Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: nQxNDzCiUKHmUtZK2idr4zrBfMrpalQaEPzGRe3ocp8=
Subject key identifier: 7E:22:9B:B1:23:7D:A7:8C:05:06:AB:B9:B5:7A:38:31:93:1C:40:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 413C6CB4ED23E26332B9EA2324C165641009516E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:3c:6c:b4:ed:23:e2:63:32:b9:ea:23:24:c1:65:64:10:09:51:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=68175912ae265493659137778250855d98239ece02771d0be0fd8c76791267c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:27:7a:75:65:1d:9e:84:65:fb:e8:4a:e2:a4:
5d:5e:32:4d:b2:77:ff:8a:2d:f1:a9:45:2d:2c:96:
2b:d4:7c:ba:79:e7:66:c7:52:6f:a9:4f:ed:a0:1c:
89:98:9a:1a:bc:82:a7:40:b2:49:41:17:1e:fe:e2:
aa:e3:0b:5a:3c:af:fb:3a:d7:28:36:90:88:3d:87:
5b:8f:35:2b:7c:7b:c7:42:77:83:94:46:5f:60:20:
3c:01:7a:86:d3:ed:5e:57:1a:14:ce:55:f5:d4:f7:
3e:24:3e:d4:e8:71:da:7a:4b:be:2a:c4:37:33:67:
5f:78:1e:8e:b8:b4:50:81:c3:87:2f:57:b3:bb:0f:
ee:54:57:47:21:16:98:26:5b:7f:3b:7b:77:4b:b8:
a8:e6:ec:98:3c:d5:42:a0:e4:88:a6:f2:fd:ff:5c:
a6:b4:87:9c:05:65:69:a0:e0:44:02:b9:d0:89:22:
23:b0:bc:b7:ef:ea:3b:73:56:f7:d0:33:9b:6f:a6:
45:a1:a1:bd:11:95:6e:d9:c5:17:af:89:45:3b:db:
06:50:cf:21:49:8b:6e:07:d2:d7:a1:6b:7e:f7:43:
0e:73:74:88:f7:5e:e3:8f:7c:de:15:23:1c:2b:c5:
08:00:bc:86:45:f6:81:c8:3e:d8:14:18:54:32:f7:
96:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:22:9B:B1:23:7D:A7:8C:05:06:AB:B9:B5:7A:38:31:93:1C:40:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:8f:b9:e0:50:e1:f5:10:03:fa:1a:e1:ec:d9:ac:7b:5f:4a:
49:c6:5b:62:e2:65:d8:eb:bb:3a:41:b4:c1:bd:6a:a5:ec:61:
5e:e7:d6:2d:bf:e4:9a:a8:cd:d5:cf:ef:96:0e:1e:10:f3:fc:
b6:0b:a2:79:db:61:e6:25:9b:cf:a2:3c:a3:18:64:af:01:ab:
de:ea:d7:b9:8e:8b:b4:f2:bd:d0:80:eb:35:d5:8f:01:3c:95:
23:a4:97:37:02:78:09:a8:af:34:91:6b:e1:cd:28:84:20:c6:
63:97:0c:25:16:e9:9d:18:ff:9c:48:6e:f6:4a:a6:c0:e3:e3:
f3:ba:29:12:a7:7f:1e:61:76:cc:a5:19:f3:f1:79:3e:3e:fd:
e2:1c:d7:ae:5a:c3:bc:fe:b4:86:78:bf:0f:ab:73:aa:d3:fc:
05:9f:e0:6f:8b:d9:75:30:2c:18:0e:55:c7:e0:a5:1e:8d:fb:
22:fb:7d:ba:9c:26:06:17:a9:72:af:4d:f9:57:0c:29:fa:84:
54:0d:2b:a1:9a:55:8e:35:19:d3:53:1b:95:2c:3c:a4:0f:e8:
a0:30:15:cf:7f:d1:74:d8:a8:fd:c2:ba:a1:80:ad:f0:9b:3b:
38:9a:cf:4d:3c:49:af:94:75:40:63:e1:0c:f1:58:bf:d9:4a:
ba:17:3c:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQTxstO0j4mMyueojJMFlZBAJUW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MTc1OTEyYWUyNjU0OTM2NTkxMzc3NzgyNTA4NTVkOTgyMzllY2UwMjc3
MWQwYmUwZmQ4Yzc2NzkxMjY3YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8nenVlHZ6EZfvoSuKkXV4yTbJ3/4ot8alFLSyWK9R8unnnZsdSb6lP7aAc
iZiaGryCp0CySUEXHv7iquMLWjyv+zrXKDaQiD2HW481K3x7x0J3g5RGX2AgPAF6
htPtXlcaFM5V9dT3PiQ+1Ohx2npLvirENzNnX3gejri0UIHDhy9Xs7sP7lRXRyEW
mCZbfzt7d0u4qObsmDzVQqDkiKby/f9cprSHnAVlaaDgRAK50IkiI7C8t+/qO3NW
99Azm2+mRaGhvRGVbtnFF6+JRTvbBlDPIUmLbgfS16FrfvdDDnN0iPde44983hUj
HCvFCAC8hkX2gcg+2BQYVDL3ltkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR+Ipux
I32njAUGq7m1ejgxkxxAhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAmo+54FDh9RAD+hrh7Nmse19KScZbYuJl2Ou7OkG0
wb1qpexhXufWLb/kmqjN1c/vlg4eEPP8tguiedth5iWbz6I8oxhkrwGr3urXuY6L
tPK90IDrNdWPATyVI6SXNwJ4CaivNJFr4c0ohCDGY5cMJRbpnRj/nEhu9kqmwOPj
87opEqd/HmF2zKUZ8/F5Pj794hzXrlrDvP60hni/D6tzqtP8BZ/gb4vZdTAsGA5V
x+ClHo37Ivt9upwmBhepcq9N+VcMKfqEVA0roZpVjjUZ01MblSw8pA/ooDAVz3/R
dNio/cK6oYCt8Js7OJrPTTxJr5R1QGPhDPFYv9lKuhc8VQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:13 2025 by rpki-client