Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa03baa3-d331-4094-821b-360f6650edd6.roa
File: aa03baa3-d331-4094-821b-360f6650edd6.roa (raw, json)
Hash identifier: czckM7Vw9c99pxx1op34x2FmjEx4yCOG9S2UNASixqI=
Subject key identifier: F7:CD:1D:3D:8C:D0:FA:48:6E:94:36:14:33:B2:34:92:43:B7:EF:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6835DE530CEC8BC6F7AFF5B4BC8138B6986A2376
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa03baa3-d331-4094-821b-360f6650edd6.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.96.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:35:de:53:0c:ec:8b:c6:f7:af:f5:b4:bc:81:38:b6:98:6a:23:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=8826bbe4f4f2a152602616ceeb9e70161ebcf0cb255b29a14b48c9ec529ef541, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:d7:da:9b:9c:1c:08:52:3b:25:05:e3:44:
9c:80:2e:e9:6d:61:fc:8e:05:26:d9:3c:9f:8e:09:
96:e7:09:91:55:ad:e4:0d:31:b1:4b:e4:a2:bf:1f:
2f:48:00:df:6e:bb:84:c5:d6:35:a9:93:40:f3:e3:
1d:9a:4f:00:16:b7:8e:6f:f1:ab:43:84:2f:ec:12:
57:69:99:06:92:be:01:f4:7c:65:89:6e:cc:0c:55:
47:d6:95:f3:9b:51:91:52:a5:b4:25:29:7f:b0:29:
12:e3:58:11:20:1d:9c:9f:74:50:cd:c8:42:3b:5b:
1a:81:ee:7e:63:56:c9:b3:0e:1f:9c:16:7f:8a:78:
22:d6:dc:b3:72:26:d8:96:ba:43:ba:3c:f8:cf:7d:
fa:c0:a6:df:a1:72:e9:f6:0b:e5:d7:dc:bc:4e:db:
5e:9e:66:50:d8:ba:49:11:be:08:c0:2a:4a:a6:44:
88:84:7b:de:0e:77:f2:6e:e4:a6:2e:08:7d:37:65:
3b:19:57:87:84:f6:70:bb:90:e5:97:63:2f:6e:13:
d6:8d:1e:d9:b1:8a:4a:2b:70:3e:e2:22:ba:1d:e8:
4d:66:16:f9:32:41:99:86:6c:55:5b:f4:f3:48:24:
e4:d8:1e:36:94:8a:95:d8:af:e9:86:8c:75:a7:a3:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CD:1D:3D:8C:D0:FA:48:6E:94:36:14:33:B2:34:92:43:B7:EF:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa03baa3-d331-4094-821b-360f6650edd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:14:1c:07:7e:82:7d:94:7a:0c:94:03:38:23:a0:97:6f:2f:
58:f3:ed:4a:0f:a0:af:ed:fb:a2:7b:b3:9f:77:71:16:d0:f8:
ba:4a:9f:a6:d1:66:33:02:36:15:11:89:56:f0:d2:f1:41:8b:
25:5c:08:80:d8:a3:5c:d6:55:b5:6c:aa:c8:1c:13:ff:d9:1e:
a3:8a:d5:c4:7f:5d:1c:8f:b0:e7:26:20:09:a3:a4:e9:ea:be:
23:a1:6e:92:b8:bd:04:2d:6f:d7:73:66:2d:89:4b:a7:78:10:
9f:9e:f9:b6:eb:86:da:3c:77:cc:9b:a2:e8:62:15:fe:e5:66:
2e:df:fb:13:fd:c3:3c:65:08:ce:2a:af:0d:4b:7b:d0:d7:4f:
7a:cf:11:34:99:b0:5b:08:b5:5b:32:93:b6:e9:45:9f:f4:f8:
ba:51:e0:ab:dd:ef:06:b9:8f:9a:3b:49:ff:53:e8:48:cb:c7:
02:8e:f7:59:fc:2f:c4:0b:7d:22:70:56:81:60:19:88:b0:46:
b6:21:4d:7d:f4:17:36:55:ec:78:83:06:e3:46:ab:2c:73:53:
75:98:81:79:6f:9a:a9:3f:ed:3e:05:93:5e:09:a5:4d:b2:a0:
0c:49:f3:b3:62:68:d4:15:02:16:d2:7f:ac:89:c5:0c:c1:cd:
b1:a9:57:7f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaDXeUwzsi8b3r/W0vIE4tphqI3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MjZiYmU0ZjRmMmExNTI2MDI2MTZjZWViOWU3MDE2MWViY2YwY2IyNTVi
MjlhMTRiNDhjOWVjNTI5ZWY1NDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOk19qbnBwIUjslBeNEnIAu6W1h/I4FJtk8n44JlucJkVWt5A0xsUvkor8f
L0gA3267hMXWNamTQPPjHZpPABa3jm/xq0OEL+wSV2mZBpK+AfR8ZYluzAxVR9aV
85tRkVKltCUpf7ApEuNYESAdnJ90UM3IQjtbGoHufmNWybMOH5wWf4p4Itbcs3Im
2Ja6Q7o8+M99+sCm36Fy6fYL5dfcvE7bXp5mUNi6SRG+CMAqSqZEiIR73g538m7k
pi4IfTdlOxlXh4T2cLuQ5ZdjL24T1o0e2bGKSitwPuIiuh3oTWYW+TJBmYZsVVv0
80gk5NgeNpSKldiv6YaMdaejYucCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3zR09
jND6SG6UNhQzsjSSQ7fv5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWEwM2JhYTMtZDMzMS00MDk0LTgyMWItMzYwZjY2NTBlZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3YDAN
BgkqhkiG9w0BAQsFAAOCAQEAHRQcB36CfZR6DJQDOCOgl28vWPPtSg+gr+37onuz
n3dxFtD4ukqfptFmMwI2FRGJVvDS8UGLJVwIgNijXNZVtWyqyBwT/9keo4rVxH9d
HI+w5yYgCaOk6eq+I6Fukri9BC1v13NmLYlLp3gQn575tuuG2jx3zJui6GIV/uVm
Lt/7E/3DPGUIziqvDUt70NdPes8RNJmwWwi1WzKTtulFn/T4ulHgq93vBrmPmjtJ
/1PoSMvHAo73WfwvxAt9InBWgWAZiLBGtiFNffQXNlXseIMG40arLHNTdZiBeW+a
qT/tPgWTXgmlTbKgDEnzs2Jo1BUCFtJ/rInFDMHNsalXfw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:30 2025 by rpki-client