Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: jqK5w9g1z9GGSYv4CUq6CAeRDkPfG3sb6BvmhO6612c=
Subject key identifier: 46:2E:45:CE:4D:8E:4C:7C:39:F9:A9:8F:95:A5:D9:98:5E:34:7E:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07FD4F1FF8E865F04D3B30555B0136C8A8323C02
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fd:4f:1f:f8:e8:65:f0:4d:3b:30:55:5b:01:36:c8:a8:32:3c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e859134a63dbe90944b58a38d5a0cf4e4119966814bbaf97407936230671df59, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:94:41:c7:94:c9:2d:0a:84:d3:95:9a:f1:ad:
8c:6c:f5:35:58:dc:ec:74:4a:14:a6:df:d5:59:55:
e8:ec:65:e6:e4:6c:2e:7d:48:48:e2:12:40:30:7d:
19:ea:48:a6:f9:cb:78:ed:d5:aa:38:42:e1:12:35:
20:fe:fd:96:d1:7e:92:b3:75:10:b9:4a:77:d4:bc:
5f:e8:67:af:cc:e0:a4:91:4d:7e:1f:d9:54:92:4f:
4c:2a:1d:8a:40:d4:7e:dd:e2:e7:9e:5f:d6:42:bb:
d4:86:2d:a6:42:b1:03:59:89:bb:e4:cb:fc:89:e3:
5b:5f:16:8d:94:1a:63:22:75:ce:b7:4b:57:66:e3:
b8:b4:4d:67:0c:d9:eb:fb:05:69:f5:9f:10:8c:4b:
be:74:e6:05:12:a9:f2:04:33:ff:5b:35:f4:8d:ea:
21:ef:84:02:df:6a:11:76:14:3b:df:d9:3e:8c:77:
70:fa:27:27:4e:55:fc:95:f9:6b:31:88:be:24:b7:
73:b1:5a:b9:f1:c0:c7:a0:2d:99:01:c1:0d:75:29:
10:d5:00:d6:f2:fa:25:cd:f3:e8:da:38:7e:d7:f6:
8d:72:92:d2:60:27:b2:95:e3:09:34:b3:60:43:21:
e1:e7:42:bb:8c:e1:3f:7f:cc:49:8b:8c:84:aa:90:
02:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2E:45:CE:4D:8E:4C:7C:39:F9:A9:8F:95:A5:D9:98:5E:34:7E:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:cb:21:63:fe:31:a9:29:eb:5b:1c:2c:20:55:1d:c1:26:48:
fd:64:b1:b1:b4:f6:82:c0:fe:08:74:3e:f1:30:f1:64:45:da:
7c:a3:c2:d4:ef:20:f2:f7:22:9f:59:78:1d:ce:99:cb:e4:8a:
eb:7b:19:d6:43:25:b4:1e:bf:7a:13:3b:76:4d:7d:8e:6f:3a:
05:fc:7b:c7:55:db:73:50:6b:30:df:9f:c0:28:38:b1:83:5a:
3e:5f:17:5c:4e:0e:26:65:24:27:67:fa:b6:06:e2:fc:c4:9c:
8a:02:96:cd:8c:35:d1:9e:37:cc:ec:dd:78:64:63:bc:41:ff:
17:83:9c:92:13:e3:5f:23:61:97:1a:54:24:cd:b5:9c:0d:3c:
e7:40:8f:b7:8b:14:57:09:1a:d7:cf:c4:07:6e:80:de:f9:0d:
93:1f:e0:55:20:76:41:f5:25:ea:92:78:20:d4:b8:2f:1f:9e:
04:f8:b8:ed:c3:ed:66:1e:96:3c:6a:1c:2f:a6:bf:e9:f9:63:
41:e9:2d:3c:fc:78:1d:4d:6d:cf:a2:f3:db:24:08:cd:03:80:
4a:07:0e:5d:22:2e:8e:85:2c:fd:c9:19:98:b5:05:56:f2:85:
b6:f0:79:17:b2:2d:5f:23:93:ba:c1:27:b2:76:21:85:75:fd:
e0:ad:a0:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB/1PH/joZfBNOzBVWwE2yKgyPAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NTkxMzRhNjNkYmU5MDk0NGI1OGEzOGQ1YTBjZjRlNDExOTk2NjgxNGJi
YWY5NzQwNzkzNjIzMDY3MWRmNTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2UQceUyS0KhNOVmvGtjGz1NVjc7HRKFKbf1VlV6Oxl5uRsLn1ISOISQDB9
GepIpvnLeO3VqjhC4RI1IP79ltF+krN1ELlKd9S8X+hnr8zgpJFNfh/ZVJJPTCod
ikDUft3i555f1kK71IYtpkKxA1mJu+TL/InjW18WjZQaYyJ1zrdLV2bjuLRNZwzZ
6/sFafWfEIxLvnTmBRKp8gQz/1s19I3qIe+EAt9qEXYUO9/ZPox3cPonJ05V/JX5
azGIviS3c7FaufHAx6AtmQHBDXUpENUA1vL6Jc3z6No4ftf2jXKS0mAnspXjCTSz
YEMh4edCu4zhP3/MSYuMhKqQAkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGLkXO
TY5MfDn5qY+VpdmYXjR++jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQA5yyFj/jGpKetbHCwgVR3BJkj9ZLGxtPaCwP4IdD7x
MPFkRdp8o8LU7yDy9yKfWXgdzpnL5IrrexnWQyW0Hr96Ezt2TX2ObzoF/HvHVdtz
UGsw35/AKDixg1o+XxdcTg4mZSQnZ/q2BuL8xJyKApbNjDXRnjfM7N14ZGO8Qf8X
g5ySE+NfI2GXGlQkzbWcDTznQI+3ixRXCRrXz8QHboDe+Q2TH+BVIHZB9SXqkngg
1LgvH54E+Ljtw+1mHpY8ahwvpr/p+WNB6S08/HgdTW3PovPbJAjNA4BKBw5dIi6O
hSz9yRmYtQVW8oW28HkXsi1fI5O6wSeydiGFdf3graAG
-----END CERTIFICATE-----
Generated at Fri May 2 21:55:44 2025 by rpki-client