Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa
File: d953b731-7921-47dd-abf3-b7b8cc367900.roa (raw, json)
Hash identifier: HVa+3GIXD/l3WQiPyqcBeblqnChcswswroI3BwnErVg=
Subject key identifier: 5E:F5:F7:25:BF:0B:A8:76:7D:BF:B4:52:01:87:52:2D:D7:EC:FC:4D
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 55173131E76C2A025FF54CF7734FEAEA0D86B2BA
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 122.248.192.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:17:31:31:e7:6c:2a:02:5f:f5:4c:f7:73:4f:ea:ea:0d:86:b2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=49ce70425e04edd9323137e25ee4932aaf5e4329a825f3cde937525d12be9b65, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2f:fb:c5:93:5c:87:54:07:66:fb:b3:a0:22:
78:d6:31:78:b3:6f:6d:49:f7:0d:8a:ae:e4:cd:c7:
74:d6:b6:ce:3d:c6:51:af:a3:df:7c:23:51:22:23:
93:cf:00:56:38:25:e1:61:bc:fe:09:89:27:81:08:
9e:44:71:6d:aa:79:92:0b:a3:49:ce:fa:b9:97:a3:
6b:a9:69:69:18:a8:d7:50:3e:95:6a:86:f9:86:2a:
e8:d5:3b:df:5b:50:b7:75:27:82:a5:9c:ed:eb:a5:
64:37:08:2e:a2:c5:b8:74:b0:bf:ea:8d:15:0c:ee:
7b:a8:e4:02:12:9f:77:ba:e7:85:2b:14:59:43:7d:
f7:39:fb:21:3d:3a:e2:41:b3:0f:82:86:ed:3c:fd:
22:90:ba:6a:c1:3f:07:ee:85:1d:f8:70:7a:28:5c:
ef:d7:cb:3e:75:3e:a0:86:19:49:3d:77:0a:87:2e:
df:ce:fa:41:28:1f:bd:72:9e:9d:75:5e:42:dc:92:
cd:88:65:56:0d:0d:00:6c:92:e6:d6:fd:d4:e1:92:
52:96:33:4a:ad:3a:1c:45:65:d2:f3:e8:1a:17:9c:
40:46:f3:7f:a5:5d:41:4d:c7:d5:bd:d2:02:c1:54:
c0:b3:96:d5:5e:ba:4c:75:15:3a:2a:b6:a1:57:34:
0c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F5:F7:25:BF:0B:A8:76:7D:BF:B4:52:01:87:52:2D:D7:EC:FC:4D
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
df:92:00:84:32:ae:1c:f0:84:c6:1a:7c:40:35:3c:3f:86:72:
d5:52:68:d2:9c:61:13:61:9a:40:9a:9c:23:ec:66:36:85:a9:
f1:6e:71:ba:3f:10:d2:a4:2d:a2:af:24:d5:03:84:39:dc:5d:
44:b3:76:1d:b2:80:f6:4b:0d:18:e3:05:af:6e:56:b0:21:d7:
89:cc:ad:3e:0c:2e:a6:b6:40:e0:44:71:41:53:72:cb:5b:d7:
e2:d6:44:f9:f6:31:5d:10:92:f1:be:74:99:b4:71:85:51:74:
8b:bc:5c:9a:7c:9f:86:6a:34:0c:e8:e5:f9:93:46:0c:e4:43:
68:f2:12:a6:04:e6:36:c2:32:4b:bc:2d:df:eb:01:90:43:45:
17:8f:e7:dd:7c:d7:d6:60:f5:9c:d0:41:a8:1d:7c:0e:c4:9b:
35:be:6c:bd:84:6a:cd:7a:ae:1b:fa:9a:60:39:7b:ef:5c:f5:
80:0f:e8:e5:82:b0:36:c0:57:c6:84:ba:2f:be:5b:e7:c9:bc:
59:f0:c6:85:3c:95:06:fb:72:f0:80:30:3c:b5:69:b1:12:1a:
bf:cd:d7:f5:e3:d9:fc:f9:d9:66:0f:01:55:20:37:58:62:08:
e2:ed:6f:e3:ed:94:a6:02:8f:a5:b1:31:61:24:1a:a8:b7:d6:
f5:f7:d9:d1
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUVRcxMedsKgJf9Uz3c0/q6g2GsrowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNANDljZTcwNDI1ZTA0ZWRkOTMyMzEz
N2UyNWVlNDkzMmFhZjVlNDMyOWE4MjVmM2NkZTkzNzUyNWQxMmJlOWI2NTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6C/7xZNch1QHZvuzoCJ41jF4s29t
SfcNiq7kzcd01rbOPcZRr6PffCNRIiOTzwBWOCXhYbz+CYkngQieRHFtqnmSC6NJ
zvq5l6NrqWlpGKjXUD6Vaob5hiro1TvfW1C3dSeCpZzt66VkNwguosW4dLC/6o0V
DO57qOQCEp93uueFKxRZQ333OfshPTriQbMPgobtPP0ikLpqwT8H7oUd+HB6KFzv
18s+dT6ghhlJPXcKhy7fzvpBKB+9cp6ddV5C3JLNiGVWDQ0AbJLm1v3U4ZJSljNK
rTocRWXS8+gaF5xARvN/pV1BTcfVvdICwVTAs5bVXrpMdRU6KrahVzQMnwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFF719yW/C6h2fb+0UgGHUi3X7PxNMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2Q5NTNiNzMxLTc5MjEtNDdkZC1hYmYzLWI3YjhjYzM2NzkwMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQDfkgCEMq4c8ITGGnxANTw/
hnLVUmjSnGETYZpAmpwj7GY2hanxbnG6PxDSpC2iryTVA4Q53F1Es3YdsoD2Sw0Y
4wWvblawIdeJzK0+DC6mtkDgRHFBU3LLW9fi1kT59jFdEJLxvnSZtHGFUXSLvFya
fJ+GajQM6OX5k0YM5ENo8hKmBOY2wjJLvC3f6wGQQ0UXj+fdfNfWYPWc0EGoHXwO
xJs1vmy9hGrNeq4b+ppgOXvvXPWAD+jlgrA2wFfGhLovvlvnybxZ8MaFPJUG+3Lw
gDA8tWmxEhq/zdf149n8+dlmDwFVIDdYYgji7W/j7ZSmAo+lsTFhJBqot9b199nR
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:43:41 2025 by rpki-client