Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: ajKzXgpATYzbrj6QBe8a7lF/RNwAmdrmyDTM9CmdtDw=
Subject key identifier: 53:B7:FD:04:E3:48:BE:BD:D3:DC:39:C6:B5:D8:0F:7C:B1:E9:CD:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C6667A5A81E345191079761A4E94857B99B2B96
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:66:67:a5:a8:1e:34:51:91:07:97:61:a4:e9:48:57:b9:9b:2b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=88b905ee6cfa1f03d6e40bc2227200e74e88910a29f04fbedd0cb524966e3557, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:67:f3:09:58:69:dc:e8:c0:e3:c0:9e:ea:
13:58:01:f8:85:a9:f0:c7:82:7e:8f:72:1c:97:33:
e4:26:0c:ad:fe:98:e5:d4:b2:be:db:20:26:69:d5:
33:96:1a:80:b5:1f:18:74:75:a2:a7:5c:00:35:65:
1e:d6:8e:6c:8f:4b:2e:91:49:4a:2a:03:26:8b:8b:
96:a0:9e:69:e1:43:00:71:e1:2d:93:5b:62:0f:3a:
00:10:08:f6:1d:17:13:43:9b:60:e1:9b:ec:de:83:
12:3e:f2:41:a9:86:8d:2a:07:e7:ab:c3:f2:d5:43:
94:01:d0:60:4f:4d:d7:16:e4:29:43:e1:2a:2e:ce:
5d:5d:da:32:85:60:58:ca:1a:62:b9:94:68:e5:f2:
d2:75:12:b0:c3:4d:6a:e5:1b:21:99:03:24:49:98:
c6:de:a5:58:28:bc:cc:04:53:b5:65:8c:58:4b:b8:
71:e6:da:1e:f1:39:17:a9:83:44:9e:46:1b:05:25:
58:ac:b7:48:31:cd:68:7c:98:90:b6:c8:5d:d7:75:
53:06:0d:04:85:d6:3e:a7:40:59:15:b7:2a:b4:ee:
82:07:a8:ff:76:55:f0:a7:b2:09:69:9d:50:20:8d:
48:47:e5:a0:15:f7:73:60:41:d4:ff:46:46:f6:f8:
32:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B7:FD:04:E3:48:BE:BD:D3:DC:39:C6:B5:D8:0F:7C:B1:E9:CD:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:ad:4b:7f:c8:be:79:d2:ad:7b:ed:95:9d:d1:de:e5:d0:b9:
bb:64:ed:68:ce:b8:ec:36:24:b5:c7:b2:e7:99:4e:60:99:f2:
64:4e:77:99:88:e5:fd:71:9e:80:15:35:2c:3e:02:79:83:a6:
aa:0a:99:fb:6e:58:d6:7e:62:19:97:88:93:9b:55:a2:e4:a1:
68:46:97:8e:af:13:c1:2c:94:9f:51:3c:7d:16:d5:87:2f:9c:
fb:93:cc:8d:78:7d:84:80:26:99:4d:ea:b5:b4:6e:8f:6c:0a:
03:00:47:dd:f5:62:a7:9e:f2:78:13:e7:3f:bb:ce:aa:9a:0a:
cd:10:7e:4f:76:bc:08:8b:75:2a:90:1a:35:dd:0e:c9:7d:d1:
a1:51:1f:e7:84:d4:35:08:29:44:e0:2f:ef:5a:b0:73:aa:5e:
2a:32:a4:e6:43:e6:6e:03:92:f4:03:04:a1:c3:91:98:0d:33:
fb:34:80:2d:30:7c:aa:68:cf:98:6e:da:e9:4e:6f:a2:f6:d9:
50:09:6b:7c:26:77:42:36:4c:1e:94:fa:f1:ea:82:bf:25:35:
12:5f:2c:54:92:c0:d1:6f:16:0d:bd:94:a6:6c:a7:37:fe:9a:
a6:84:d7:51:cf:5d:ba:22:3a:ea:97:f5:79:bb:13:f3:5f:bf:
b9:f7:9a:4f
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUHGZnpageNFGRB5dhpOlIV7mbK5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4YjkwNWVlNmNmYTFmMDNkNmU0MGJjMjIyNzIwMGU3NGU4ODkxMGEyOWYw
NGZiZWRkMGNiNTI0OTY2ZTM1NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGRZ/MJWGnc6MDjwJ7qE1gB+IWp8MeCfo9yHJcz5CYMrf6Y5dSyvtsgJmnV
M5YagLUfGHR1oqdcADVlHtaObI9LLpFJSioDJouLlqCeaeFDAHHhLZNbYg86ABAI
9h0XE0ObYOGb7N6DEj7yQamGjSoH56vD8tVDlAHQYE9N1xbkKUPhKi7OXV3aMoVg
WMoaYrmUaOXy0nUSsMNNauUbIZkDJEmYxt6lWCi8zARTtWWMWEu4cebaHvE5F6mD
RJ5GGwUlWKy3SDHNaHyYkLbIXdd1UwYNBIXWPqdAWRW3KrTuggeo/3ZV8KeyCWmd
UCCNSEfloBX3c2BB1P9GRvb4MvECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRTt/0E
40i+vdPcOca12A98senNfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAA+tS3/IvnnSrXvtlZ3R3uXQubtk7WjOuOw2JLXH
sueZTmCZ8mROd5mI5f1xnoAVNSw+AnmDpqoKmftuWNZ+YhmXiJObVaLkoWhGl46v
E8EslJ9RPH0W1YcvnPuTzI14fYSAJplN6rW0bo9sCgMAR931Yqee8ngT5z+7zqqa
Cs0Qfk92vAiLdSqQGjXdDsl90aFRH+eE1DUIKUTgL+9asHOqXioypOZD5m4DkvQD
BKHDkZgNM/s0gC0wfKpoz5hu2ulOb6L22VAJa3wmd0I2TB6U+vHqgr8lNRJfLFSS
wNFvFg29lKZspzf+mqaE11HPXboiOuqX9Xm7E/Nfv7n3mk8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:17 2025 by rpki-client