Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: MDmZNC1M5tOtGwwHP6Uogs7CRjJqWyvJU+Z/iOOx2pw=
Subject key identifier: 03:C2:F7:87:24:5A:41:91:3B:2A:AC:3C:84:EF:86:C1:78:C2:F3:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E5B0E69478E459D7BC240BDAD2587FA59546DC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:5b:0e:69:47:8e:45:9d:7b:c2:40:bd:ad:25:87:fa:59:54:6d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=12e2e0c80b3f826e6b0ad074a5beab7ea48994a55f10536795812800d79ba302, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:e8:f8:76:29:25:bc:be:b6:8d:16:86:55:
86:87:7f:7b:29:1a:b4:52:6d:64:f5:0e:46:20:65:
07:73:f2:0c:76:ab:4f:7f:63:5a:f7:7a:ff:e8:ec:
46:0b:aa:84:94:fe:03:fd:6e:46:b5:56:76:56:61:
6f:88:d3:4a:de:ed:e7:f6:73:ed:f3:61:b8:df:53:
84:0a:1d:a7:37:95:10:54:89:a0:83:6b:69:5c:b9:
9e:d9:97:d9:16:85:ad:0c:4d:fc:c5:67:b6:cc:29:
5e:b2:9f:e0:67:ac:07:96:68:9e:02:ac:2d:e6:74:
3c:16:55:75:42:45:ea:c2:5d:49:57:c5:c2:97:2d:
ed:39:23:f0:82:09:3a:d2:9e:18:f7:71:5b:fd:fd:
2b:f8:ce:2c:2b:b9:29:6d:69:a7:63:e8:5a:ee:fd:
1e:36:e1:cc:60:9c:68:2f:e6:25:93:2f:96:ac:4b:
b6:5f:05:b7:f3:bf:16:54:5b:f3:46:12:67:0a:29:
1c:93:22:b4:42:47:45:45:0c:b0:aa:0f:4c:cd:87:
95:54:4c:a3:25:a5:97:41:e4:31:93:ba:43:14:41:
7e:00:60:6d:84:0d:ce:6d:42:36:95:81:5d:c8:5d:
54:c0:85:7c:09:22:7b:b3:9a:ca:97:9b:b6:77:3a:
e5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C2:F7:87:24:5A:41:91:3B:2A:AC:3C:84:EF:86:C1:78:C2:F3:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
56:5c:b6:84:2f:c9:d5:2a:00:cf:7e:ed:fc:a6:3f:9f:53:1c:
58:b6:f5:1e:b6:0e:24:a3:58:dd:60:43:ea:43:d1:f6:dc:5f:
16:2a:84:64:d9:e8:c6:31:78:f4:2f:c0:18:ea:b9:3b:03:5e:
e0:5e:2e:cc:db:15:79:47:88:e0:ac:66:05:18:5a:be:85:1f:
70:83:8a:12:da:42:08:93:86:d3:7b:f8:39:dc:e3:c9:28:bc:
39:1d:95:43:14:59:99:35:d0:f4:c7:c2:07:a3:db:2f:df:93:
d1:ae:45:6f:d8:04:a7:46:73:a6:e9:40:1b:ad:62:0f:a7:a4:
f0:f0:1c:ce:f1:2c:3e:ad:71:37:af:62:c8:3b:cb:53:3c:ca:
b9:74:0e:81:ae:18:1c:c1:a6:80:7d:06:0e:67:a3:ef:3d:91:
35:73:9b:1e:b4:e9:34:91:5e:88:5e:9d:39:3c:ec:6c:01:c8:
60:b4:7d:ae:16:f1:d5:5d:e1:a9:77:8a:6f:d5:11:05:4b:13:
bf:c0:56:0f:f9:d1:f8:2c:21:c8:74:5d:3b:9b:11:37:14:69:
8e:3f:0b:3b:d3:19:1b:99:b7:ad:8d:39:8f:2c:6b:5c:16:20:
13:73:0a:43:93:9e:64:95:9c:5b:82:ce:00:e0:0d:b0:14:dd:
e7:c4:52:42
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULlsOaUeORZ17wkC9rSWH+llUbcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyZTJlMGM4MGIzZjgyNmU2YjBhZDA3NGE1YmVhYjdlYTQ4OTk0YTU1ZjEw
NTM2Nzk1ODEyODAwZDc5YmEzMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOb6Ph2KSW8vraNFoZVhod/eykatFJtZPUORiBlB3PyDHarT39jWvd6/+js
RguqhJT+A/1uRrVWdlZhb4jTSt7t5/Zz7fNhuN9ThAodpzeVEFSJoINraVy5ntmX
2RaFrQxN/MVntswpXrKf4GesB5ZongKsLeZ0PBZVdUJF6sJdSVfFwpct7Tkj8IIJ
OtKeGPdxW/39K/jOLCu5KW1pp2PoWu79HjbhzGCcaC/mJZMvlqxLtl8Ft/O/FlRb
80YSZwopHJMitEJHRUUMsKoPTM2HlVRMoyWll0HkMZO6QxRBfgBgbYQNzm1CNpWB
XchdVMCFfAkie7Oaypebtnc65bUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDwveH
JFpBkTsqrDyE74bBeMLzUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAVly2hC/J1SoAz37t/KY/n1McWLb1HrYOJKNY3WBD
6kPR9txfFiqEZNnoxjF49C/AGOq5OwNe4F4uzNsVeUeI4KxmBRhavoUfcIOKEtpC
CJOG03v4OdzjySi8OR2VQxRZmTXQ9MfCB6PbL9+T0a5Fb9gEp0ZzpulAG61iD6ek
8PAczvEsPq1xN69iyDvLUzzKuXQOga4YHMGmgH0GDmej7z2RNXObHrTpNJFeiF6d
OTzsbAHIYLR9rhbx1V3hqXeKb9URBUsTv8BWD/nR+CwhyHRdO5sRNxRpjj8LO9MZ
G5m3rY05jyxrXBYgE3MKQ5OeZJWcW4LOAOANsBTd58RSQg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:53 2025 by rpki-client