Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: CvWpaUtwnKhKvKWH61uhtpl0CCZq4D5xL9AcqlfIe4o=
Subject key identifier: F1:F4:32:29:7D:C9:99:E5:8B:05:99:70:53:A4:44:B8:F7:48:DE:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C15372201046E73C69DD2631E2BBC378C9C47
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:15:37:22:01:04:6e:73:c6:9d:d2:63:1e:2b:bc:37:8c:9c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=b82dc79ce4c9e17511f3d8ec05835aad20dd3ef0177aff698db304925ba383f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:20:b7:6f:57:d8:2e:cd:b3:ca:5e:4b:6d:4a:
a8:6e:18:6b:36:e6:e6:d5:0c:9c:5b:50:65:51:4a:
bd:af:40:67:ab:45:8c:40:cc:92:cd:43:b3:4e:36:
8a:85:2f:3b:de:c7:73:f9:d4:82:7d:87:1c:39:4e:
b2:fc:81:38:cc:dc:a6:c4:3a:f4:e0:5d:23:c6:22:
0a:0c:5e:d8:01:4c:74:ac:f8:bd:38:b8:f7:57:72:
70:99:f3:d0:8a:97:1e:1e:20:39:d9:7c:34:59:c3:
c7:20:65:54:ad:a2:9f:30:c6:eb:b0:68:95:dd:36:
d5:86:6a:1b:43:95:c2:2e:34:80:90:93:cb:c0:6b:
d5:33:1d:4a:4e:fa:24:8c:4c:d0:57:b5:2a:59:61:
bc:ce:e5:86:99:dc:79:54:75:0c:b1:9b:d9:32:aa:
c3:95:41:bf:9d:0d:3a:72:c3:8e:e0:54:d4:fb:fc:
13:3d:df:14:81:33:f3:0f:5a:05:0e:7d:9d:e3:ec:
3c:4d:4f:08:f4:4a:13:c1:b6:17:e7:83:96:4c:b2:
a8:56:2a:8d:d8:d1:e5:83:35:11:b3:da:2d:8f:07:
0c:33:59:c2:85:ff:61:b5:5f:0c:ad:53:5a:4d:a9:
64:d1:ad:16:a4:34:79:39:44:a5:17:86:a0:34:fc:
c2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F4:32:29:7D:C9:99:E5:8B:05:99:70:53:A4:44:B8:F7:48:DE:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a5:3b:5f:e7:ff:37:05:ad:40:39:36:e5:db:e5:9c:01:2d:f2:
84:f6:18:a7:b1:06:4b:5c:01:ba:56:0d:20:7f:ff:3b:81:a6:
2f:e7:0f:f4:0f:0a:73:a0:dc:58:e9:ab:02:7a:d8:1d:97:3d:
42:26:5f:0a:20:61:ae:98:f8:fa:4f:54:f6:2c:3f:d9:f7:d2:
4a:ed:aa:9f:a2:18:1a:95:6a:ff:b4:68:a6:38:e5:c4:bf:97:
3c:89:d9:58:1b:8a:89:36:bd:05:bd:d1:0e:8b:79:5f:47:58:
f2:2f:5b:bf:d9:8d:bc:c2:69:54:83:c0:6a:fc:b3:c7:6e:87:
b4:08:96:b1:ae:64:26:f0:23:ec:c7:58:5b:88:90:1a:fc:1b:
19:ca:12:41:23:67:0a:9b:54:f5:d9:a6:23:2b:5a:8b:3b:e5:
6a:a3:34:f9:c4:47:52:12:06:d0:76:2e:8b:ef:de:50:90:27:
3a:f3:b1:3d:4f:91:89:14:ea:e0:4e:9a:2e:1c:24:d1:0e:41:
8d:0c:91:60:bc:6f:3a:b3:38:b3:30:87:fb:5c:cc:0f:ae:e1:
8b:f5:7c:ca:b0:d1:83:01:29:d9:af:ee:6b:b3:02:ef:c6:fc:
3e:d1:d6:78:3a:5d:24:4a:ff:c0:0c:10:b8:3a:72:25:f9:68:
6c:cb:09:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgITLBU3IgEEbnPGndJjHiu8N4ycRzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI1MDExNDAwMDAwMFoXDTI1MDIxODIzNTk1OVowejFJMEcGA1UE
BRNAYjgyZGM3OWNlNGM5ZTE3NTExZjNkOGVjMDU4MzVhYWQyMGRkM2VmMDE3N2Fm
ZjY5OGRiMzA0OTI1YmEzODNmNjEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7SC3b1fYLs2zyl5LbUqobhhrNubm1QycW1BlUUq9r0Bnq0WMQMySzUOzTjaK
hS873sdz+dSCfYccOU6y/IE4zNymxDr04F0jxiIKDF7YAUx0rPi9OLj3V3JwmfPQ
ipceHiA52Xw0WcPHIGVUraKfMMbrsGiV3TbVhmobQ5XCLjSAkJPLwGvVMx1KTvok
jEzQV7UqWWG8zuWGmdx5VHUMsZvZMqrDlUG/nQ06csOO4FTU+/wTPd8UgTPzD1oF
Dn2d4+w8TU8I9EoTwbYX54OWTLKoViqN2NHlgzURs9otjwcMM1nChf9htV8MrVNa
Talk0a0WpDR5OUSlF4agNPzCXwIDAQABo4ICITCCAh0wHQYDVR0OBBYEFPH0Mil9
yZnliwWZcFOkRLj3SN71MB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy80
NGM0NDk2Yy02M2UxLTQ5ZmMtODI4Yi1kNzdmOTRlMGE3ODkucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH1UiAMA0G
CSqGSIb3DQEBCwUAA4IBAQClO1/n/zcFrUA5NuXb5ZwBLfKE9hinsQZLXAG6Vg0g
f/87gaYv5w/0DwpzoNxY6asCetgdlz1CJl8KIGGumPj6T1T2LD/Z99JK7aqfohga
lWr/tGimOOXEv5c8idlYG4qJNr0FvdEOi3lfR1jyL1u/2Y28wmlUg8Bq/LPHboe0
CJaxrmQm8CPsx1hbiJAa/BsZyhJBI2cKm1T12aYjK1qLO+VqozT5xEdSEgbQdi6L
795QkCc687E9T5GJFOrgTpouHCTRDkGNDJFgvG86szizMIf7XMwPruGL9XzKsNGD
ASnZr+5rswLvxvw+0dZ4Ol0kSv/ADBC4OnIl+Whsywk/
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:29 2025 by rpki-client