Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: PrB/L3KHG3pBmI1eqLzSkLkzRlMS/JUkXQURHufnXpc=
Subject key identifier: E9:F2:AC:9C:73:F6:09:92:07:77:0B:A0:55:75:00:E7:DF:F7:E5:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C76DE749BB5944C025BC0A51E1CB1C43127E7F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:76:de:74:9b:b5:94:4c:02:5b:c0:a5:1e:1c:b1:c4:31:27:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2e249cbb020d521c8d8c2e247cf06e81d93c1c05b3b0ed03cafd207fb1ff5e20, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1c:11:f8:b0:fa:a6:25:6b:6e:2b:bd:7e:34:
b1:cf:c5:78:9e:19:05:35:26:92:c2:58:cd:9f:85:
ad:69:e2:01:7b:bb:58:a3:f2:54:38:f8:05:e1:4e:
0c:6f:99:e6:2d:43:ce:de:14:48:e4:2d:a7:bb:6c:
77:b0:07:3c:0b:98:c7:c5:68:e5:05:c8:5c:7b:a6:
a6:43:f2:9a:a8:dd:69:b1:83:32:53:62:fb:37:d1:
23:1a:23:41:7e:ae:9f:72:45:6c:9d:e9:03:62:19:
2d:ab:60:ab:74:ef:2f:a3:cd:a6:b9:67:6e:2d:20:
62:a7:90:99:4b:52:7a:cf:ba:13:d5:4d:f4:fc:96:
db:d5:6b:e3:45:5d:2d:dd:64:60:57:6f:f2:c5:dd:
e4:cd:5b:a2:b7:5a:74:45:f5:5d:f2:e2:3a:b1:db:
16:10:64:92:e4:c1:3e:b6:82:45:58:0f:90:a2:3b:
62:da:95:97:b4:b8:a3:8f:b0:c9:40:7f:f7:db:f5:
af:e2:f7:d3:db:f1:e4:cc:aa:85:0f:b6:9b:6e:59:
18:54:12:c3:b0:7b:f2:49:83:15:26:77:0d:d7:c2:
de:3b:c8:59:8b:0e:c9:b6:ea:2c:db:f2:55:74:6a:
82:c4:5b:20:7a:3d:8f:07:56:42:86:59:17:29:51:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F2:AC:9C:73:F6:09:92:07:77:0B:A0:55:75:00:E7:DF:F7:E5:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:6a:b1:93:ad:32:12:68:60:0d:11:a0:c0:3e:d4:11:54:a9:
c3:53:3d:53:76:35:03:ff:6c:de:02:97:26:7e:2b:2f:96:c5:
ff:8e:a5:e6:26:63:f6:3e:46:c1:25:57:f8:ac:bb:a3:fd:18:
f4:d4:db:b5:7a:9d:74:4d:9a:4b:29:d4:b7:e9:ec:0a:6f:53:
2b:73:76:8d:83:60:3f:95:10:b9:1c:44:cc:c4:fa:04:29:e8:
90:84:d6:39:29:ce:fe:0d:6a:dc:5f:a8:3d:b3:75:d3:4b:c9:
c4:3e:a1:51:cf:ad:d5:52:75:d5:1d:b2:8e:22:44:9c:59:35:
1e:71:f4:79:e7:4b:6e:bf:03:a6:15:c8:96:5c:fc:9e:ea:d7:
e1:4b:15:e6:e6:83:df:e5:20:8b:41:a4:4c:95:2a:75:00:77:
a7:eb:23:f2:c4:0f:bb:e0:d7:87:66:a7:f9:a7:63:ad:ea:f9:
c3:32:0f:a0:e4:9a:bd:df:63:c3:50:a5:5a:d5:7d:d9:db:4d:
0e:c9:c6:8f:d7:fd:19:77:2a:fe:bb:28:0c:12:06:1d:13:69:
f9:56:cf:90:8d:53:ff:18:a2:c0:17:42:1a:b5:f7:cc:f1:79:
16:63:c8:c8:8c:00:97:7b:53:50:08:fe:4f:7a:4a:6e:e5:56:
c2:fc:9d:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHHbedJu1lEwCW8ClHhyxxDEn5/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMjQ5Y2JiMDIwZDUyMWM4ZDhjMmUyNDdjZjA2ZTgxZDkzYzFjMDViM2Iw
ZWQwM2NhZmQyMDdmYjFmZjVlMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEcEfiw+qYla24rvX40sc/FeJ4ZBTUmksJYzZ+FrWniAXu7WKPyVDj4BeFO
DG+Z5i1Dzt4USOQtp7tsd7AHPAuYx8Vo5QXIXHumpkPymqjdabGDMlNi+zfRIxoj
QX6un3JFbJ3pA2IZLatgq3TvL6PNprlnbi0gYqeQmUtSes+6E9VN9PyW29Vr40Vd
Ld1kYFdv8sXd5M1bordadEX1XfLiOrHbFhBkkuTBPraCRVgPkKI7YtqVl7S4o4+w
yUB/99v1r+L309vx5MyqhQ+2m25ZGFQSw7B78kmDFSZ3DdfC3jvIWYsOybbqLNvy
VXRqgsRbIHo9jwdWQoZZFylRvFUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTp8qyc
c/YJkgd3C6BVdQDn3/flTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQDGarGTrTISaGANEaDAPtQRVKnDUz1TdjUD/2zeApcm
fisvlsX/jqXmJmP2PkbBJVf4rLuj/Rj01Nu1ep10TZpLKdS36ewKb1Mrc3aNg2A/
lRC5HETMxPoEKeiQhNY5Kc7+DWrcX6g9s3XTS8nEPqFRz63VUnXVHbKOIkScWTUe
cfR550tuvwOmFciWXPye6tfhSxXm5oPf5SCLQaRMlSp1AHen6yPyxA+74NeHZqf5
p2Ot6vnDMg+g5Jq932PDUKVa1X3Z200OycaP1/0Zdyr+uygMEgYdE2n5Vs+QjVP/
GKLAF0IatffM8XkWY8jIjACXe1NQCP5Pekpu5VbC/J2S
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:24:25 2025 by rpki-client