Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: wu6dfgnou/vpn/ajoB0WpSdKp1C1xXicwpvC50zbNwM=
Subject key identifier: C5:0A:99:AC:C4:21:34:32:FE:40:58:99:36:C5:CA:31:19:B2:12:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15E53EE3D9E34F4A36DAEA295B5C069FF4FA1F7B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Mon 20 Jan 2025 00:00:00 +0000
ROA not before: Mon 20 Jan 2025 00:00:00 +0000
ROA not after: Mon 24 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:e5:3e:e3:d9:e3:4f:4a:36:da:ea:29:5b:5c:06:9f:f4:fa:1f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 20 00:00:00 2025 GMT
Not After : Feb 24 23:59:59 2025 GMT
Subject: serialNumber=dd799c910dca718fe2b98e108f0654b4a7d1d2dcb187fe9236281b38ee7b118d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:6c:b8:29:0f:e6:67:e7:60:09:d5:77:3f:
23:3c:fe:11:8a:8b:99:b0:f1:38:b8:0d:1a:3d:c4:
31:ed:3b:39:53:03:24:b9:f2:b0:7f:53:0f:7d:a3:
74:a3:51:de:4e:e6:23:f0:26:27:88:92:9f:66:39:
71:75:18:53:2a:9e:68:8b:69:a8:18:9d:f1:73:4c:
ea:41:ed:4a:00:89:f4:c1:06:31:90:68:b4:c0:ee:
85:87:24:e3:15:26:07:3c:27:2d:f6:60:1a:4d:f0:
f8:ec:f7:5f:2e:c6:39:6a:71:04:2e:7f:7e:5f:91:
36:44:6d:d1:62:3b:4b:e2:7d:cf:52:ac:ba:4e:6b:
74:19:3b:98:a7:e6:1a:5d:19:2f:45:e8:2d:f0:92:
d8:23:fb:91:f6:33:9e:cf:af:af:fa:33:06:da:8b:
e4:9b:a0:57:5d:7c:59:d8:37:8d:30:2c:ef:90:7b:
f6:72:f7:34:a9:f3:d6:b1:67:00:87:13:2c:84:87:
4a:a5:0a:f3:12:d8:19:b4:b7:88:96:1f:a6:d4:51:
cb:83:81:eb:d4:bf:0a:31:4e:f0:64:38:0f:6b:ab:
77:9c:61:c2:84:0a:7e:97:20:23:93:92:54:6f:5d:
86:4a:95:fb:9d:8b:d8:bb:35:0a:24:0b:89:6e:2c:
69:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0A:99:AC:C4:21:34:32:FE:40:58:99:36:C5:CA:31:19:B2:12:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:a7:f7:15:f1:48:f0:59:58:cc:54:21:43:e4:f5:63:a4:ac:
1b:0b:a9:1f:a5:ca:fa:6b:c8:07:a1:8e:a8:ca:b7:bc:be:d6:
c9:67:65:eb:57:62:18:fe:53:3a:5f:80:c9:6c:c6:dd:fa:a1:
03:86:ca:b4:06:5b:d9:74:35:cd:91:99:da:76:79:61:16:20:
b9:1d:f5:3c:bf:91:42:2f:d9:9f:79:15:57:b7:6f:59:88:4f:
c9:ac:5f:35:1f:4c:bd:d4:6c:a3:48:1a:b2:00:f8:d8:2e:bb:
5a:4c:ff:8d:a7:7c:f8:8b:07:c7:4c:ca:2d:ab:21:fa:05:5b:
18:4a:73:90:b0:7e:fc:cd:74:e9:5f:41:62:5d:b5:7c:14:e8:
65:3f:31:6d:15:75:7f:d9:ca:56:75:29:51:eb:49:2c:be:4a:
09:de:f8:e5:da:27:99:74:70:a4:28:be:03:fc:7f:bb:c3:c6:
e1:54:64:75:c7:f4:fe:83:4b:d3:e5:dd:bc:29:15:fe:07:01:
1e:c7:04:0c:d5:27:39:9c:ca:e1:f9:eb:21:0a:4a:c3:b8:1d:
41:4c:8a:14:0c:8c:a4:c1:86:ff:6d:7a:49:3e:70:af:1e:a5:
c6:11:63:73:10:f0:56:df:c0:fe:9a:b9:41:53:76:db:83:69:
11:40:53:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFeU+49njT0o22uopW1wGn/T6H3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjAwMDAwMDBaFw0yNTAyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkNzk5YzkxMGRjYTcxOGZlMmI5OGUxMDhmMDY1NGI0YTdkMWQyZGNiMTg3
ZmU5MjM2MjgxYjM4ZWU3YjExOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnvbLgpD+Zn52AJ1Xc/Izz+EYqLmbDxOLgNGj3EMe07OVMDJLnysH9TD32j
dKNR3k7mI/AmJ4iSn2Y5cXUYUyqeaItpqBid8XNM6kHtSgCJ9MEGMZBotMDuhYck
4xUmBzwnLfZgGk3w+Oz3Xy7GOWpxBC5/fl+RNkRt0WI7S+J9z1Ksuk5rdBk7mKfm
Gl0ZL0XoLfCS2CP7kfYzns+vr/ozBtqL5JugV118Wdg3jTAs75B79nL3NKnz1rFn
AIcTLISHSqUK8xLYGbS3iJYfptRRy4OB69S/CjFO8GQ4D2urd5xhwoQKfpcgI5OS
VG9dhkqV+52L2Ls1CiQLiW4sabcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTFCpms
xCE0Mv5AWJk2xcoxGbIS8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAy6f3FfFI8FlYzFQhQ+T1Y6SsGwupH6XK+mvIB6GO
qMq3vL7WyWdl61diGP5TOl+AyWzG3fqhA4bKtAZb2XQ1zZGZ2nZ5YRYguR31PL+R
Qi/Zn3kVV7dvWYhPyaxfNR9MvdRso0gasgD42C67Wkz/jad8+IsHx0zKLash+gVb
GEpzkLB+/M106V9BYl21fBToZT8xbRV1f9nKVnUpUetJLL5KCd745donmXRwpCi+
A/x/u8PG4VRkdcf0/oNL0+XdvCkV/gcBHscEDNUnOZzK4fnrIQpKw7gdQUyKFAyM
pMGG/216ST5wrx6lxhFjcxDwVt/A/pq5QVN224NpEUBTQw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:41 2025 by rpki-client