Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa
File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json)
Hash identifier: IW2zgzLc3i3t51U1t/SbIcLHPVvsIVT48+B/VcQKKDg=
Subject key identifier: C4:FA:37:DD:26:3C:C6:D4:13:AE:E2:2A:40:7A:47:3D:C4:57:D5:F7
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 5BFC61CE0463399266C20C7C98EC3473AEC78B68
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 103.4.8.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:fc:61:ce:04:63:39:92:66:c2:0c:7c:98:ec:34:73:ae:c7:8b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=7625b2e731f7fbc21069ac6f0752aa8945eebf1446163201115cf1c434d85eed, CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7b:e3:0d:e7:87:d7:59:27:c1:02:62:3e:7f:
c5:14:11:69:94:00:12:ea:ab:8b:70:59:ac:97:dd:
1f:2e:cf:c5:08:76:9d:e0:db:b2:14:a4:70:ed:cb:
f3:3c:63:45:20:3b:e6:b7:29:7e:db:42:70:2b:a3:
fb:ce:37:d2:9a:83:56:7f:76:80:01:4c:0d:30:c9:
0a:33:6a:83:ee:67:2e:7c:03:a8:d5:49:1f:f8:0f:
b7:93:49:ee:b6:ba:4c:05:99:e2:de:78:bd:d7:a2:
69:cc:a4:0b:94:21:49:0b:8f:03:e2:6a:b1:55:50:
41:b3:47:40:60:0e:64:52:09:c1:06:62:4b:84:7a:
ca:24:b6:13:b6:51:5c:ec:50:52:81:15:b3:c9:ac:
72:4d:32:bb:2d:b9:30:0c:25:15:e3:0a:97:e1:17:
14:3e:8d:d8:f0:82:3b:ee:4a:3f:98:d3:cf:e4:5c:
48:ff:31:a8:a0:2b:23:ab:54:c0:47:3e:08:7e:4e:
2b:58:6a:01:52:04:a7:c5:30:bb:a4:1e:be:07:e8:
c8:00:a1:cf:13:28:ab:d5:bf:ee:7a:08:c4:7e:b8:
c8:20:fe:92:87:73:bd:cf:59:63:bf:a4:ea:b9:b5:
2d:f1:c9:6f:63:89:68:a8:61:bf:56:91:0b:21:97:
fb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FA:37:DD:26:3C:C6:D4:13:AE:E2:2A:40:7A:47:3D:C4:57:D5:F7
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.4.8.0/21
Signature Algorithm: sha256WithRSAEncryption
92:a6:69:cb:ab:32:24:96:7e:1d:87:73:da:19:de:ed:f7:ee:
fd:c7:6d:ab:eb:3b:d7:e7:97:e0:89:b0:61:35:5c:8b:37:c3:
94:57:63:fd:e5:bb:c8:f4:a9:41:aa:be:44:8b:a9:26:4c:70:
5c:d5:77:c1:ad:56:53:a0:74:25:1f:81:14:07:95:a9:e4:c0:
4e:f2:2c:d1:16:05:d8:13:7a:38:0f:ec:a3:8f:da:c1:9d:2e:
dd:41:63:28:62:b6:49:a8:03:62:12:82:01:87:13:30:5e:49:
dc:18:ad:1e:5c:29:f8:77:f7:96:b4:0f:34:81:7e:f0:d1:5c:
a2:ce:a4:0c:22:50:4e:3a:f6:08:39:ea:1b:3b:ef:89:84:ed:
ab:24:99:8f:c8:64:4f:0a:85:98:50:e8:be:b2:4f:bd:27:f8:
0b:60:a6:e8:dd:93:ee:a5:0f:88:91:d2:98:6f:35:28:52:c5:
c6:65:f7:6e:3b:0c:b5:d9:ad:72:ae:9a:1c:6a:76:d4:73:8f:
3c:35:90:65:dc:a4:3b:39:24:23:c7:62:81:d3:4b:fc:23:22:
90:17:4f:db:3d:e3:37:e3:14:2e:53:8b:d9:90:bd:6f:a1:bc:
70:54:8c:96:87:46:9f:5f:a6:53:45:9c:bd:ae:6f:ab:66:ba:
6f:66:70:ff
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUW/xhzgRjOZJmwgx8mOw0c67Hi2gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNANzYyNWIyZTczMWY3ZmJjMjEwNjlh
YzZmMDc1MmFhODk0NWVlYmYxNDQ2MTYzMjAxMTE1Y2YxYzQzNGQ4NWVlZDEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXvjDeeH11knwQJiPn/FFBFplAAS
6quLcFmsl90fLs/FCHad4NuyFKRw7cvzPGNFIDvmtyl+20JwK6P7zjfSmoNWf3aA
AUwNMMkKM2qD7mcufAOo1Ukf+A+3k0nutrpMBZni3ni916JpzKQLlCFJC48D4mqx
VVBBs0dAYA5kUgnBBmJLhHrKJLYTtlFc7FBSgRWzyaxyTTK7LbkwDCUV4wqX4RcU
Po3Y8II77ko/mNPP5FxI/zGooCsjq1TARz4Ifk4rWGoBUgSnxTC7pB6+B+jIAKHP
Eyir1b/uegjEfrjIIP6Sh3O9z1ljv6TqubUt8clvY4loqGG/VpELIZf7CwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMT6N90mPMbUE67iKkB6Rz3EV9X3MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQCSpmnLqzIkln4dh3PaGd7t
9+79x22r6zvX55fgibBhNVyLN8OUV2P95bvI9KlBqr5Ei6kmTHBc1XfBrVZToHQl
H4EUB5Wp5MBO8izRFgXYE3o4D+yjj9rBnS7dQWMoYrZJqANiEoIBhxMwXkncGK0e
XCn4d/eWtA80gX7w0VyizqQMIlBOOvYIOeobO++JhO2rJJmPyGRPCoWYUOi+sk+9
J/gLYKbo3ZPupQ+IkdKYbzUoUsXGZfduOwy12a1yrpocanbUc488NZBl3KQ7OSQj
x2KB00v8IyKQF0/bPeM34xQuU4vZkL1vobxwVIyWh0afX6ZTRZy9rm+rZrpvZnD/
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:36:17 2025 by rpki-client