Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: g6CONZdlRM/iXFdCAcRmrJP4iszhS23nJQGJ7vVzuAo=
Subject key identifier: C4:4A:12:B0:3E:30:05:EC:CF:CC:48:80:37:8A:0D:C7:F9:D6:C9:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4974AF64CF180AD743A97703EE9F423ED6643F4F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:74:af:64:cf:18:0a:d7:43:a9:77:03:ee:9f:42:3e:d6:64:3f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=2d68a55a5e748f9ad50312bbf2a454c4df376b9f6d4eaa72ae4e603000276b5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:90:e6:ba:f0:c4:74:1e:62:d6:33:24:1e:
bf:18:7f:73:f3:57:5d:f6:28:a7:e2:43:6e:cc:0c:
24:4e:4c:17:9b:83:29:63:3d:3e:78:d1:4c:59:40:
03:2a:1a:bb:7b:c6:97:a6:f7:c0:04:2e:70:99:2b:
67:fd:2c:37:23:12:1f:50:bd:2f:a9:85:33:99:26:
25:66:32:6a:fb:51:1e:bd:03:5c:a0:ff:fe:76:8e:
04:4e:e3:48:e3:9e:05:db:81:fd:4b:82:94:ba:b9:
19:04:46:bd:4c:6d:e2:5b:90:50:de:ec:8b:b6:e9:
0a:a3:0a:a3:8f:4d:a6:69:70:44:38:00:78:e9:0a:
7d:7f:68:33:3e:31:a2:bb:bb:a1:81:99:6f:c9:39:
b8:73:58:3b:ff:d3:6d:22:bb:0d:bb:a7:2b:c5:53:
28:5e:39:e4:b7:17:29:84:02:7d:a7:3a:e5:c3:c5:
c4:0b:9a:2b:2b:1d:92:b6:8f:36:86:69:09:05:69:
05:d9:a1:ed:2a:f4:66:3e:21:39:5e:68:31:5d:8d:
1c:a2:92:c3:2c:d6:57:b0:c2:61:e5:98:fa:99:b5:
5b:51:4e:ff:a0:48:b9:c1:27:84:46:29:e6:73:32:
ec:02:94:35:bd:40:0e:a6:31:70:d4:69:2a:47:59:
3f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4A:12:B0:3E:30:05:EC:CF:CC:48:80:37:8A:0D:C7:F9:D6:C9:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:cf:75:e5:f9:df:a2:0c:b7:f9:0e:25:96:b1:0a:00:9b:e6:
dd:3c:6e:5c:3d:de:da:64:f1:04:e4:58:55:fb:09:77:e4:9c:
eb:f3:e9:38:c9:7b:19:80:2b:73:65:17:e6:76:d4:94:95:68:
50:c6:5a:be:ef:6e:3f:69:09:6c:da:7b:a3:27:98:ae:f5:53:
e7:0c:39:b6:38:a5:93:68:f0:23:77:34:c3:46:b7:6f:7c:8e:
4a:1f:d2:e8:b0:09:83:2a:2e:40:69:a9:44:2f:a8:e9:8d:19:
9f:41:2b:f4:45:aa:2e:07:78:e6:f7:6d:03:f1:62:91:19:5a:
ec:9d:55:39:31:f3:ac:03:c9:a5:20:09:1e:b2:13:39:a2:22:
af:b9:ee:f8:13:5f:a2:fa:9b:98:8f:da:c0:3b:a9:33:2f:6e:
fa:5b:c5:e9:73:3e:63:72:ac:e7:d6:9d:88:d8:7e:81:a9:3f:
9a:88:49:83:50:00:75:e9:c3:57:70:06:68:38:2b:40:b7:c7:
78:a0:5f:c4:29:ee:80:5c:b3:e1:97:cc:44:7a:90:60:b3:4f:
4c:a6:e0:bc:22:96:b9:2b:7d:90:69:3e:12:a5:7a:0f:27:39:
a8:5b:83:80:14:0e:e1:f6:71:41:96:51:81:46:77:c0:bf:7d:
de:a8:8f:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSXSvZM8YCtdDqXcD7p9CPtZkP08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNjhhNTVhNWU3NDhmOWFkNTAzMTJiYmYyYTQ1NGM0ZGYzNzZiOWY2ZDRl
YWE3MmFlNGU2MDMwMDAyNzZiNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiSkOa68MR0HmLWMyQevxh/c/NXXfYop+JDbswMJE5MF5uDKWM9PnjRTFlA
Ayoau3vGl6b3wAQucJkrZ/0sNyMSH1C9L6mFM5kmJWYyavtRHr0DXKD//naOBE7j
SOOeBduB/UuClLq5GQRGvUxt4luQUN7si7bpCqMKo49NpmlwRDgAeOkKfX9oMz4x
oru7oYGZb8k5uHNYO//TbSK7DbunK8VTKF455LcXKYQCfac65cPFxAuaKysdkraP
NoZpCQVpBdmh7Sr0Zj4hOV5oMV2NHKKSwyzWV7DCYeWY+pm1W1FO/6BIucEnhEYp
5nMy7AKUNb1ADqYxcNRpKkdZP+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEShKw
PjAF7M/MSIA3ig3H+dbJgzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBwz3Xl+d+iDLf5DiWWsQoAm+bdPG5cPd7aZPEE5FhV
+wl35Jzr8+k4yXsZgCtzZRfmdtSUlWhQxlq+724/aQls2nujJ5iu9VPnDDm2OKWT
aPAjdzTDRrdvfI5KH9LosAmDKi5AaalEL6jpjRmfQSv0RaouB3jm920D8WKRGVrs
nVU5MfOsA8mlIAkeshM5oiKvue74E1+i+puYj9rAO6kzL276W8Xpcz5jcqzn1p2I
2H6BqT+aiEmDUAB16cNXcAZoOCtAt8d4oF/EKe6AXLPhl8xEepBgs09MpuC8Ipa5
K32QaT4SpXoPJzmoW4OAFA7h9nFBllGBRnfAv33eqI9+
-----END CERTIFICATE-----
Generated at Wed May 7 01:28:23 2025 by rpki-client