Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: 7uLggDA7ahzwsIiyOFXrhp75Oq6aYZXZFahalrgIjbA=
Subject key identifier: A5:A7:79:7E:C8:C1:88:22:76:DC:30:C8:E4:2C:8D:A1:0A:60:54:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07F4B63E42B9971BD8A0A5E360C294E8E6784C31
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:f4:b6:3e:42:b9:97:1b:d8:a0:a5:e3:60:c2:94:e8:e6:78:4c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=c276888d064eae5ed4095b83489458e2707a27072442057bd2c22dc66cadbe99, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:48:2f:e4:e0:2f:37:db:17:28:56:5d:5b:
ac:7a:10:a3:63:c4:30:40:2e:d2:e5:a3:c9:be:20:
96:34:c5:5d:85:5d:02:21:5e:27:8f:e1:5e:5f:71:
3d:ec:88:62:5d:48:32:57:a1:ce:a9:95:d4:78:fc:
57:b7:d0:a5:3a:c1:02:fe:54:89:a4:4d:d5:cd:b7:
4e:a3:0f:c0:24:9a:18:cf:02:98:71:a6:57:3c:f6:
15:61:30:f2:6d:50:bf:c9:4e:10:10:3e:e1:bc:8d:
6e:eb:79:fc:55:78:fa:69:7d:bb:37:d2:00:7b:53:
da:55:05:40:59:9d:67:db:70:0d:69:99:19:d4:49:
59:5c:f8:70:76:68:1c:c0:8e:48:88:52:60:9a:37:
2e:c6:d0:51:69:cd:ab:fd:52:10:d9:8f:bf:e1:d5:
b0:5d:b2:f7:43:8b:b2:be:a7:32:7b:0e:9d:b5:18:
f4:80:2d:94:ff:c5:7d:d8:e8:57:a1:6e:fd:3a:0e:
9b:56:92:06:13:8a:2a:78:05:fc:ff:d1:c1:42:ec:
c1:68:18:46:67:43:14:fe:09:0e:0a:f6:ba:60:6a:
4b:88:be:de:c5:91:17:52:14:66:ae:e2:ee:c0:48:
c5:27:7b:9b:86:02:ec:2e:b0:95:18:5a:c5:73:38:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A7:79:7E:C8:C1:88:22:76:DC:30:C8:E4:2C:8D:A1:0A:60:54:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:18:0b:b0:6a:c9:25:5a:27:67:d5:0a:89:b3:8a:2b:af:e4:
0b:d3:a9:da:94:f7:32:89:bc:2f:99:9e:16:97:bb:72:a1:4c:
8e:89:bc:ac:65:d5:d6:25:71:8b:9a:a5:a0:01:c9:f2:e5:fa:
64:25:04:40:0e:a1:b9:79:97:ba:6e:85:2e:e9:f0:11:c5:dd:
5f:17:83:3c:76:ab:c0:13:d6:01:76:26:de:6f:4f:66:ed:5f:
59:19:65:27:b4:1f:d0:58:51:2b:98:cf:f8:b0:da:e5:0d:72:
80:84:63:4d:5e:c3:09:27:ee:b6:d5:c8:14:fe:99:39:c1:4b:
55:c9:84:5d:6a:31:28:ef:33:a9:a4:74:5f:58:b7:ae:5a:60:
f8:ce:de:ce:df:79:a6:e1:5c:62:24:8e:4f:02:4f:f3:b5:ea:
f4:16:f0:10:d6:4b:e7:28:91:3f:ff:f4:03:aa:41:2e:77:95:
c6:20:c7:2d:3b:3f:04:99:14:31:b3:43:2a:c7:48:1d:8d:5f:
ad:6a:e2:18:e9:9b:ac:ff:35:a2:cc:99:c0:60:c0:3c:d0:85:
82:9b:65:9e:68:94:e3:9c:a1:bd:63:a6:8c:05:50:20:c5:29:
c4:5d:ba:bf:77:3c:26:6d:54:0d:09:13:dc:87:98:bc:a5:ce:
d3:15:69:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB/S2PkK5lxvYoKXjYMKU6OZ4TDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyNzY4ODhkMDY0ZWFlNWVkNDA5NWI4MzQ4OTQ1OGUyNzA3YTI3MDcyNDQy
MDU3YmQyYzIyZGM2NmNhZGJlOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNuSC/k4C832xcoVl1brHoQo2PEMEAu0uWjyb4gljTFXYVdAiFeJ4/hXl9x
PeyIYl1IMlehzqmV1Hj8V7fQpTrBAv5UiaRN1c23TqMPwCSaGM8CmHGmVzz2FWEw
8m1Qv8lOEBA+4byNbut5/FV4+ml9uzfSAHtT2lUFQFmdZ9twDWmZGdRJWVz4cHZo
HMCOSIhSYJo3LsbQUWnNq/1SENmPv+HVsF2y90OLsr6nMnsOnbUY9IAtlP/Ffdjo
V6Fu/ToOm1aSBhOKKngF/P/RwULswWgYRmdDFP4JDgr2umBqS4i+3sWRF1IUZq7i
7sBIxSd7m4YC7C6wlRhaxXM4McMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSlp3l+
yMGIInbcMMjkLI2hCmBUUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQAlGAuwasklWidn1QqJs4orr+QL06nalPcyibwvmZ4W
l7tyoUyOibysZdXWJXGLmqWgAcny5fpkJQRADqG5eZe6boUu6fARxd1fF4M8dqvA
E9YBdibeb09m7V9ZGWUntB/QWFErmM/4sNrlDXKAhGNNXsMJJ+621cgU/pk5wUtV
yYRdajEo7zOppHRfWLeuWmD4zt7O33mm4VxiJI5PAk/zter0FvAQ1kvnKJE///QD
qkEud5XGIMctOz8EmRQxs0Mqx0gdjV+tauIY6Zus/zWizJnAYMA80IWCm2WeaJTj
nKG9Y6aMBVAgxSnEXbq/dzwmbVQNCRPch5i8pc7TFWnU
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:03 2025 by rpki-client