Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: nOHYg2pFbVayhFeXJD4kj39UpldI/QplFvPzd3x9j5U=
Subject key identifier: 6A:8F:8C:F7:AB:5F:AD:9B:2F:E4:FF:9E:75:63:34:59:40:6E:15:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3FBC10AF9AE9AE413A236BE82E441D0668789278
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:bc:10:af:9a:e9:ae:41:3a:23:6b:e8:2e:44:1d:06:68:78:92:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=d373652b8b3c08be541841a46f106d94b1657b2755809539b424191427b97bfb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ff:14:e8:21:b3:0d:72:db:4b:59:90:07:d1:
3b:34:f3:0c:18:22:0d:37:b6:73:68:77:a8:ca:19:
f6:cd:33:9f:d9:5f:5a:45:04:7f:c6:c7:10:7d:b9:
ce:4c:b2:10:5b:9c:ae:77:88:82:d6:06:a2:ce:54:
51:7a:4a:98:e0:1c:42:32:cb:b5:7d:15:18:bc:6f:
f2:31:4e:4d:7d:5a:00:53:60:95:68:0e:32:06:42:
62:6a:23:af:51:a5:39:5e:cb:57:48:f3:94:68:30:
2f:03:61:49:26:f8:13:a4:85:65:82:92:e7:c2:10:
90:39:11:3c:17:7f:1c:7c:81:49:e4:ac:f0:38:a0:
ec:d8:1d:8c:69:12:31:44:c5:33:99:28:5f:f5:92:
9b:ec:08:5f:33:eb:a5:0b:05:c2:0c:11:d2:20:c1:
89:5f:2d:22:b7:b2:dd:54:20:61:c1:1d:fc:7e:e3:
05:6c:86:d7:74:32:a5:10:a6:b4:ab:2b:03:fd:30:
33:57:fc:b5:cd:b7:3b:e0:aa:46:7e:0a:3b:bb:ab:
45:9b:f0:1d:69:f8:b3:fa:86:7a:f5:77:8e:71:9a:
6d:48:ce:d6:08:6a:9e:6e:04:88:2f:6b:b9:2a:30:
30:a9:1b:ee:14:b1:2c:60:f8:c1:39:8b:ce:6f:7f:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8F:8C:F7:AB:5F:AD:9B:2F:E4:FF:9E:75:63:34:59:40:6E:15:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
98:f2:bf:25:73:56:9b:c4:16:7e:85:b3:f0:ab:2c:3f:ba:27:
90:2f:34:1e:66:f7:27:41:42:94:d9:a1:54:81:2f:11:36:dc:
c6:74:10:4f:d2:63:f8:dc:c7:01:3e:9d:1c:3a:32:0e:f1:8f:
10:74:1e:8c:b3:25:5d:36:ca:fc:bb:00:9e:9d:54:5e:6f:fa:
b4:48:3c:50:d6:fe:89:55:fa:59:e3:c3:44:7a:d5:4d:4d:f9:
64:53:f4:e9:e9:4a:12:04:73:4d:8d:d6:6a:97:e1:62:a1:96:
63:41:15:1d:7e:06:f3:c4:c5:ce:65:3e:c3:b7:da:50:ae:0e:
f5:2f:12:68:fe:9e:55:d7:89:5e:4f:c5:4b:9b:5e:39:34:18:
db:98:dd:a5:b0:26:92:f7:5a:5b:7f:e9:6a:ec:ae:44:a1:47:
db:dc:f1:89:ff:2c:90:52:e2:8f:ec:28:00:84:0e:93:54:f6:
42:5c:ce:aa:74:78:8c:1d:18:c2:1a:df:af:c7:df:23:a0:3b:
fd:a7:cf:3e:3f:fd:cb:32:f8:f0:2c:bb:d8:0a:00:b1:e1:50:
73:41:c9:1e:a2:ef:6c:cc:cb:cc:cd:f1:04:1c:a8:b7:71:46:
f6:80:3e:59:70:d7:cb:2b:7f:b7:60:6c:c1:bc:7d:b6:31:21:
eb:31:f0:4b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP7wQr5rprkE6I2voLkQdBmh4kngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNzM2NTJiOGIzYzA4YmU1NDE4NDFhNDZmMTA2ZDk0YjE2NTdiMjc1NTgw
OTUzOWI0MjQxOTE0MjdiOTdiZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANz/FOghsw1y20tZkAfROzTzDBgiDTe2c2h3qMoZ9s0zn9lfWkUEf8bHEH25
zkyyEFucrneIgtYGos5UUXpKmOAcQjLLtX0VGLxv8jFOTX1aAFNglWgOMgZCYmoj
r1GlOV7LV0jzlGgwLwNhSSb4E6SFZYKS58IQkDkRPBd/HHyBSeSs8Dig7NgdjGkS
MUTFM5koX/WSm+wIXzPrpQsFwgwR0iDBiV8tIrey3VQgYcEd/H7jBWyG13QypRCm
tKsrA/0wM1f8tc23O+CqRn4KO7urRZvwHWn4s/qGevV3jnGabUjO1ghqnm4EiC9r
uSowMKkb7hSxLGD4wTmLzm9/vzcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRqj4z3
q1+tmy/k/551YzRZQG4VeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmPK/JXNWm8QWfoWz8KssP7onkC80Hmb3J0FClNmh
VIEvETbcxnQQT9Jj+NzHAT6dHDoyDvGPEHQejLMlXTbK/LsAnp1UXm/6tEg8UNb+
iVX6WePDRHrVTU35ZFP06elKEgRzTY3WapfhYqGWY0EVHX4G88TFzmU+w7faUK4O
9S8SaP6eVdeJXk/FS5teOTQY25jdpbAmkvdaW3/pauyuRKFH29zxif8skFLij+wo
AIQOk1T2QlzOqnR4jB0Ywhrfr8ffI6A7/afPPj/9yzL48Cy72AoAseFQc0HJHqLv
bMzLzM3xBByot3FG9oA+WXDXyyt/t2Bswbx9tjEh6zHwSw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:33:32 2025 by rpki-client