Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: G8aScOx39O/r7zgqGPikW6Ac/Vxf6U0A6E4/zPVRzMs=
Subject key identifier: C7:8C:AB:E9:50:DC:66:49:2F:F0:B2:1B:A5:F1:2E:7B:D7:7B:D1:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2DA7486604919C2B6CE6E3F9741010ACFA499D03
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:a7:48:66:04:91:9c:2b:6c:e6:e3:f9:74:10:10:ac:fa:49:9d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=cff360ced9fa0b59641a73c6c3d0961a1998f17d6913b2f8203a26f3adc26110, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d2:1f:2d:fb:38:56:6c:aa:33:e2:4a:de:3d:
f6:86:ac:22:20:59:12:6c:8e:3b:bb:60:db:4c:b0:
42:b5:1d:cb:01:d7:25:b0:9d:25:6e:f3:57:fb:9f:
ff:95:d8:45:4d:e0:94:da:63:04:af:21:99:68:cd:
73:04:07:bb:d4:49:ac:0e:8e:54:78:c0:1b:c7:7e:
bc:8d:e9:99:f5:92:26:66:91:a5:6e:c1:cf:16:53:
a2:37:68:12:9d:77:2d:e3:05:4e:5c:2b:ff:c8:c9:
3a:9a:f0:15:49:64:89:1e:40:f7:7d:22:dd:c2:a8:
b8:ba:d0:28:a4:7f:9f:7a:a9:34:6c:6a:12:e9:f2:
36:fc:5b:a5:64:f0:26:f0:be:14:69:a8:19:01:fe:
d0:13:30:08:65:c4:63:63:39:f3:2a:f2:f3:57:51:
91:5e:1d:8d:f1:ba:ce:2f:10:79:72:2b:fc:74:28:
d0:c5:28:19:83:75:ce:8a:cc:e0:1c:da:f4:69:f8:
ab:fc:4a:eb:c7:d5:47:0f:dd:c0:72:38:2c:0d:b1:
78:06:70:ac:1f:ce:33:77:72:56:f4:85:f7:c7:da:
27:26:a1:a3:62:ae:7c:28:69:f1:90:cc:48:61:cc:
03:2b:5b:07:b2:c9:a9:a2:60:72:36:f0:ef:fe:de:
83:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8C:AB:E9:50:DC:66:49:2F:F0:B2:1B:A5:F1:2E:7B:D7:7B:D1:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:b2:16:58:38:68:06:eb:77:19:32:2b:04:83:a2:18:9c:19:
eb:91:3c:7d:95:0c:e3:4d:20:f8:76:ba:97:a2:5c:d8:ba:73:
e7:c4:1f:0b:8f:26:c8:26:6b:09:50:aa:8b:ca:21:91:bd:ba:
7f:50:de:43:d1:34:18:78:38:67:bb:8e:8d:62:18:7d:93:ca:
84:ed:94:92:b5:c8:45:c2:de:26:b6:00:fe:b7:21:31:4d:6c:
5f:f4:ee:0b:b6:68:c2:09:30:9f:7c:78:17:a1:b8:9b:f1:97:
62:0b:e6:2b:ab:fc:b7:c5:2b:d7:4a:a1:62:74:08:b2:83:83:
be:56:81:22:f6:57:1c:be:2b:0a:d4:33:f2:ff:25:73:54:88:
a8:3e:af:90:db:4b:92:78:1b:89:7b:35:0a:ca:4b:e4:d8:54:
e6:cb:c4:fb:85:de:9d:af:01:9e:a1:76:33:f6:32:33:ad:78:
93:01:2c:9a:e7:3d:1b:37:5e:60:0e:47:cd:d5:00:0a:85:e3:
5a:8a:b6:ce:30:f2:dd:5c:fb:64:e7:50:90:26:42:e8:3d:0b:
df:be:b8:36:e1:50:33:e6:49:22:a1:1e:8e:fb:5d:61:95:c5:
5a:d7:f6:c9:c3:01:e8:e4:0e:c4:fa:35:2e:94:4c:43:61:aa:
9e:4b:f9:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULadIZgSRnCts5uP5dBAQrPpJnQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZjM2MGNlZDlmYTBiNTk2NDFhNzNjNmMzZDA5NjFhMTk5OGYxN2Q2OTEz
YjJmODIwM2EyNmYzYWRjMjYxMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTSHy37OFZsqjPiSt499oasIiBZEmyOO7tg20ywQrUdywHXJbCdJW7zV/uf
/5XYRU3glNpjBK8hmWjNcwQHu9RJrA6OVHjAG8d+vI3pmfWSJmaRpW7BzxZTojdo
Ep13LeMFTlwr/8jJOprwFUlkiR5A930i3cKouLrQKKR/n3qpNGxqEunyNvxbpWTw
JvC+FGmoGQH+0BMwCGXEY2M58yry81dRkV4djfG6zi8QeXIr/HQo0MUoGYN1zorM
4Bza9Gn4q/xK68fVRw/dwHI4LA2xeAZwrB/OM3dyVvSF98faJyaho2KufChp8ZDM
SGHMAytbB7LJqaJgcjbw7/7egykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHjKvp
UNxmSS/wshul8S5713vREDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAzrIWWDhoBut3GTIrBIOiGJwZ65E8fZUM400g+Ha6
l6Jc2Lpz58QfC48myCZrCVCqi8ohkb26f1DeQ9E0GHg4Z7uOjWIYfZPKhO2UkrXI
RcLeJrYA/rchMU1sX/TuC7Zowgkwn3x4F6G4m/GXYgvmK6v8t8Ur10qhYnQIsoOD
vlaBIvZXHL4rCtQz8v8lc1SIqD6vkNtLkngbiXs1CspL5NhU5svE+4Xena8BnqF2
M/YyM614kwEsmuc9GzdeYA5HzdUACoXjWoq2zjDy3Vz7ZOdQkCZC6D0L3764NuFQ
M+ZJIqEejvtdYZXFWtf2ycMB6OQOxPo1LpRMQ2Gqnkv5uw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:35:10 2025 by rpki-client