Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: jCu8wggjgIeN24NtwjIq1ucWllHfqEi2hTEr1H31MeI=
Subject key identifier: AA:D3:C2:25:59:7D:BB:CC:84:5E:3B:63:D4:B9:BA:BE:DC:39:06:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56B099966DF3CE40F2551833B3DECB147E445B24
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:b0:99:96:6d:f3:ce:40:f2:55:18:33:b3:de:cb:14:7e:44:5b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=1f0fab27e27fcdc083d1a8c7d54b1a7f11d60485a7d6c05532863bf9d6f00169, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:cc:9a:f1:1b:a7:6f:26:03:18:ba:94:9c:
f1:6f:bb:7b:93:2c:35:06:81:a9:88:e1:a7:c3:e4:
1d:07:7c:7d:64:53:3a:87:b3:99:b7:32:3b:fe:35:
55:77:73:8f:66:a5:96:09:64:1e:1c:9b:63:c7:d3:
17:2e:bc:21:33:22:21:80:1a:70:6d:69:d6:7f:20:
b9:9b:f1:bf:cf:a9:05:6e:76:af:c8:77:eb:0e:71:
72:a2:29:35:75:6e:56:a9:22:b6:18:99:30:7e:47:
e6:de:7e:c4:57:5a:dc:10:0f:0a:7c:e8:88:1a:36:
65:0e:32:fa:45:97:90:3c:c2:8c:8a:85:37:74:f4:
30:25:0f:b9:05:b2:65:e8:31:8a:2e:fc:ba:16:cc:
cd:43:82:9b:49:5b:d6:39:4e:4c:01:aa:62:45:95:
25:63:16:6d:53:fd:80:e4:d7:0e:5e:0d:6f:cf:88:
7c:a6:bf:76:43:92:51:c9:50:56:0a:47:d9:c1:0a:
37:c6:c8:ea:38:18:3b:09:4e:70:4d:ad:10:a4:98:
20:9f:32:11:5d:00:8a:c5:78:07:64:dc:21:13:90:
8d:8f:bc:4e:d3:7c:15:53:41:7f:43:d9:c0:d0:7c:
f1:e7:56:bb:95:6b:da:cd:de:69:b1:42:6b:65:b8:
22:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D3:C2:25:59:7D:BB:CC:84:5E:3B:63:D4:B9:BA:BE:DC:39:06:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
05:c9:71:b1:2f:f9:5e:0e:a9:59:1d:41:9d:fe:88:09:02:6c:
77:e9:23:ef:55:fd:f8:97:03:ff:50:a4:db:0c:32:d9:00:b4:
c7:68:56:f9:e6:f8:20:d3:ec:0b:9e:7b:1d:14:0b:15:38:ee:
b9:49:1d:a0:17:99:d9:17:17:3f:30:45:20:4d:60:89:e9:f0:
22:3b:2f:1e:7c:fb:de:72:6b:3c:40:80:66:ec:28:c2:f9:ff:
50:1a:e9:b7:76:94:a5:cc:7c:e4:89:2f:94:6b:4c:ca:73:b0:
e4:ae:de:34:40:cc:2f:bf:b5:4c:c2:7c:6e:db:29:1e:c6:e6:
fc:5b:11:15:ca:01:1c:ca:f7:a7:26:ba:29:74:2d:f8:03:0e:
d5:01:09:f3:ad:db:5f:bd:d8:c2:d5:81:a5:0d:ed:bc:f0:32:
95:6b:db:87:88:f4:89:ca:69:62:47:93:32:4c:95:0d:51:be:
6a:17:ad:e8:1d:d9:10:3a:d6:84:b2:33:02:c7:ff:d1:33:5a:
1c:ef:be:d0:c5:6f:b4:b7:d4:ee:9d:82:dc:b9:10:19:ce:0d:
a5:00:b8:89:10:5c:7e:66:bf:3d:fa:64:30:c1:4d:ba:ca:af:
c1:87:d9:69:98:df:f4:d8:34:d0:85:ca:1b:66:27:21:ab:f3:
9b:30:22:0e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVrCZlm3zzkDyVRgzs97LFH5EWyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMGZhYjI3ZTI3ZmNkYzA4M2QxYThjN2Q1NGIxYTdmMTFkNjA0ODVhN2Q2
YzA1NTMyODYzYmY5ZDZmMDAxNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxtzJrxG6dvJgMYupSc8W+7e5MsNQaBqYjhp8PkHQd8fWRTOoezmbcyO/41
VXdzj2allglkHhybY8fTFy68ITMiIYAacG1p1n8guZvxv8+pBW52r8h36w5xcqIp
NXVuVqkithiZMH5H5t5+xFda3BAPCnzoiBo2ZQ4y+kWXkDzCjIqFN3T0MCUPuQWy
Zegxii78uhbMzUOCm0lb1jlOTAGqYkWVJWMWbVP9gOTXDl4Nb8+IfKa/dkOSUclQ
VgpH2cEKN8bI6jgYOwlOcE2tEKSYIJ8yEV0AisV4B2TcIROQjY+8TtN8FVNBf0PZ
wNB88edWu5Vr2s3eabFCa2W4ItUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSq08Il
WX27zIReO2PUubq+3DkGlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEABclxsS/5Xg6pWR1Bnf6ICQJsd+kj71X9+JcD/1Ck
2wwy2QC0x2hW+eb4INPsC557HRQLFTjuuUkdoBeZ2RcXPzBFIE1gienwIjsvHnz7
3nJrPECAZuwowvn/UBrpt3aUpcx85IkvlGtMynOw5K7eNEDML7+1TMJ8btspHsbm
/FsRFcoBHMr3pya6KXQt+AMO1QEJ863bX73YwtWBpQ3tvPAylWvbh4j0icppYkeT
MkyVDVG+ahet6B3ZEDrWhLIzAsf/0TNaHO++0MVvtLfU7p2C3LkQGc4NpQC4iRBc
fma/PfpkMMFNusqvwYfZaZjf9Ng00IXKG2YnIavzmzAiDg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:08:53 2025 by rpki-client