Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa
File: 48a67156-122e-41d4-a2a8-8046cc5ecc41.roa (raw, json)
Hash identifier: WZ6WNeOFJM2d9I/Izrt5YCJwJxikAg3HQ5NqonCBB+o=
Subject key identifier: 92:EA:50:33:71:71:82:91:E7:FA:3D:88:C7:F0:EB:5A:78:50:56:EF
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 16539B2194B13DB31EFA81DBDEBF91D6C5C00700
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.238.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:53:9b:21:94:b1:3d:b3:1e:fa:81:db:de:bf:91:d6:c5:c0:07:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=dc6058e26eafdf24f0de2a180c97e4d2751b3d4d0f579d9d093d33308c03a331, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:0f:97:c3:e0:56:d6:29:54:d0:20:0f:ca:
36:1d:65:08:86:a4:72:4a:f0:19:c0:a9:fb:61:4b:
6f:7d:b7:91:c6:9b:c7:6e:d3:23:a7:f0:d3:b9:0b:
a3:5e:f5:03:f1:a6:bd:81:06:04:bb:f5:0e:df:37:
e7:13:4e:58:fc:a2:73:7d:34:64:94:49:d6:6a:69:
c3:e6:7f:5e:e9:df:b8:9a:bc:e7:d0:50:e0:8f:c7:
44:02:f3:a0:b3:75:05:61:ab:58:91:a6:4a:38:f5:
51:73:89:ce:29:b1:c1:18:dd:f2:1f:8b:92:92:03:
16:6c:4c:01:fb:2a:83:a4:1d:72:f7:ec:9e:10:b5:
5c:9f:6e:ba:05:00:34:0e:37:6f:07:9a:c3:d8:49:
50:e4:43:a8:71:a5:ea:fc:cd:bb:83:78:d2:9f:0e:
66:3d:be:6d:2f:0e:21:bb:95:0f:bc:f1:e0:e5:88:
64:f2:36:da:19:de:ba:ca:6e:fa:e5:6a:48:c3:fd:
c1:d1:3f:1c:bb:c3:3c:ec:8c:31:8e:71:73:90:27:
ba:6d:fc:89:d3:bf:22:49:ea:62:c3:9b:77:43:fc:
16:62:d4:9a:8f:3f:f0:56:cc:1b:20:c8:a9:ee:b2:
3f:a9:c9:83:41:2f:47:a8:3e:bf:bb:fb:4f:f8:63:
03:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EA:50:33:71:71:82:91:E7:FA:3D:88:C7:F0:EB:5A:78:50:56:EF
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.238.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:26:d6:10:90:63:5a:70:b7:4e:88:45:59:35:45:1d:45:72:
ba:51:7f:69:39:ae:b7:c9:1e:bf:b9:4b:e1:37:b3:b4:0a:c9:
19:e6:46:cf:a3:08:9d:da:fd:04:6b:4f:23:bc:c1:a2:c8:46:
7b:fb:fd:5a:82:a0:16:00:c6:9b:a8:3c:e3:90:37:6f:23:53:
03:bf:6a:27:af:a9:16:ed:26:f0:a6:19:bf:3f:9d:8e:5b:36:
a7:ab:4f:2f:13:21:7a:d2:b4:01:28:8d:5a:d8:51:ca:8e:26:
d2:e2:85:ad:d5:b1:41:0d:04:b0:1f:15:16:d2:83:be:f0:82:
44:b9:37:4b:ba:7c:6d:06:b4:ba:11:cd:9c:f8:d9:2b:20:76:
34:32:9f:1e:ff:99:3b:e7:8d:18:5c:66:e5:53:c2:18:43:e8:
28:91:31:eb:a0:20:ec:3d:26:7b:5a:8a:aa:d4:32:a5:ab:d7:
76:f7:ac:1f:cc:30:93:b7:fa:62:ee:e4:50:18:f7:c8:3e:10:
05:7f:c7:d1:b7:4e:b3:39:07:82:c0:6a:34:6e:10:b6:98:ac:
64:e6:96:74:08:a0:ca:48:d6:3e:88:88:c3:a5:8d:10:2e:54:
5a:b7:87:e7:6f:ef:f4:03:74:a4:22:89:c8:f0:b2:29:72:92:
87:3f:1d:56
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUFlObIZSxPbMe+oHb3r+R1sXABwAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAZGM2MDU4ZTI2ZWFmZGYyNGYwZGUy
YTE4MGM5N2U0ZDI3NTFiM2Q0ZDBmNTc5ZDlkMDkzZDMzMzA4YzAzYTMzMTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdQPl8PgVtYpVNAgD8o2HWUIhqRy
SvAZwKn7YUtvfbeRxpvHbtMjp/DTuQujXvUD8aa9gQYEu/UO3zfnE05Y/KJzfTRk
lEnWamnD5n9e6d+4mrzn0FDgj8dEAvOgs3UFYatYkaZKOPVRc4nOKbHBGN3yH4uS
kgMWbEwB+yqDpB1y9+yeELVcn266BQA0DjdvB5rD2ElQ5EOocaXq/M27g3jSnw5m
Pb5tLw4hu5UPvPHg5Yhk8jbaGd66ym765WpIw/3B0T8cu8M87IwxjnFzkCe6bfyJ
078iSepiw5t3Q/wWYtSajz/wVswbIMip7rI/qcmDQS9HqD6/u/tP+GMD8wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJLqUDNxcYKR5/o9iMfw61p4UFbvMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzQ4YTY3MTU2LTEyMmUtNDFkNC1hMmE4LTgwNDZjYzVlY2M0MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBrynuMA0GCSqGSIb3DQEBCwUAA4IBAQCmJtYQkGNacLdOiEVZNUUd
RXK6UX9pOa63yR6/uUvhN7O0CskZ5kbPowid2v0Ea08jvMGiyEZ7+/1agqAWAMab
qDzjkDdvI1MDv2onr6kW7Sbwphm/P52OWzanq08vEyF60rQBKI1a2FHKjibS4oWt
1bFBDQSwHxUW0oO+8IJEuTdLunxtBrS6Ec2c+NkrIHY0Mp8e/5k7540YXGblU8IY
Q+gokTHroCDsPSZ7Woqq1DKlq9d296wfzDCTt/pi7uRQGPfIPhAFf8fRt06zOQeC
wGo0bhC2mKxk5pZ0CKDKSNY+iIjDpY0QLlRat4fnb+/0A3SkIonI8LIpcpKHPx1W
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:38:17 2025 by rpki-client