Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa
File: 7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa (raw, json)
Hash identifier: Z5MIYaZRUcrU51b60cpfAIun7Nkt5TcNehnLdBGmVdg=
Subject key identifier: 67:A0:B3:2F:87:0B:E2:75:DD:D0:3A:46:F4:36:E5:62:E5:F8:73:F5
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 71CF6F18560821F80924C2F861F5E0E3B93A62A1
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 175.41.192.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:cf:6f:18:56:08:21:f8:09:24:c2:f8:61:f5:e0:e3:b9:3a:62:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=5e3e749785cf206df21e0eb825c557ab8bed38116e3d1a0fb5e4807bb4d463e8, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9a:28:c6:89:97:93:07:e3:03:61:61:98:ee:
b6:dd:c5:db:79:3c:47:a3:a8:99:59:d9:66:1c:fb:
66:0c:8a:c6:22:fc:64:91:65:68:36:51:6d:57:58:
30:ef:02:ca:67:e5:87:65:5f:37:79:15:6d:d2:84:
16:85:09:7c:96:02:d8:fc:e4:05:58:39:07:54:a0:
30:ff:12:b2:93:d1:84:9e:68:90:d0:dc:c6:ed:6b:
27:3e:b4:37:6c:b7:da:5e:d1:ba:9a:df:66:f5:d1:
54:50:4f:33:45:b4:19:53:a3:8e:dd:bc:e3:91:4c:
db:46:5d:bd:eb:13:45:f3:3f:35:7b:f0:2a:b6:e2:
49:a9:1d:08:3f:51:82:f0:84:d9:5d:0b:6e:d0:72:
1e:d3:5d:81:7c:29:c3:76:94:54:73:56:04:89:35:
b6:60:a3:ce:76:cd:47:80:00:c8:af:75:bd:1d:56:
83:21:12:25:6a:cb:1f:5b:bd:78:b2:8d:87:53:86:
72:c9:a2:4e:0a:aa:12:06:c2:da:a5:53:95:e8:c2:
23:88:bc:23:93:80:e9:9a:b8:70:aa:b8:55:13:79:
21:33:45:34:70:6b:1f:3a:12:ab:66:99:62:4c:d5:
32:2a:70:c0:91:ab:8b:8d:71:fa:50:ba:93:a9:9f:
e3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A0:B3:2F:87:0B:E2:75:DD:D0:3A:46:F4:36:E5:62:E5:F8:73:F5
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a646ec3-fc0e-40e7-adb4-82d5fd83f029.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.192.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:1b:67:e4:aa:3d:ea:d9:2d:c8:14:8b:e6:8f:a6:b5:e6:03:
6d:8b:0c:3a:3b:72:89:35:d5:ba:d3:74:fc:6a:d0:1c:66:1c:
cd:52:5c:f9:f3:19:9c:97:2e:e9:56:93:03:80:31:c6:dd:47:
29:0d:ac:e7:b3:2c:ca:13:4c:34:b3:43:e6:b0:30:13:b3:a3:
8d:e8:ed:76:48:60:bd:db:0f:ab:da:72:78:e5:5f:66:4d:90:
02:b7:c0:30:4f:36:44:1a:22:9f:9f:a4:50:92:c7:ea:e7:aa:
3e:c8:16:c5:e1:e4:e0:d6:d7:81:17:50:17:7d:89:99:eb:29:
ae:82:dd:bd:f4:77:6d:71:30:8e:d4:f8:9c:b6:51:17:ab:5c:
b4:c9:bf:55:0a:3a:c5:19:ef:08:4c:b9:66:1d:4d:7b:6d:fa:
09:f0:95:e4:19:ca:7d:d3:48:db:b5:c2:1d:51:f2:a9:15:fe:
94:48:ba:2f:50:cc:2f:76:c0:dc:4d:85:32:d8:6b:5d:a6:68:
b4:b0:a4:1f:62:7e:92:44:5e:f0:a1:37:6f:7f:c0:84:5e:fa:
a6:6c:0c:42:2a:71:dc:2d:da:1c:d7:93:59:32:41:9b:02:ec:
76:a0:20:a7:12:81:79:81:67:6d:99:47:b7:d7:fd:e2:cb:f7:
74:4c:51:17
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUcc9vGFYIIfgJJML4YfXg47k6YqEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNANWUzZTc0OTc4NWNmMjA2ZGYyMWUw
ZWI4MjVjNTU3YWI4YmVkMzgxMTZlM2QxYTBmYjVlNDgwN2JiNGQ0NjNlODEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZooxomXkwfjA2FhmO623cXbeTxH
o6iZWdlmHPtmDIrGIvxkkWVoNlFtV1gw7wLKZ+WHZV83eRVt0oQWhQl8lgLY/OQF
WDkHVKAw/xKyk9GEnmiQ0NzG7WsnPrQ3bLfaXtG6mt9m9dFUUE8zRbQZU6OO3bzj
kUzbRl296xNF8z81e/AqtuJJqR0IP1GC8ITZXQtu0HIe012BfCnDdpRUc1YEiTW2
YKPOds1HgADIr3W9HVaDIRIlassfW714so2HU4ZyyaJOCqoSBsLapVOV6MIjiLwj
k4DpmrhwqrhVE3khM0U0cGsfOhKrZpliTNUyKnDAkauLjXH6ULqTqZ/jPQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGegsy+HC+J13dA6RvQ25WLl+HP1MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzdhNjQ2ZWMzLWZjMGUtNDBlNy1hZGI0LTgyZDVmZDgzZjAyOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGrynAMA0GCSqGSIb3DQEBCwUAA4IBAQCqG2fkqj3q2S3IFIvmj6a1
5gNtiww6O3KJNdW603T8atAcZhzNUlz58xmcly7pVpMDgDHG3UcpDaznsyzKE0w0
s0PmsDATs6ON6O12SGC92w+r2nJ45V9mTZACt8AwTzZEGiKfn6RQksfq56o+yBbF
4eTg1teBF1AXfYmZ6ymugt299HdtcTCO1PictlEXq1y0yb9VCjrFGe8ITLlmHU17
bfoJ8JXkGcp900jbtcIdUfKpFf6USLovUMwvdsDcTYUy2Gtdpmi0sKQfYn6SRF7w
oTdvf8CEXvqmbAxCKnHcLdoc15NZMkGbAux2oCCnEoF5gWdtmUe31/3iy/d0TFEX
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:31:45 2025 by rpki-client