Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: Y8xSfGt65fcFqBdueequOqtfhqLAhz56kDXQ6M7NIXg=
Subject key identifier: 1E:0B:CD:37:3C:F4:F6:94:65:45:F0:EF:B1:53:9F:4B:0B:7D:C2:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EABB453C088A7D46CD8482589A375CD06449E4E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ab:b4:53:c0:88:a7:d4:6c:d8:48:25:89:a3:75:cd:06:44:9e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=7c0fb7532a16e3410faa4464f9744fe2ff61f99ec95e28d23729f0f55b25f941, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:06:d8:5a:16:37:8b:d5:06:a1:e0:7f:3c:37:
0d:6c:1f:5c:54:69:91:df:4a:72:1c:8b:54:da:0a:
2d:74:fb:f5:4e:2a:49:5d:af:bf:ca:57:be:c4:57:
17:e7:2a:ce:69:aa:05:d7:5a:93:22:9f:62:ad:da:
b2:e9:b5:67:4a:3a:02:69:91:f0:2b:72:a4:31:dc:
4f:f4:83:19:97:01:ad:e8:fa:6b:71:19:61:72:bb:
fa:21:7c:b0:56:62:13:93:16:d0:df:0c:2c:97:c2:
12:d9:17:d9:c5:93:fa:0f:9e:ac:a7:e9:28:83:04:
ce:a6:f6:d2:97:c9:10:5d:b1:7a:14:c4:a6:e5:ce:
66:6c:b5:17:77:55:7e:38:6c:25:4c:83:08:c6:46:
07:57:34:2e:de:87:5e:47:97:d5:36:43:fd:e5:23:
88:00:ef:9a:e5:9c:58:92:7f:16:22:54:3a:36:f2:
ad:50:00:31:2d:70:54:18:77:94:c0:09:35:a5:18:
c2:dc:24:b8:57:6b:72:94:62:7e:c3:2c:29:9a:5b:
cf:19:fb:da:10:7d:70:2b:ac:79:e3:55:db:5e:c9:
90:9e:34:50:65:98:3b:79:75:89:d1:01:af:b7:78:
c6:2f:05:92:e2:9b:a3:aa:be:ec:fa:89:b7:6c:04:
e6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0B:CD:37:3C:F4:F6:94:65:45:F0:EF:B1:53:9F:4B:0B:7D:C2:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:e6:9a:98:29:26:22:f8:a7:2b:9f:5c:a2:e1:17:22:c7:9f:
5a:22:12:2c:5b:40:55:cd:aa:83:9e:4b:0c:86:4e:6a:e0:28:
98:99:bc:35:13:83:f0:f4:1d:df:d0:22:a8:39:fb:c5:01:3f:
11:3c:16:3a:37:da:16:39:cc:77:88:e8:f9:6a:c6:42:20:48:
9e:c0:e4:4c:99:be:34:80:1f:e3:ac:d0:d0:83:a6:c7:91:75:
31:ec:1c:3b:13:96:4c:a0:80:23:5b:9a:f3:77:03:58:99:8b:
29:64:1e:7b:61:4e:4a:73:8b:de:a4:80:8f:e0:ce:a7:21:d6:
a9:9f:2d:cc:50:68:e7:ff:67:f4:9e:c2:0a:34:1d:d0:72:49:
25:6f:0a:15:09:2c:f6:8c:ea:a9:92:5e:02:76:4b:ae:85:60:
d2:1f:7c:4a:47:08:d7:15:95:12:fb:5b:b3:f8:39:7d:fb:62:
0f:66:01:e7:07:1e:22:99:f2:b4:cf:24:ec:fe:51:05:fd:3d:
7a:8f:76:ce:bb:57:be:e4:b2:7f:7a:1b:4d:e5:da:6b:2b:3d:
65:fa:97:33:c9:ff:9f:25:dc:4d:65:65:70:73:c4:f9:d6:2b:
05:60:6a:99:78:d4:8f:75:5b:e1:41:4e:b9:87:85:0b:c0:fe:
b6:f7:26:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXqu0U8CIp9Rs2EgliaN1zQZEnk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMGZiNzUzMmExNmUzNDEwZmFhNDQ2NGY5NzQ0ZmUyZmY2MWY5OWVjOTVl
MjhkMjM3MjlmMGY1NWIyNWY5NDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwG2FoWN4vVBqHgfzw3DWwfXFRpkd9KchyLVNoKLXT79U4qSV2vv8pXvsRX
F+cqzmmqBddakyKfYq3asum1Z0o6AmmR8CtypDHcT/SDGZcBrej6a3EZYXK7+iF8
sFZiE5MW0N8MLJfCEtkX2cWT+g+erKfpKIMEzqb20pfJEF2xehTEpuXOZmy1F3dV
fjhsJUyDCMZGB1c0Lt6HXkeX1TZD/eUjiADvmuWcWJJ/FiJUOjbyrVAAMS1wVBh3
lMAJNaUYwtwkuFdrcpRifsMsKZpbzxn72hB9cCuseeNV217JkJ40UGWYO3l1idEB
r7d4xi8FkuKbo6q+7PqJt2wE5rcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeC803
PPT2lGVF8O+xU59LC33CqDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBf5pqYKSYi+Kcrn1yi4Rcix59aIhIsW0BVzaqDnksM
hk5q4CiYmbw1E4Pw9B3f0CKoOfvFAT8RPBY6N9oWOcx3iOj5asZCIEiewORMmb40
gB/jrNDQg6bHkXUx7Bw7E5ZMoIAjW5rzdwNYmYspZB57YU5Kc4vepICP4M6nIdap
ny3MUGjn/2f0nsIKNB3QckklbwoVCSz2jOqpkl4CdkuuhWDSH3xKRwjXFZUS+1uz
+Dl9+2IPZgHnBx4imfK0zyTs/lEF/T16j3bOu1e+5LJ/ehtN5dprKz1l+pczyf+f
JdxNZWVwc8T51isFYGqZeNSPdVvhQU65h4ULwP629ybh
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:11:57 2025 by rpki-client