Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
File: 695716ab-c4db-435d-95fe-4143be62030e.roa (raw, json)
Hash identifier: JG+NzePN/uKhACEBBzVJ0F0Q0MbQqCylllUTFNTfD6I=
Subject key identifier: FA:C4:6C:96:3D:5A:60:1B:6F:CA:C2:4E:F4:FA:17:1B:30:BE:C1:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E546E924406A56DB2196C2B2FA387016E73F0F1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:54:6e:92:44:06:a5:6d:b2:19:6c:2b:2f:a3:87:01:6e:73:f0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=661062646a8760594aabcb0b2d219ca68ec1583927b594d99c2fece8372215ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e7:a8:9e:44:07:98:f2:3e:29:57:22:1b:50:
14:bc:48:2f:14:40:90:90:f9:e9:a9:20:0d:2f:e4:
f0:ca:e2:9b:53:ea:d1:c2:86:fd:6b:21:fb:0a:ff:
08:0e:30:a1:67:c1:17:69:df:6e:89:03:7b:e2:c8:
f1:1a:cd:cc:8f:5f:ef:8a:ae:9a:e2:4a:0e:42:25:
9d:18:1f:8b:28:0e:05:f3:26:05:2f:18:b5:e5:4b:
d9:72:c2:ab:a6:d7:4e:f9:84:22:fd:33:8e:56:cb:
1f:0e:d1:40:40:1d:61:07:ca:17:21:3a:6a:2f:a3:
7f:f9:cf:ea:98:5c:12:c9:08:1d:44:af:93:78:f3:
51:75:a0:0f:ad:70:9c:35:48:a3:c3:c8:00:f0:64:
b5:1c:f3:e2:5c:89:44:5d:6d:b8:be:aa:67:1a:15:
0b:8e:60:7e:09:a0:f3:35:c4:98:b5:e1:32:90:a5:
e9:3f:bf:27:26:f4:76:38:34:21:78:f8:eb:1d:d4:
dd:bc:52:2e:0e:d0:ce:6c:f3:3e:b3:60:26:16:cc:
17:e5:32:bf:fd:8f:9f:01:af:2d:12:24:46:d9:67:
41:14:c1:53:ca:6e:f6:ba:31:ef:d3:4b:29:6e:be:
c4:a7:d4:95:3e:be:e3:d0:40:aa:cd:a3:69:11:94:
c8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C4:6C:96:3D:5A:60:1B:6F:CA:C2:4E:F4:FA:17:1B:30:BE:C1:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:0f:8e:49:c9:0e:85:57:2c:dc:8e:ec:f4:e7:1c:46:b9:25:
1f:a8:06:44:0b:b2:cb:b0:23:09:d1:b5:05:62:28:b5:30:6b:
4f:e4:42:19:bc:2e:27:b2:d5:ee:65:90:fa:6e:c7:85:a7:5d:
cc:8f:41:53:08:e7:15:ab:ad:eb:5f:ad:c1:2e:61:dd:55:9d:
85:69:67:1e:12:38:cd:68:e8:1d:d6:7b:59:87:e9:4b:10:01:
fa:41:74:d8:33:cc:c7:06:17:14:41:92:8d:90:18:22:6a:f9:
50:df:76:e2:de:86:39:03:4f:95:27:e8:2b:1e:69:d2:5a:4f:
82:b9:7b:2d:75:1b:a3:1f:13:19:36:fb:8c:d7:9e:c0:01:23:
ea:6e:e2:8f:06:6b:83:80:72:2a:66:bb:67:d5:61:31:6a:84:
52:b3:54:79:d4:3a:ea:33:ac:16:60:8e:55:26:80:65:af:5d:
d4:49:5d:34:ab:fa:3e:4f:48:7b:ca:41:88:49:ad:03:38:fa:
0b:f6:4e:11:0b:54:4d:fe:9a:88:c8:cc:18:a5:2d:17:ba:34:
d7:3e:00:6e:bf:a8:6a:6e:9c:1b:02:e2:d7:cb:a6:32:5a:8e:
cb:bf:4b:ca:78:db:4d:56:2b:8f:e1:d6:67:f4:8b:8e:e5:ee:
92:65:03:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUblRukkQGpW2yGWwrL6OHAW5z8PEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2MTA2MjY0NmE4NzYwNTk0YWFiY2IwYjJkMjE5Y2E2OGVjMTU4MzkyN2I1
OTRkOTljMmZlY2U4MzcyMjE1ZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPnqJ5EB5jyPilXIhtQFLxILxRAkJD56akgDS/k8Mrim1Pq0cKG/Wsh+wr/
CA4woWfBF2nfbokDe+LI8RrNzI9f74qumuJKDkIlnRgfiygOBfMmBS8YteVL2XLC
q6bXTvmEIv0zjlbLHw7RQEAdYQfKFyE6ai+jf/nP6phcEskIHUSvk3jzUXWgD61w
nDVIo8PIAPBktRzz4lyJRF1tuL6qZxoVC45gfgmg8zXEmLXhMpCl6T+/Jyb0djg0
IXj46x3U3bxSLg7QzmzzPrNgJhbMF+Uyv/2PnwGvLRIkRtlnQRTBU8pu9rox79NL
KW6+xKfUlT6+49BAqs2jaRGUyE8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6xGyW
PVpgG2/Kwk70+hcbML7B0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk1NzE2YWItYzRkYi00MzVkLTk1ZmUtNDE0M2JlNjIwMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQCQD45JyQ6FVyzcjuz05xxGuSUfqAZEC7LLsCMJ0bUF
Yii1MGtP5EIZvC4nstXuZZD6bseFp13Mj0FTCOcVq63rX63BLmHdVZ2FaWceEjjN
aOgd1ntZh+lLEAH6QXTYM8zHBhcUQZKNkBgiavlQ33bi3oY5A0+VJ+grHmnSWk+C
uXstdRujHxMZNvuM157AASPqbuKPBmuDgHIqZrtn1WExaoRSs1R51DrqM6wWYI5V
JoBlr13USV00q/o+T0h7ykGISa0DOPoL9k4RC1RN/pqIyMwYpS0XujTXPgBuv6hq
bpwbAuLXy6YyWo7Lv0vKeNtNViuP4dZn9IuO5e6SZQOu
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:27:23 2025 by rpki-client