Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: 3xsR88f70WWgZLytsO9uUwOt48Daz6a7tJnbjrTB/Xw=
Subject key identifier: 7D:DB:71:0E:C3:DE:71:E8:8B:CF:A9:B8:74:FB:F1:29:9C:9B:73:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35F3FE264421DF7AE0D0699B3E07755F5F610C16
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Mon 27 Jan 2025 00:00:00 +0000
ROA not before: Mon 27 Jan 2025 00:00:00 +0000
ROA not after: Mon 03 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:f3:fe:26:44:21:df:7a:e0:d0:69:9b:3e:07:75:5f:5f:61:0c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 27 00:00:00 2025 GMT
Not After : Mar 3 23:59:59 2025 GMT
Subject: serialNumber=8ab329362a267f3955057cee649c29a85a4347341bd86293bcdd33dc259a4102, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:13:dd:78:11:23:ab:5e:48:ca:d5:3d:0e:3d:
6d:28:ce:8e:b5:47:21:2d:e4:11:d1:57:0f:4d:14:
b4:9d:4b:c7:3e:a5:7c:a3:49:b6:8f:14:02:f8:96:
f7:40:42:c4:f0:a0:f9:6d:9c:75:db:f3:fa:7f:37:
dd:f0:79:e6:0f:67:92:5e:9a:f2:72:6d:9c:5c:b9:
4f:70:c4:87:0a:99:dd:f0:6c:fb:68:75:97:5b:4d:
08:bb:ef:00:df:50:64:53:89:cf:a5:bb:ed:48:c7:
ea:c9:f7:20:62:5b:6a:7c:73:2f:06:84:81:9b:15:
9a:a7:75:3e:50:68:e4:8b:12:d8:8f:58:04:2b:19:
20:14:c2:f4:10:22:16:5c:73:22:f3:62:30:ea:29:
72:0c:15:57:e9:dc:28:01:4e:04:80:00:3a:ee:d0:
ea:02:5a:c4:be:cc:2f:7c:ae:c3:b7:d1:af:13:55:
72:5c:f1:5a:7f:c5:51:49:6e:69:6b:64:20:a3:ef:
80:2f:23:8a:e2:4e:6e:00:be:8b:26:9a:59:f2:0a:
6c:25:49:bf:06:f6:90:f9:aa:f0:e6:9b:e2:80:5f:
29:ab:79:42:20:f9:c6:9e:fa:68:d6:f5:5d:70:6b:
bb:46:9d:9f:d3:ca:fa:5c:a7:fa:b7:f3:8a:80:4b:
51:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DB:71:0E:C3:DE:71:E8:8B:CF:A9:B8:74:FB:F1:29:9C:9B:73:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a1:04:ea:96:ef:07:5d:b4:ae:f8:55:3c:8f:18:64:d6:a3:76:
79:0a:c0:f0:93:33:bd:6f:39:a2:68:f8:01:43:af:a1:a1:47:
66:ab:b3:2c:0c:82:07:5c:67:9f:bf:fa:36:d9:f1:3a:7b:83:
ee:46:db:8d:8d:84:94:30:5a:1b:1a:61:93:70:ec:2c:32:5c:
53:8c:b2:2d:41:a3:13:b8:b7:c8:c5:06:0c:c4:73:65:b7:2c:
6b:8c:aa:5e:1a:8d:09:1a:5b:54:2c:a1:84:c6:15:7f:b5:2c:
8f:e2:01:6d:10:ba:c9:03:56:05:50:06:28:02:0f:e6:69:01:
3d:f4:08:68:d7:5a:ff:13:b3:81:da:df:1d:65:c9:68:3f:bd:
a4:4c:28:de:d0:0f:6a:82:0f:33:b3:0d:67:23:27:09:c4:40:
f8:be:3e:b0:50:3d:f5:cd:5e:50:c7:09:74:b1:c9:ac:ea:72:
f3:90:5a:b2:18:b9:2c:32:16:80:e0:a2:99:aa:d2:d1:2a:21:
b4:11:4f:c9:f8:87:c3:cc:cb:85:b4:f8:52:84:a7:11:1d:99:
00:60:39:41:56:9b:30:19:68:f5:fa:85:6c:c0:51:af:c7:7e:
a2:48:4d:b1:e2:c6:ea:d9:97:ee:53:e0:86:c4:d1:10:73:3e:
51:38:c6:29
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNfP+JkQh33rg0GmbPgd1X19hDBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjcwMDAwMDBaFw0yNTAzMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhYjMyOTM2MmEyNjdmMzk1NTA1N2NlZTY0OWMyOWE4NWE0MzQ3MzQxYmQ4
NjI5M2JjZGQzM2RjMjU5YTQxMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUT3XgRI6teSMrVPQ49bSjOjrVHIS3kEdFXD00UtJ1Lxz6lfKNJto8UAviW
90BCxPCg+W2cddvz+n833fB55g9nkl6a8nJtnFy5T3DEhwqZ3fBs+2h1l1tNCLvv
AN9QZFOJz6W77UjH6sn3IGJbanxzLwaEgZsVmqd1PlBo5IsS2I9YBCsZIBTC9BAi
FlxzIvNiMOopcgwVV+ncKAFOBIAAOu7Q6gJaxL7ML3yuw7fRrxNVclzxWn/FUUlu
aWtkIKPvgC8jiuJObgC+iyaaWfIKbCVJvwb2kPmq8Oab4oBfKat5QiD5xp76aNb1
XXBru0adn9PK+lyn+rfzioBLUUsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR923EO
w95x6IvPqbh0+/EpnJtzxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAoQTqlu8HXbSu+FU8jxhk1qN2eQrA8JMzvW85omj4
AUOvoaFHZquzLAyCB1xnn7/6NtnxOnuD7kbbjY2ElDBaGxphk3DsLDJcU4yyLUGj
E7i3yMUGDMRzZbcsa4yqXhqNCRpbVCyhhMYVf7Usj+IBbRC6yQNWBVAGKAIP5mkB
PfQIaNda/xOzgdrfHWXJaD+9pEwo3tAPaoIPM7MNZyMnCcRA+L4+sFA99c1eUMcJ
dLHJrOpy85Bashi5LDIWgOCimarS0SohtBFPyfiHw8zLhbT4UoSnER2ZAGA5QVab
MBlo9fqFbMBRr8d+okhNseLG6tmX7lPghsTREHM+UTjGKQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:09:38 2025 by rpki-client