Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: mMlRZW3SG54IITy8FvyJ1q7gOJA3BnEV2fCEhmzGT5U=
Subject key identifier: 58:CC:80:53:8D:A7:04:C8:FE:CB:72:22:85:CB:FD:CE:91:E5:B4:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75FC7D43F6FAED05296DEA1081900A3E1B779525
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:fc:7d:43:f6:fa:ed:05:29:6d:ea:10:81:90:0a:3e:1b:77:95:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=04f19c64cb6a9bda56f75ac10eb985baf941f73bdeb32289109469ef8ba47b51, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:06:ae:58:6b:30:32:e2:45:e9:11:6d:80:de:
94:16:79:6b:27:e1:cb:01:a5:98:a1:a2:03:f1:3e:
48:78:98:eb:25:c9:05:f8:80:2c:d6:c8:a9:bb:90:
15:05:97:3d:a9:a0:78:6b:08:38:e6:29:6f:2b:cf:
06:09:47:6c:3d:ca:01:34:93:12:c9:81:e8:5e:a2:
dc:ff:bb:ee:e4:af:0f:fc:1d:78:12:e2:1f:e1:c1:
0d:3d:67:ec:32:75:08:73:36:93:de:bf:3f:d7:17:
ea:6a:a1:0d:50:f7:9d:4a:0d:ee:4b:2a:f5:24:2d:
30:78:e2:53:cc:03:cc:bd:b3:69:8d:29:36:09:72:
83:81:42:35:b7:8f:40:b2:09:de:a5:78:f1:d8:5d:
36:8f:24:92:3d:f3:46:2d:ec:f6:96:b5:75:14:31:
15:f5:9b:f3:64:98:33:fd:4e:57:68:a6:96:e8:c3:
da:c5:81:b8:23:a6:31:8a:d9:c3:51:93:e1:b0:e0:
6b:07:0d:91:e2:df:05:86:17:76:29:80:25:6e:6d:
68:25:fc:0c:52:09:1d:0b:b6:44:9e:a5:ae:eb:5e:
ce:f6:e0:a0:b2:2a:5f:d5:ec:7c:d6:27:d3:0f:cd:
d3:74:ba:82:10:8f:e4:4a:58:da:af:d1:d2:e2:43:
06:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CC:80:53:8D:A7:04:C8:FE:CB:72:22:85:CB:FD:CE:91:E5:B4:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
92:9a:9a:01:f3:9a:ec:c0:24:ae:73:09:12:b5:23:aa:e9:30:
15:f1:d0:12:2c:9c:07:d3:39:83:5f:e8:ec:74:2d:6d:93:d3:
94:0e:1a:f2:9c:62:75:c0:a6:c3:79:72:d9:8c:c2:26:57:df:
47:2e:f7:b4:10:65:6b:12:f3:9b:0b:3e:98:18:25:a0:25:b2:
47:8d:8d:15:e4:3c:e5:5e:60:7d:f3:62:60:c2:43:7a:c3:75:
2a:7b:86:da:7b:6c:a2:90:e5:cc:96:aa:ba:e9:18:f8:87:72:
e1:c3:0d:1b:f3:1d:17:31:aa:57:90:d8:07:23:30:6e:64:41:
63:d8:6b:3c:77:d2:0b:3a:5c:57:ad:f1:27:a4:ce:95:52:73:
6d:7f:d0:1c:d6:89:b8:8d:4a:8a:8b:b3:d2:5d:f4:fe:a7:56:
8f:a5:b2:d6:86:de:c1:26:11:4b:39:74:c7:b0:40:1d:77:c6:
c3:55:24:21:cd:33:07:55:4c:cc:e7:2a:fa:2b:62:42:d4:a0:
f4:db:ee:4d:7a:71:4e:84:d4:3e:13:9a:55:0e:80:48:77:7f:
39:0b:8b:39:d7:f9:5a:be:a9:85:c3:9c:f0:b4:37:f1:8d:fb:
35:cb:78:d3:5a:bd:d7:20:54:1b:d5:e3:fa:ba:08:14:9d:62:
d2:f6:a1:3e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdfx9Q/b67QUpbeoQgZAKPht3lSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0ZjE5YzY0Y2I2YTliZGE1NmY3NWFjMTBlYjk4NWJhZjk0MWY3M2JkZWIz
MjI4OTEwOTQ2OWVmOGJhNDdiNTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYGrlhrMDLiRekRbYDelBZ5ayfhywGlmKGiA/E+SHiY6yXJBfiALNbIqbuQ
FQWXPamgeGsIOOYpbyvPBglHbD3KATSTEsmB6F6i3P+77uSvD/wdeBLiH+HBDT1n
7DJ1CHM2k96/P9cX6mqhDVD3nUoN7ksq9SQtMHjiU8wDzL2zaY0pNglyg4FCNbeP
QLIJ3qV48dhdNo8kkj3zRi3s9pa1dRQxFfWb82SYM/1OV2imlujD2sWBuCOmMYrZ
w1GT4bDgawcNkeLfBYYXdimAJW5taCX8DFIJHQu2RJ6lrutezvbgoLIqX9XsfNYn
0w/N03S6ghCP5EpY2q/R0uJDBokCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYzIBT
jacEyP7LciKFy/3OkeW07jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAkpqaAfOa7MAkrnMJErUjqukwFfHQEiycB9M5g1/o
7HQtbZPTlA4a8pxidcCmw3ly2YzCJlffRy73tBBlaxLzmws+mBgloCWyR42NFeQ8
5V5gffNiYMJDesN1KnuG2ntsopDlzJaquukY+Idy4cMNG/MdFzGqV5DYByMwbmRB
Y9hrPHfSCzpcV63xJ6TOlVJzbX/QHNaJuI1Kiouz0l30/qdWj6Wy1obewSYRSzl0
x7BAHXfGw1UkIc0zB1VMzOcq+itiQtSg9NvuTXpxToTUPhOaVQ6ASHd/OQuLOdf5
Wr6phcOc8LQ38Y37Nct401q91yBUG9Xj+roIFJ1i0vahPg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:46 2025 by rpki-client