Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: lTI/3yUl9k4ZJ/H1GlqGT6QnC+hgG9yIMhi0ykSbLvA=
Subject key identifier: 90:80:3D:74:A6:A4:22:D7:98:0E:90:A2:38:81:83:B2:5D:65:E6:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5617A3C5C8C46B07F68D435BA315DD6C86CC3D63
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:17:a3:c5:c8:c4:6b:07:f6:8d:43:5b:a3:15:dd:6c:86:cc:3d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=d5eed3294c2152136e71875c0397dc04af704630c81b53c5c0e9b51453a9eba5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:25:0b:2e:29:51:d5:04:bb:12:cf:13:8e:d9:
64:eb:ce:79:94:f8:ad:1c:29:87:c5:ed:70:08:56:
20:bc:16:ad:ed:34:e0:1e:ed:49:9b:41:30:7b:30:
02:66:18:84:90:d1:27:87:db:87:e7:34:38:18:13:
7b:8f:e2:b4:99:0f:0a:c2:a9:48:5c:f8:1e:6f:bf:
bd:b6:32:55:5e:d4:de:52:86:74:ee:18:35:39:e6:
c1:89:84:58:02:9b:ba:0c:9d:46:b4:58:5c:db:44:
c2:d3:49:ae:a0:60:d3:17:14:54:2f:21:3f:34:22:
8d:a1:6c:32:b2:43:a6:f1:a1:b3:89:7f:f8:4e:a1:
c0:b6:ee:e0:08:f3:e6:6a:70:e5:64:fc:b1:d4:12:
ed:84:e6:dc:4e:dc:aa:c9:62:f8:80:1a:58:dc:1d:
89:af:b1:d1:45:f1:66:6b:59:e2:ad:7b:ee:32:fa:
67:12:7c:9f:6a:5f:d4:16:79:3b:fa:5f:b3:35:19:
a8:36:f1:06:61:d5:33:73:51:d6:fc:84:13:21:db:
d1:df:58:83:af:18:81:8d:22:f7:35:a6:cf:d6:63:
40:8b:e9:3f:28:17:af:35:d3:16:db:6e:c0:31:b7:
52:a0:06:65:a4:84:74:f3:cb:95:e7:a6:b0:3c:63:
18:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:80:3D:74:A6:A4:22:D7:98:0E:90:A2:38:81:83:B2:5D:65:E6:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:33:d3:b1:c1:ea:8b:5d:f8:2b:5b:41:4b:fc:82:08:b7:4f:
54:3f:f9:95:a2:d8:83:ae:b9:67:fb:b0:5a:22:2b:17:9c:e7:
a0:72:0d:c4:8c:58:12:ef:71:7c:ec:ac:ff:3c:49:3f:68:4f:
4c:72:15:44:83:51:10:c1:9a:c4:c8:fe:8b:85:96:8a:aa:98:
aa:22:8e:cb:66:43:6d:b0:e2:5f:81:42:a2:9c:bb:82:38:d0:
87:f3:f1:04:ab:8e:f6:19:3e:95:2b:24:91:21:64:e5:61:94:
29:bf:59:e1:ce:6b:40:e7:20:69:34:e6:24:c2:47:dd:7b:2a:
d9:38:28:a7:7e:44:ae:cf:6b:cd:d6:a2:fa:52:51:cb:8b:3d:
14:bb:a2:83:6f:a4:1e:cd:ef:e4:de:10:cf:e4:34:18:b7:ec:
11:c3:ff:94:fa:e6:8d:a9:b8:9b:40:b3:28:73:3a:04:77:72:
fe:78:6e:38:f7:0d:d5:23:20:92:13:2e:db:ef:c8:9c:67:a3:
b4:5a:a4:f9:51:4b:d0:c3:59:ef:1e:49:06:ff:d0:d4:8d:ac:
a5:61:b9:0f:14:de:60:00:c4:e9:3d:df:05:2d:30:07:a3:50:
33:c3:b5:16:c0:5d:d6:41:9d:f5:7a:c9:da:9b:a2:57:52:f7:
dc:1b:7d:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVhejxcjEawf2jUNboxXdbIbMPWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ZWVkMzI5NGMyMTUyMTM2ZTcxODc1YzAzOTdkYzA0YWY3MDQ2MzBjODFi
NTNjNWMwZTliNTE0NTNhOWViYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP4lCy4pUdUEuxLPE47ZZOvOeZT4rRwph8XtcAhWILwWre004B7tSZtBMHsw
AmYYhJDRJ4fbh+c0OBgTe4/itJkPCsKpSFz4Hm+/vbYyVV7U3lKGdO4YNTnmwYmE
WAKbugydRrRYXNtEwtNJrqBg0xcUVC8hPzQijaFsMrJDpvGhs4l/+E6hwLbu4Ajz
5mpw5WT8sdQS7YTm3E7cqsli+IAaWNwdia+x0UXxZmtZ4q177jL6ZxJ8n2pf1BZ5
O/pfszUZqDbxBmHVM3NR1vyEEyHb0d9Yg68YgY0i9zWmz9ZjQIvpPygXrzXTFttu
wDG3UqAGZaSEdPPLleemsDxjGB0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQgD10
pqQi15gOkKI4gYOyXWXmuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAUM9OxweqLXfgrW0FL/IIIt09UP/mVotiDrrln+7Ba
IisXnOegcg3EjFgS73F87Kz/PEk/aE9MchVEg1EQwZrEyP6LhZaKqpiqIo7LZkNt
sOJfgUKinLuCONCH8/EEq472GT6VKySRIWTlYZQpv1nhzmtA5yBpNOYkwkfdeyrZ
OCinfkSuz2vN1qL6UlHLiz0Uu6KDb6Qeze/k3hDP5DQYt+wRw/+U+uaNqbibQLMo
czoEd3L+eG449w3VIyCSEy7b78icZ6O0WqT5UUvQw1nvHkkG/9DUjaylYbkPFN5g
AMTpPd8FLTAHo1Azw7UWwF3WQZ31esnam6JXUvfcG33t
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:11 2025 by rpki-client