+zRVTzubJOPNQ7N7g43U2CDvNbKgm5rae/Tcd3FevfzKr
nKOHxA41TpiVh1EElf1Ow4Qzr5LlGEA45fesbfpchvbNy5Y+X46oh5EKtboeP79b
DjQ5f53hscJxXqDi6BaFH+fwN+p0azsUX326K291oKkoqLrjTll/+CRgZLwIx/ef
Ojnau0Ngn+/V72nT4vZoygi+v7MrAKkTrE5noOnZW7zBaCxGBXEgfQvHgQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDYCiUbLBqCJKkTWlMynN2dfBCa/MB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQDqrLb8ptubvQE7EDF4IX5K
FtS8Zljx1LJYPK6fo4VwkE6JEj+BS+hc2SpgeLfMnjEC5RaCW5fwDKXEJidMmPp+
YH6ussMeaSHAHLIgasvRGfZQPkUw7oUnBVGtOPieTIYRT4tM7FNCFScC46uTB1Zk
k/xdgyx7YWVs2dp/Z00u0hmxYG4Boaj+PNYgpsf5S9B1gtP41OJ+qCsz9eYmLFpT
ijHG0ZNlTh5llwZw0NgmqewdFtAmnjQNsXcHmKAB+w8X7Di8tKkWppfDdhjKu5BS
4Pz6zWbqKGx0ATltpN8IpGbfdwVwOezNRzfsh3B1gZOHMAu8Hsd79tyXYOavD2ld
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:25 2025 by rpki-client