Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: RLDtBK61gE8gvcfn9w60X+nCp80ICyjnCzOsY/1tDig=
Subject key identifier: 97:C4:EF:32:74:A2:65:A4:2B:A7:77:53:3C:85:8F:F3:70:58:EC:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A0A36F3DA0C7DC379535B1BBAF48AED92ECE380
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:0a:36:f3:da:0c:7d:c3:79:53:5b:1b:ba:f4:8a:ed:92:ec:e3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=5ae937080ed604d1c233f21f5a8f60d74a740b34ee1515ce39f1abff1ba63d2f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:06:71:c8:ca:01:5b:09:36:73:35:c6:51:61:
1d:27:6f:17:bc:a6:8d:46:10:66:e9:b0:96:73:ea:
a5:e5:d6:13:35:2c:f3:46:5d:bf:76:cb:42:15:d8:
99:41:0c:41:c5:d5:c1:dc:78:78:c5:80:9a:c7:d5:
a3:42:c3:1b:17:49:34:b8:9f:65:3e:62:67:33:6c:
04:58:88:04:5e:2f:4f:4f:bc:22:17:cb:d8:fc:48:
d3:65:99:60:1d:69:9c:ec:e6:fe:ac:cb:e1:d8:80:
b7:48:33:e4:09:7d:f2:c5:fa:9d:53:db:0e:b2:99:
ad:87:a3:0c:94:42:d2:a5:9c:bb:31:ba:a7:6e:a3:
64:cd:cd:8c:3b:55:5b:cb:d0:00:20:60:ff:4f:d6:
5f:a9:ef:ec:df:77:98:6a:32:bd:ad:d9:76:5d:78:
c4:6a:34:3e:19:b6:0e:93:17:68:cf:15:f3:1c:85:
49:48:d9:9e:b5:d8:40:c4:81:a3:5f:48:47:e8:ec:
d8:29:32:3c:5e:a8:35:31:67:33:e9:3e:4d:5c:69:
9e:09:c8:74:1d:f3:41:8c:fa:72:f8:db:87:d0:ed:
4e:34:53:f8:a4:3d:04:ba:b5:fd:0a:18:e3:19:3b:
7c:f5:2e:43:ce:cd:27:ca:33:e9:8f:b3:d3:6b:09:
c6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C4:EF:32:74:A2:65:A4:2B:A7:77:53:3C:85:8F:F3:70:58:EC:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
b5:a0:ba:a0:da:d1:24:c0:28:00:f3:6d:c7:6f:06:af:5f:c8:
c6:d9:9e:de:d1:3e:82:4a:af:3e:5f:82:af:47:3e:44:b4:78:
7c:75:6b:de:8d:e5:05:34:d3:a3:af:49:53:36:45:11:ae:89:
d4:d9:96:ed:7f:4c:53:ee:4a:d2:88:1c:8e:5e:9b:a7:94:39:
0b:77:6f:de:57:41:0a:4c:b8:2c:a9:d4:ee:c1:f6:59:d9:cc:
22:1d:11:4f:c2:62:60:13:8b:3a:f0:e1:fb:3d:88:58:db:4d:
00:aa:9d:86:13:01:89:8c:41:59:ed:d8:92:03:77:c1:e2:47:
8b:49:f0:fb:76:e5:31:12:41:37:ea:b9:ad:06:d0:06:7e:ea:
9b:ec:bb:fb:51:db:46:20:9e:39:aa:37:26:8f:e7:84:57:1c:
fe:b9:63:61:62:44:0b:0b:4d:ed:36:df:ab:d4:e0:d4:4c:be:
48:20:99:ff:6c:a8:3d:67:c7:e9:01:c1:98:dc:b2:ef:f4:e6:
9b:d1:dd:77:b3:f9:41:4d:58:8c:88:69:a5:17:06:6a:40:b5:
ef:2b:2e:ef:df:71:c6:2a:6f:81:8b:65:ce:49:ac:e2:5f:82:
3b:f7:b6:67:51:69:e6:aa:b1:41:84:94:f1:1d:a8:e3:a3:da:
d4:d7:c4:33
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOgo289oMfcN5U1sbuvSK7ZLs44AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhZTkzNzA4MGVkNjA0ZDFjMjMzZjIxZjVhOGY2MGQ3NGE3NDBiMzRlZTE1
MTVjZTM5ZjFhYmZmMWJhNjNkMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8GccjKAVsJNnM1xlFhHSdvF7ymjUYQZumwlnPqpeXWEzUs80Zdv3bLQhXY
mUEMQcXVwdx4eMWAmsfVo0LDGxdJNLifZT5iZzNsBFiIBF4vT0+8IhfL2PxI02WZ
YB1pnOzm/qzL4diAt0gz5Al98sX6nVPbDrKZrYejDJRC0qWcuzG6p26jZM3NjDtV
W8vQACBg/0/WX6nv7N93mGoyva3Zdl14xGo0Phm2DpMXaM8V8xyFSUjZnrXYQMSB
o19IR+js2CkyPF6oNTFnM+k+TVxpngnIdB3zQYz6cvjbh9DtTjRT+KQ9BLq1/QoY
4xk7fPUuQ87NJ8oz6Y+z02sJxgkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSXxO8y
dKJlpCund1M8hY/zcFjsgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAtaC6oNrRJMAoAPNtx28Gr1/Ixtme3tE+gkqvPl+C
r0c+RLR4fHVr3o3lBTTTo69JUzZFEa6J1NmW7X9MU+5K0ogcjl6bp5Q5C3dv3ldB
Cky4LKnU7sH2WdnMIh0RT8JiYBOLOvDh+z2IWNtNAKqdhhMBiYxBWe3YkgN3weJH
i0nw+3blMRJBN+q5rQbQBn7qm+y7+1HbRiCeOao3Jo/nhFcc/rljYWJECwtN7Tbf
q9Tg1Ey+SCCZ/2yoPWfH6QHBmNyy7/Tmm9Hdd7P5QU1YjIhppRcGakC17ysu799x
xipvgYtlzkms4l+CO/e2Z1Fp5qqxQYSU8R2o46Pa1NfEMw==
-----END CERTIFICATE-----
Generated at Fri May 2 21:13:47 2025 by rpki-client