Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: 5JETj9fmAMH/xyRBFbyamB4N//vMmSGgvc6JOT8GLuQ=
Subject key identifier: FC:3D:99:E6:E1:85:70:40:52:D1:38:F9:57:B0:3E:20:9E:FE:4B:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A47FE2A4F7D05EE7B57F6FD337AC5EDF1E45559
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:47:fe:2a:4f:7d:05:ee:7b:57:f6:fd:33:7a:c5:ed:f1:e4:55:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=eebe4213fcc1f7525ec4b24f78e3f4292f6e5df6cc7499c3a4b411845ce3c525, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a1:29:4a:31:da:f3:7a:95:8a:f7:fb:e2:e8:
fe:5f:9e:8e:e8:7d:3c:a3:9d:3d:7b:db:50:e3:3f:
14:96:3e:83:3d:4e:34:db:bb:2a:27:93:dd:2d:52:
ae:bf:5a:4b:d1:bf:ac:9c:1d:d8:cf:3d:58:b6:12:
8c:8e:be:fb:54:d5:21:da:e4:50:85:ba:36:d7:c3:
89:70:05:86:ae:30:0d:9d:b8:78:ed:74:68:c1:4b:
7d:d4:2d:58:17:ac:87:f3:ab:87:84:d4:04:3a:9a:
ca:14:7d:3c:5f:2a:f3:b8:16:27:37:df:c6:f7:d5:
d1:7c:07:1d:c2:1a:bc:49:4c:1c:88:ee:4f:37:b1:
45:9b:ac:97:ba:f8:fe:67:da:f5:3a:e1:52:85:b1:
90:87:47:d4:0b:76:a8:f9:6d:c6:19:10:b6:52:1a:
f7:39:07:0a:7f:15:48:b9:1b:d1:01:12:21:c4:bb:
93:5b:f0:0f:2f:42:aa:42:6e:f7:81:1b:de:39:4f:
35:f9:1f:10:8f:a8:23:c6:b7:12:70:13:d8:ed:59:
12:50:40:fd:a4:38:18:bd:75:8a:8a:31:4f:4b:e5:
80:c2:c3:56:11:6f:c0:b1:87:89:5c:46:81:21:2b:
c3:4a:3d:e2:7b:77:e3:7a:b3:2b:12:8d:80:92:6b:
ef:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3D:99:E6:E1:85:70:40:52:D1:38:F9:57:B0:3E:20:9E:FE:4B:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
40:4f:0c:ea:4c:b1:2d:f8:b3:12:46:c8:64:c3:b4:5b:2d:2e:
e1:04:e6:70:7c:77:c3:a0:4f:5c:50:72:cf:ed:0f:6f:c1:92:
7c:78:df:12:b6:6d:25:c4:40:07:e5:6c:bc:5a:a6:57:ec:ef:
db:36:b9:94:57:1f:4a:a2:eb:fc:82:77:b4:75:8a:6e:dd:d3:
55:8d:74:e0:fa:b1:5c:49:fa:2b:6a:39:07:1f:99:37:43:27:
c0:0f:77:6b:7a:32:c6:66:c2:e2:73:39:4a:fc:af:a5:28:c0:
c2:f7:75:e0:80:76:ca:a2:79:04:84:bc:a0:9e:51:1e:f4:af:
87:74:7f:32:25:b9:b5:84:9c:7e:e3:28:44:ed:94:ab:3d:66:
94:64:a5:11:46:c6:53:e9:54:a1:a6:62:51:3a:26:08:55:c1:
62:df:4b:b6:13:e6:71:6b:99:76:bb:d1:40:fe:e9:5a:65:ad:
86:d0:62:f0:07:f1:71:fd:f3:5c:6d:cd:a0:59:1e:50:66:18:
9e:d6:78:a2:68:72:78:39:60:69:be:0f:42:a1:9c:35:b8:ac:
27:73:2e:dd:a1:96:a0:12:a7:18:89:9f:ae:80:66:76:4f:32:
93:76:2b:98:46:f7:f8:cd:b3:91:d4:18:e9:10:df:f2:ba:6f:
3a:27:27:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGkf+Kk99Be57V/b9M3rF7fHkVVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlYmU0MjEzZmNjMWY3NTI1ZWM0YjI0Zjc4ZTNmNDI5MmY2ZTVkZjZjYzc0
OTljM2E0YjQxMTg0NWNlM2M1MjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANehKUox2vN6lYr3++Lo/l+ejuh9PKOdPXvbUOM/FJY+gz1ONNu7KieT3S1S
rr9aS9G/rJwd2M89WLYSjI6++1TVIdrkUIW6NtfDiXAFhq4wDZ24eO10aMFLfdQt
WBesh/Orh4TUBDqayhR9PF8q87gWJzffxvfV0XwHHcIavElMHIjuTzexRZusl7r4
/mfa9TrhUoWxkIdH1At2qPltxhkQtlIa9zkHCn8VSLkb0QESIcS7k1vwDy9CqkJu
94Eb3jlPNfkfEI+oI8a3EnAT2O1ZElBA/aQ4GL11iooxT0vlgMLDVhFvwLGHiVxG
gSErw0o94nt343qzKxKNgJJr77kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8PZnm
4YVwQFLROPlXsD4gnv5LvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQBATwzqTLEt+LMSRshkw7RbLS7hBOZwfHfDoE9cUHLP
7Q9vwZJ8eN8Stm0lxEAH5Wy8WqZX7O/bNrmUVx9Kouv8gne0dYpu3dNVjXTg+rFc
SforajkHH5k3QyfAD3drejLGZsLiczlK/K+lKMDC93XggHbKonkEhLygnlEe9K+H
dH8yJbm1hJx+4yhE7ZSrPWaUZKURRsZT6VShpmJROiYIVcFi30u2E+Zxa5l2u9FA
/ulaZa2G0GLwB/Fx/fNcbc2gWR5QZhie1niiaHJ4OWBpvg9CoZw1uKwncy7doZag
EqcYiZ+ugGZ2TzKTdiuYRvf4zbOR1BjpEN/yum86JyfW
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:00 2025 by rpki-client