Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: 0ETjNx0/zwCLrQJu0nXWZbzr5G4sUTj/dGxHl6Mj2Ls=
Subject key identifier: C5:28:00:1D:4D:76:FD:CA:9F:88:14:FB:2C:72:9C:97:5C:95:8B:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D04F6629AD6F2628396D7DCF2D70B5740FE607B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:04:f6:62:9a:d6:f2:62:83:96:d7:dc:f2:d7:0b:57:40:fe:60:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=a403b9d35571f79fdd4fd9bcbc3a6eca4cf33e8d1e09dc324dd9fd01c5a6f8b6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:00:7d:11:60:99:05:26:68:76:34:31:f0:69:
27:6a:d5:2d:24:7b:79:84:68:c7:62:65:6a:8a:da:
42:3e:ce:77:d9:7e:80:8c:a1:60:b6:d4:da:4e:5b:
43:98:c8:6e:54:c9:9e:90:ce:97:ea:37:ff:4f:18:
e0:0f:9f:cb:3b:2f:f2:2e:82:39:0a:4a:24:b4:69:
53:66:a2:ee:44:b0:1d:50:39:a7:ca:ab:4a:b8:1e:
8c:ce:8a:f6:e5:49:ed:08:b7:71:43:6d:a9:86:68:
6c:e6:df:19:9a:29:c4:b0:99:8b:2d:c9:a2:af:0b:
ab:9e:5c:6e:a7:37:79:1e:f9:8e:15:46:04:c5:4f:
90:4e:d1:9c:35:68:24:e5:e7:18:d7:69:00:d8:c7:
a0:dd:f5:54:7c:1b:c5:a3:a8:e7:91:36:04:1c:7e:
13:55:cc:b2:41:04:ee:8e:dd:70:aa:79:99:c9:0d:
c9:a4:3b:bd:38:8e:02:e0:cb:d9:c4:75:07:f3:2f:
c8:a2:7b:4d:37:87:d5:34:66:cb:39:a4:c6:0a:aa:
d3:9d:58:35:dc:6c:5a:98:5e:76:aa:19:c1:0f:e8:
64:26:b9:74:1e:92:c5:bf:c3:56:14:96:00:cb:a2:
65:5e:fc:09:06:d7:32:17:20:e0:99:a3:65:c2:fb:
72:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:28:00:1D:4D:76:FD:CA:9F:88:14:FB:2C:72:9C:97:5C:95:8B:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
8f:07:c6:42:71:26:d6:15:ff:46:85:ae:98:fb:1d:f3:ec:9e:
08:ec:b9:2d:7d:dd:a4:3f:85:91:7e:8e:5f:86:81:35:2b:11:
c6:70:d5:63:96:83:32:40:5e:85:76:49:7b:82:86:55:4e:70:
da:50:ab:fa:b6:15:07:6a:31:04:e2:00:98:9a:6d:a6:18:2d:
e5:a4:13:fb:ce:56:b0:39:18:f9:3d:e1:78:7d:a9:45:1c:49:
40:cc:11:f7:f5:49:40:5d:7b:1d:42:70:70:40:e3:00:34:60:
12:07:56:9c:63:6f:ff:8e:e3:98:44:f2:48:14:e8:a1:04:68:
b9:da:e0:d5:56:18:03:4a:0f:13:07:80:dc:92:0e:4f:3e:64:
dd:a0:17:cc:22:d8:08:71:7f:06:c7:89:a1:2d:0b:b9:ae:a7:
da:17:f2:0c:2d:08:d8:ab:c4:66:99:87:b6:6b:a9:e4:57:7a:
62:2e:49:75:07:e7:75:2c:d6:cf:07:a5:a4:49:4e:50:96:9e:
cc:2d:7d:33:6f:38:92:95:4f:00:99:5c:60:b3:0f:92:1f:02:
1d:bc:f2:64:c0:56:7f:2d:cc:b0:ef:35:07:79:94:c1:ce:f0:
7e:75:41:21:e9:de:97:30:6c:95:9d:e2:b0:0b:ff:5c:9f:fb:
fb:7f:01:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPQT2YprW8mKDltfc8tcLV0D+YHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0MDNiOWQzNTU3MWY3OWZkZDRmZDliY2JjM2E2ZWNhNGNmMzNlOGQxZTA5
ZGMzMjRkZDlmZDAxYzVhNmY4YjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwAfRFgmQUmaHY0MfBpJ2rVLSR7eYRox2JlaoraQj7Od9l+gIyhYLbU2k5b
Q5jIblTJnpDOl+o3/08Y4A+fyzsv8i6COQpKJLRpU2ai7kSwHVA5p8qrSrgejM6K
9uVJ7Qi3cUNtqYZobObfGZopxLCZiy3Joq8Lq55cbqc3eR75jhVGBMVPkE7RnDVo
JOXnGNdpANjHoN31VHwbxaOo55E2BBx+E1XMskEE7o7dcKp5mckNyaQ7vTiOAuDL
2cR1B/MvyKJ7TTeH1TRmyzmkxgqq051YNdxsWphedqoZwQ/oZCa5dB6Sxb/DVhSW
AMuiZV78CQbXMhcg4JmjZcL7cucCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFKAAd
TXb9yp+IFPsscpyXXJWLDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEAjwfGQnEm1hX/RoWumPsd8+yeCOy5LX3dpD+F
kX6OX4aBNSsRxnDVY5aDMkBehXZJe4KGVU5w2lCr+rYVB2oxBOIAmJptphgt5aQT
+85WsDkY+T3heH2pRRxJQMwR9/VJQF17HUJwcEDjADRgEgdWnGNv/47jmETySBTo
oQRoudrg1VYYA0oPEweA3JIOTz5k3aAXzCLYCHF/BseJoS0Lua6n2hfyDC0I2KvE
ZpmHtmup5Fd6Yi5JdQfndSzWzwelpElOUJaezC19M284kpVPAJlcYLMPkh8CHbzy
ZMBWfy3MsO81B3mUwc7wfnVBIenelzBslZ3isAv/XJ/7+38Bxg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:52:07 2025 by rpki-client