Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa
File: 0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa (raw, json)
Hash identifier: s1gPhizn7eV/fmj1xV3qOSBGX9k6QvdcH++BEkf1bQU=
Subject key identifier: 77:8F:F5:EC:F8:B7:A6:0C:DA:34:86:64:D2:96:E1:14:15:AA:7E:B3
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 3EE8E28D7FEBA056D45268F6DF49C337176FEF99
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.232.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:e8:e2:8d:7f:eb:a0:56:d4:52:68:f6:df:49:c3:37:17:6f:ef:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=9b7acd25f8f27f82d6b3658fefc017a38497d30dbc795a67aa278a2732f87ab3, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:09:28:ee:0a:f8:ee:99:61:da:43:a6:c3:02:
af:18:d4:cb:95:60:be:f9:3e:63:7c:3f:f9:28:9c:
03:43:9b:48:6e:bf:84:52:ca:cb:70:f7:8a:c1:9a:
c3:86:46:b4:9b:dd:6e:ee:fd:be:be:f4:2c:ff:0a:
a8:70:56:43:aa:6a:5c:eb:74:b3:10:39:06:88:e8:
4b:58:85:f5:68:ac:e4:de:a9:28:29:e1:a8:4a:36:
b6:eb:3a:c0:1d:9e:f4:66:57:c9:39:5b:ec:84:e4:
f3:99:8f:e0:ad:68:74:14:51:01:d4:0f:df:cf:e6:
0d:a9:69:b4:02:98:2c:a5:69:b9:e0:e1:68:49:30:
a9:2d:1e:7d:78:b8:66:0c:81:7a:a0:d0:08:39:cd:
cd:b3:d1:f9:51:1c:a1:80:a7:9c:f5:8b:4b:43:6f:
9e:30:9b:7e:7a:3c:6f:5c:75:64:4f:62:ac:c6:64:
78:ae:44:55:3c:47:82:89:dd:1c:5a:95:aa:7d:42:
94:48:3d:b1:89:31:1a:33:41:5f:d0:95:dd:c2:05:
4b:61:4d:95:5d:2c:e6:73:09:c9:bf:6b:de:a7:07:
fd:cc:69:77:f4:6b:20:0b:20:ce:2c:0f:0b:f7:3f:
1d:7b:dc:fe:42:fa:cb:fa:fb:92:ae:f5:a7:88:ae:
ab:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8F:F5:EC:F8:B7:A6:0C:DA:34:86:64:D2:96:E1:14:15:AA:7E:B3
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.232.0/22
Signature Algorithm: sha256WithRSAEncryption
56:de:d6:bf:41:e1:7d:02:f6:8b:7a:83:3e:25:81:63:88:38:
70:59:85:9b:6d:2a:06:34:d5:82:21:21:6b:e7:e1:47:de:94:
37:dd:34:d1:f2:2a:07:19:f8:2d:61:2c:99:77:03:67:79:50:
17:56:11:4c:36:1c:05:3c:aa:28:52:fb:60:5c:3c:e9:62:8c:
cf:c6:90:0a:4b:bc:b7:8d:64:b9:50:50:c5:f3:49:77:c8:90:
cd:7e:3d:15:20:35:09:be:22:0e:93:67:8d:a4:64:10:ee:3f:
bb:91:22:a0:33:f5:8e:72:88:1f:e3:40:ae:4e:42:c5:a6:dd:
92:02:f0:d7:cd:1e:7e:27:fb:3f:21:38:3e:1f:5f:21:66:a0:
56:06:3c:74:02:4c:b1:fd:9a:22:0d:5e:86:9a:8a:a5:62:9f:
4d:b6:71:bd:e4:a0:b8:0b:e6:13:da:51:60:72:4b:ae:86:64:
8e:fe:e7:5a:22:95:50:eb:57:2f:74:da:6e:74:ec:c5:f7:fe:
08:1f:08:6f:f1:4a:fa:19:31:03:f4:86:8a:33:4e:1c:4f:e3:
16:4d:5c:c7:31:43:c7:e4:bf:7f:86:bb:2f:26:a0:1d:fa:a8:
2f:e2:0e:a8:1d:5c:06:3d:ef:81:8c:bf:68:12:5e:29:7a:bb:
d9:3b:e2:3b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUPujijX/roFbUUmj230nDNxdv75kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAOWI3YWNkMjVmOGYyN2Y4MmQ2YjM2
NThmZWZjMDE3YTM4NDk3ZDMwZGJjNzk1YTY3YWEyNzhhMjczMmY4N2FiMzEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQko7gr47plh2kOmwwKvGNTLlWC+
+T5jfD/5KJwDQ5tIbr+EUsrLcPeKwZrDhka0m91u7v2+vvQs/wqocFZDqmpc63Sz
EDkGiOhLWIX1aKzk3qkoKeGoSja26zrAHZ70ZlfJOVvshOTzmY/grWh0FFEB1A/f
z+YNqWm0ApgspWm54OFoSTCpLR59eLhmDIF6oNAIOc3Ns9H5URyhgKec9YtLQ2+e
MJt+ejxvXHVkT2KsxmR4rkRVPEeCid0cWpWqfUKUSD2xiTEaM0Ff0JXdwgVLYU2V
XSzmcwnJv2vepwf9zGl39GsgCyDOLA8L9z8de9z+QvrL+vuSrvWniK6rgwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHeP9ez4t6YM2jSGZNKW4RQVqn6zMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzBjNWM1NGZmLWY5NzctNGI5Ni04Y2U5LWExZWFmMDgyZmU5Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCrynoMA0GCSqGSIb3DQEBCwUAA4IBAQBW3ta/QeF9AvaLeoM+JYFj
iDhwWYWbbSoGNNWCISFr5+FH3pQ33TTR8ioHGfgtYSyZdwNneVAXVhFMNhwFPKoo
UvtgXDzpYozPxpAKS7y3jWS5UFDF80l3yJDNfj0VIDUJviIOk2eNpGQQ7j+7kSKg
M/WOcogf40CuTkLFpt2SAvDXzR5+J/s/ITg+H18hZqBWBjx0Akyx/ZoiDV6Gmoql
Yp9NtnG95KC4C+YT2lFgckuuhmSO/udaIpVQ61cvdNpudOzF9/4IHwhv8Ur6GTED
9IaKM04cT+MWTVzHMUPH5L9/hrsvJqAd+qgv4g6oHVwGPe+BjL9oEl4pervZO+I7
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:29:42 2025 by rpki-client