Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa
File: 6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa (raw, json)
Hash identifier: f7nooMXkiDoAcmsQHZerJ0xkiESOLVGDoeJ/mSUohtE=
Subject key identifier: CB:1F:51:46:17:E9:B9:81:19:C5:3E:67:4B:FB:B6:D2:76:BD:3E:DA
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 5E8D6FAE90904286BE727E99F2CB4A75C49EADC4
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.194.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:8d:6f:ae:90:90:42:86:be:72:7e:99:f2:cb:4a:75:c4:9e:ad:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=9a46d5d295def94a1b785d06a28d5e5f18f04ee44b02501180e61669f929be35, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:29:ac:6e:b6:8d:df:d5:49:7b:86:ab:11:0a:
0e:fa:5d:9e:0f:bc:74:39:9e:f8:28:01:c5:09:87:
03:27:57:50:17:bd:51:80:03:c6:a2:e4:23:f4:ad:
43:3d:aa:8a:7f:f4:9c:00:88:3f:e9:ca:a6:b0:0e:
21:da:eb:4d:cb:1b:89:99:2f:93:3e:d2:4f:62:11:
5c:32:1c:b9:d4:aa:c1:d7:ef:8a:8a:aa:60:c6:58:
32:a9:24:bf:15:e9:ce:39:2c:a2:42:a7:63:9d:a9:
6e:42:6a:eb:b1:ed:f9:b9:b7:58:07:cd:03:84:99:
e6:2f:93:4e:fc:d1:1a:e2:1a:40:c0:f2:49:2d:2e:
17:cf:53:15:82:7c:85:de:db:a7:01:a7:57:58:49:
db:a4:3a:0f:7a:7c:cf:94:21:b7:39:38:82:ae:fd:
a4:8b:22:98:92:14:df:f9:e9:c8:28:15:ac:ce:47:
17:ec:ea:51:23:f5:6f:a4:e7:34:e7:72:7f:a0:5d:
6a:db:b7:e7:22:ab:90:3f:f0:e1:99:ac:b1:e1:33:
e7:f6:cb:25:52:ef:54:55:40:52:11:a6:60:fb:47:
72:4b:04:c6:05:04:77:fc:c2:6e:08:76:c0:72:fc:
b6:b1:d1:a0:0b:21:f1:3d:0f:bf:7d:34:33:fb:3c:
13:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1F:51:46:17:E9:B9:81:19:C5:3E:67:4B:FB:B6:D2:76:BD:3E:DA
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.194.0/23
Signature Algorithm: sha256WithRSAEncryption
92:59:4d:d3:d3:43:24:fe:e2:bb:af:c0:15:9e:42:95:bb:97:
4d:27:d1:16:6b:b4:a2:0c:7a:d9:e9:0d:df:8e:8a:50:21:1c:
85:0b:7a:58:0f:05:2a:c2:4d:12:24:ed:b7:ed:c9:00:4c:f9:
50:d2:ba:5e:fa:0a:74:c1:01:22:cd:63:b9:09:78:f7:e2:5f:
8f:bf:df:11:90:dd:fc:fb:0a:27:6b:72:8a:95:de:fe:0d:73:
8a:35:81:c6:0f:86:1f:65:89:80:be:9d:ab:f9:b4:2f:d1:56:
e8:51:df:b5:f6:94:f4:e4:b1:1a:63:17:1a:3b:b4:38:34:67:
78:27:fe:ca:0e:e9:16:5e:e3:bd:76:05:0e:8e:c9:68:ac:60:
61:b1:9f:6d:a9:57:f1:57:d0:ee:23:12:c5:8d:c2:33:32:6c:
29:8b:50:48:81:e6:d0:b0:7e:b5:4d:3d:a7:8e:5b:f6:d0:db:
ea:1d:0b:b2:34:ce:e4:69:dd:39:09:cb:89:15:cb:ad:87:d3:
e7:52:f0:31:41:f9:c4:ff:1d:b0:5c:87:a3:4d:7b:44:32:e0:
73:1c:39:c8:cb:40:ff:6c:7d:ee:26:1c:b6:fc:ec:bc:70:85:
59:c4:e1:00:66:2e:c9:dd:3c:66:d8:1b:8b:67:1c:48:cf:d9:
03:92:10:3d
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUXo1vrpCQQoa+cn6Z8stKdcSercQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAOWE0NmQ1ZDI5NWRlZjk0YTFiNzg1
ZDA2YTI4ZDVlNWYxOGYwNGVlNDRiMDI1MDExODBlNjE2NjlmOTI5YmUzNTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CmsbraN39VJe4arEQoO+l2eD7x0
OZ74KAHFCYcDJ1dQF71RgAPGouQj9K1DPaqKf/ScAIg/6cqmsA4h2utNyxuJmS+T
PtJPYhFcMhy51KrB1++KiqpgxlgyqSS/FenOOSyiQqdjnaluQmrrse35ubdYB80D
hJnmL5NO/NEa4hpAwPJJLS4Xz1MVgnyF3tunAadXWEnbpDoPenzPlCG3OTiCrv2k
iyKYkhTf+enIKBWszkcX7OpRI/VvpOc053J/oF1q27fnIquQP/Dhmayx4TPn9ssl
Uu9UVUBSEaZg+0dySwTGBQR3/MJuCHbAcvy2sdGgCyHxPQ+/fTQz+zwTxwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMsfUUYX6bmBGcU+Z0v7ttJ2vT7aMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzZjZjU3YWE2LTZiYTMtNDNhZi1iYmQ1LTQ0NDg1ZTNiOWY2Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBrynCMA0GCSqGSIb3DQEBCwUAA4IBAQCSWU3T00Mk/uK7r8AVnkKV
u5dNJ9EWa7SiDHrZ6Q3fjopQIRyFC3pYDwUqwk0SJO237ckATPlQ0rpe+gp0wQEi
zWO5CXj34l+Pv98RkN38+wona3KKld7+DXOKNYHGD4YfZYmAvp2r+bQv0VboUd+1
9pT05LEaYxcaO7Q4NGd4J/7KDukWXuO9dgUOjslorGBhsZ9tqVfxV9DuIxLFjcIz
Mmwpi1BIgebQsH61TT2njlv20NvqHQuyNM7kad05CcuJFcuth9PnUvAxQfnE/x2w
XIejTXtEMuBzHDnIy0D/bH3uJhy2/Oy8cIVZxOEAZi7J3Txm2BuLZxxIz9kDkhA9
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:24:18 2025 by rpki-client