Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: 63+wr7SPpYDc2R3E+b5vU6Sa2o6Ns0mxwSQMlCu8MHk=
Subject key identifier: 9F:F1:3E:74:35:08:B9:6A:2F:A7:0B:26:04:BA:7C:27:EE:58:C5:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 384F97C5E72AF0F4047F00DB4EE38A9F1F7F9C21
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4f:97:c5:e7:2a:f0:f4:04:7f:00:db:4e:e3:8a:9f:1f:7f:9c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=fc8db64ff5aa170289bc6b465b227c7c36377ac421ced967592b5ebc2b9854ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ac:73:6e:3d:58:40:15:db:c3:37:96:21:29:
39:29:f8:d4:0b:e8:1f:a1:7e:99:76:ea:69:ae:6c:
73:3a:77:e3:82:1d:a0:45:6e:74:cd:eb:7f:0a:ee:
54:d0:05:87:66:16:e1:19:27:3f:f0:55:e5:3b:09:
73:02:82:8c:5a:1e:b6:46:0f:4b:cf:61:ec:40:77:
8b:8e:7f:8f:b2:a0:e0:1b:cd:c1:42:70:32:2e:01:
42:e0:2d:d3:6b:44:40:aa:b4:12:7c:2a:3b:18:d5:
92:ba:84:7d:5f:c2:44:70:35:e1:01:90:a5:ce:45:
b2:70:50:7e:38:e2:9b:32:45:91:32:f0:c5:ad:06:
3f:ad:29:6e:13:63:eb:8f:f5:06:3b:3d:fa:45:07:
a2:cd:28:a5:29:a5:e3:3c:45:e7:d0:7d:b9:62:71:
86:32:e8:19:0d:8c:6e:bf:99:8b:6b:29:da:db:28:
db:50:a0:8c:cb:cb:f9:92:76:c0:d4:19:88:78:f9:
db:78:cf:90:2c:11:d0:db:79:55:6d:d9:2d:14:77:
fb:4a:0a:88:e4:88:fe:7d:41:62:12:f6:95:15:f0:
a0:9c:96:1b:5a:ba:49:0c:ba:9f:30:dc:6c:45:c1:
bd:4d:77:3d:5e:46:43:5c:65:86:c7:c7:01:92:10:
e2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F1:3E:74:35:08:B9:6A:2F:A7:0B:26:04:BA:7C:27:EE:58:C5:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
4a:40:89:ba:1f:78:ac:0a:20:2c:30:00:22:85:e0:a0:92:b0:
27:50:5e:26:7f:d4:1c:1d:35:8a:99:88:6c:ac:a8:b9:d7:5a:
50:31:fb:49:0d:a4:97:f7:91:ed:14:93:e5:0f:f9:6b:bb:70:
a1:ab:2e:7e:49:1f:49:54:36:10:bf:b4:9d:1c:56:71:39:51:
fe:88:ce:a6:8f:3e:62:e2:ad:6c:08:6e:1a:80:9c:30:81:43:
6d:1d:e1:7f:da:91:ca:cb:c6:ac:3a:4d:a3:35:b3:b6:83:13:
e4:27:1e:66:88:53:b3:1d:1a:69:47:1f:1b:eb:c2:23:1a:e5:
e9:88:da:2b:fa:e3:76:ca:32:1f:b3:e6:80:8b:8c:d9:b5:27:
b8:c5:d9:21:8a:f1:f4:d3:7f:2f:f9:c3:e7:78:71:f7:3f:ee:
35:35:74:72:c3:1e:16:13:ea:1f:b6:a9:47:3e:92:f3:f5:a6:
e2:cc:93:c8:2c:01:d1:ec:6d:14:c6:1b:1a:76:29:1d:a2:41:
1c:4c:26:c5:4d:35:44:07:58:70:27:c9:49:7b:90:fd:26:3e:
5d:cb:ec:ff:49:ea:68:7c:c0:de:85:d8:b6:50:e6:b0:8d:ca:
9e:72:4a:02:1a:96:ae:b8:ca:a0:bf:fc:5f:d8:14:a6:4e:b4:
ba:9f:0f:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOE+Xxecq8PQEfwDbTuOKnx9/nCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOGRiNjRmZjVhYTE3MDI4OWJjNmI0NjViMjI3YzdjMzYzNzdhYzQyMWNl
ZDk2NzU5MmI1ZWJjMmI5ODU0ZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCsc249WEAV28M3liEpOSn41AvoH6F+mXbqaa5sczp344IdoEVudM3rfwru
VNAFh2YW4RknP/BV5TsJcwKCjFoetkYPS89h7EB3i45/j7Kg4BvNwUJwMi4BQuAt
02tEQKq0EnwqOxjVkrqEfV/CRHA14QGQpc5FsnBQfjjimzJFkTLwxa0GP60pbhNj
64/1Bjs9+kUHos0opSml4zxF59B9uWJxhjLoGQ2Mbr+Zi2sp2tso21CgjMvL+ZJ2
wNQZiHj523jPkCwR0Nt5VW3ZLRR3+0oKiOSI/n1BYhL2lRXwoJyWG1q6SQy6nzDc
bEXBvU13PV5GQ1xlhsfHAZIQ4jkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSf8T50
NQi5ai+nCyYEunwn7ljF6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQBKQIm6H3isCiAsMAAiheCgkrAnUF4mf9QcHTWKmYhs
rKi511pQMftJDaSX95HtFJPlD/lru3Chqy5+SR9JVDYQv7SdHFZxOVH+iM6mjz5i
4q1sCG4agJwwgUNtHeF/2pHKy8asOk2jNbO2gxPkJx5miFOzHRppRx8b68IjGuXp
iNor+uN2yjIfs+aAi4zZtSe4xdkhivH0038v+cPneHH3P+41NXRywx4WE+oftqlH
PpLz9abizJPILAHR7G0UxhsadikdokEcTCbFTTVEB1hwJ8lJe5D9Jj5dy+z/Sepo
fMDehdi2UOawjcqeckoCGpauuMqgv/xf2BSmTrS6nw9x
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:06 2025 by rpki-client