Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: e7sB1Sdw45DAT140GBnLpyi7FpP6kfEInITD8rztdJA=
Subject key identifier: D7:1C:D7:42:A3:09:FE:4E:E3:FC:09:CA:CD:FD:12:E3:50:C3:67:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79B12259A5572CE8D151520DD80D2E3A8C2125D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:b1:22:59:a5:57:2c:e8:d1:51:52:0d:d8:0d:2e:3a:8c:21:25:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d8b22e610ea0f3881e4673b46e7a619e2b07ad4c00886fd3fab93dc4d84faded, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:da:6d:23:65:77:99:ab:86:df:79:f8:0f:
31:67:df:4d:6b:d1:53:e2:3a:56:7d:78:1f:bd:69:
fb:69:e7:80:48:c2:12:90:6b:49:d3:36:cd:47:a2:
fa:f2:fd:74:20:6f:79:bb:48:45:c2:63:30:d3:f7:
c8:1b:fa:da:a6:6b:ee:d3:b8:65:a5:fd:e0:90:60:
1f:01:5b:16:95:d5:9f:61:76:91:55:67:21:c9:11:
d9:1f:f6:b7:df:5c:a5:ce:8c:31:f8:fa:2d:ce:52:
48:d6:9c:72:58:6f:56:a6:eb:bd:b5:57:60:58:30:
6a:45:8a:83:4e:06:d9:d5:3a:5c:a3:41:7a:29:72:
b7:58:63:2e:d4:d4:61:65:70:57:cf:e2:e0:34:39:
6e:98:c3:ea:93:3c:27:6d:0e:f4:31:a3:02:87:a8:
6f:8c:2d:c3:36:12:cf:8e:ad:c7:18:db:bf:df:c9:
bf:7d:13:3f:fb:01:2a:2e:5d:6c:b8:07:20:3f:9f:
05:1e:0a:81:fa:33:78:3e:63:5c:2b:ff:f1:39:24:
c7:19:cb:42:a7:eb:7b:d5:8c:f3:e8:e5:98:85:21:
92:fd:d2:18:3a:33:3a:f5:72:a8:3d:e8:30:a1:52:
1c:53:e3:9e:3b:40:fc:0a:0c:e0:33:ab:47:da:d3:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1C:D7:42:A3:09:FE:4E:E3:FC:09:CA:CD:FD:12:E3:50:C3:67:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:d0:76:6d:98:82:14:8c:f5:5c:5b:98:14:d2:a2:f7:bd:c5:
fa:c0:c8:5f:6d:0e:df:24:68:5c:17:a0:62:ce:83:33:66:19:
07:36:92:22:61:7c:c3:96:3b:c7:85:89:98:e1:3a:68:8f:f3:
c2:38:a9:d2:6a:bf:ae:3e:bb:65:22:49:15:35:88:01:3d:3c:
df:a0:6c:b2:bb:7c:34:4b:c8:32:6f:a4:b1:a5:65:f3:4a:6c:
01:1d:57:f7:35:29:ae:09:34:d7:1c:54:af:90:a2:05:fc:d1:
79:20:59:6c:11:0a:30:85:b4:90:5d:6c:01:21:0a:d1:f7:01:
9e:b6:3e:a5:dd:eb:18:94:91:ab:7e:a2:32:a7:6b:8a:66:3e:
73:83:d7:65:7b:e1:35:2f:2d:80:db:1f:3b:f3:43:f0:74:32:
b7:51:e4:05:e3:c2:6b:01:2c:ca:02:99:55:6a:83:a3:43:36:
d2:b5:83:f5:0e:bc:e7:a2:c0:9b:fe:bb:9f:b2:6d:89:8c:cf:
ab:1b:a3:62:8e:95:3b:a1:64:d9:6a:ee:a1:cc:d5:ea:8e:6b:
df:e1:a8:1c:9e:92:5a:52:fa:72:5b:b6:4b:45:36:58:20:4c:
a1:14:55:c5:2e:e4:26:a1:92:7f:45:77:fd:c3:e1:7b:94:fd:
45:4f:15:c4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUebEiWaVXLOjRUVIN2A0uOowhJdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4YjIyZTYxMGVhMGYzODgxZTQ2NzNiNDZlN2E2MTllMmIwN2FkNGMwMDg4
NmZkM2ZhYjkzZGM0ZDg0ZmFkZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKce2m0jZXeZq4bfefgPMWffTWvRU+I6Vn14H71p+2nngEjCEpBrSdM2zUei
+vL9dCBvebtIRcJjMNP3yBv62qZr7tO4ZaX94JBgHwFbFpXVn2F2kVVnIckR2R/2
t99cpc6MMfj6Lc5SSNacclhvVqbrvbVXYFgwakWKg04G2dU6XKNBeilyt1hjLtTU
YWVwV8/i4DQ5bpjD6pM8J20O9DGjAoeob4wtwzYSz46txxjbv9/Jv30TP/sBKi5d
bLgHID+fBR4KgfozeD5jXCv/8TkkxxnLQqfre9WM8+jlmIUhkv3SGDozOvVyqD3o
MKFSHFPjnjtA/AoM4DOrR9rTKxsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTXHNdC
own+TuP8CcrN/RLjUMNn+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQBD0HZtmIIUjPVcW5gU0qL3vcX6wMhfbQ7fJGhcF6Bi
zoMzZhkHNpIiYXzDljvHhYmY4Tpoj/PCOKnSar+uPrtlIkkVNYgBPTzfoGyyu3w0
S8gyb6SxpWXzSmwBHVf3NSmuCTTXHFSvkKIF/NF5IFlsEQowhbSQXWwBIQrR9wGe
tj6l3esYlJGrfqIyp2uKZj5zg9dle+E1Ly2A2x8780PwdDK3UeQF48JrASzKAplV
aoOjQzbStYP1DrznosCb/rufsm2JjM+rG6NijpU7oWTZau6hzNXqjmvf4agcnpJa
UvpyW7ZLRTZYIEyhFFXFLuQmoZJ/RXf9w+F7lP1FTxXE
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:14:16 2025 by rpki-client