Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json)
Hash identifier: tGaXs9mufwpj9pdRq21ULOGuP2r4nn6EUiezviaYJcs=
Subject key identifier: A7:95:B7:9C:12:E4:49:4B:54:66:A9:85:34:6A:30:0A:24:A3:0E:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 143404CE84FF554E2F1F96DA72B0D235FFFAD02B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:34:04:ce:84:ff:55:4e:2f:1f:96:da:72:b0:d2:35:ff:fa:d0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=abdb43858bc177cc73d0a0b9bf0edda6b640be4aa8f93b8bc73d054e31bfe00f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9c:1d:22:d0:71:ea:d0:1c:6e:fd:f8:0a:b1:
fb:e9:84:77:bd:f9:21:74:0d:4c:17:53:5b:88:e5:
c6:4f:d1:10:a4:19:99:14:41:2f:d6:ce:0f:60:32:
50:42:f1:47:6c:2c:98:5f:c6:9f:fe:8f:fb:98:52:
a3:1d:cd:f1:32:d6:c6:80:a8:73:02:e4:5f:8d:e2:
d6:c6:fe:df:1f:d1:dd:f8:b3:c1:cd:6c:06:93:a7:
47:63:b6:6e:05:d5:72:89:9d:19:b3:cf:b0:5a:b5:
a1:bc:10:d7:7d:1f:7f:91:30:2e:6d:85:12:d2:69:
44:8c:bb:20:e8:ad:16:60:e1:f7:98:08:43:d9:11:
61:5a:3c:56:ae:71:8f:e7:c0:5b:3f:96:ce:91:75:
d9:cf:f3:d6:4d:87:0b:ee:4b:7f:f0:4a:5c:f1:11:
05:ee:9c:5c:9a:41:a0:09:a5:33:7d:07:ed:10:09:
ef:f3:7f:e3:ce:81:4d:dd:ed:32:d5:bc:52:1e:3e:
c1:38:64:ea:1e:12:b3:c8:4b:91:aa:c9:e1:9e:31:
4d:7b:c4:75:41:19:3e:af:1c:ad:94:86:c5:16:76:
95:2b:2f:c3:6f:15:65:13:e6:26:27:ce:40:96:90:
9c:b4:06:0d:3e:3c:27:da:f2:e6:49:06:69:fb:6b:
dc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:95:B7:9C:12:E4:49:4B:54:66:A9:85:34:6A:30:0A:24:A3:0E:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:06:f3:03:38:32:17:fb:5a:55:01:8e:06:46:0c:50:06:89:
11:80:2a:16:1d:fe:1c:48:43:6f:0e:bb:01:85:54:bd:ba:4f:
55:d3:8e:79:f7:c7:1c:84:da:4c:70:eb:14:d7:d2:d4:d9:a3:
79:81:7d:43:f7:a4:05:1d:8f:d7:cf:49:38:b2:a4:fc:16:f8:
33:ad:66:ae:d8:14:e3:f8:66:2f:5c:c5:f3:e1:c1:56:8d:b0:
4b:70:82:0c:35:8c:3f:ae:ad:cc:4e:be:83:1c:b2:92:72:5e:
3f:41:ba:a5:54:a3:7e:10:43:91:01:f1:a2:5e:c9:1e:d1:73:
35:a0:77:58:74:f0:40:4d:54:6b:58:40:c0:31:22:32:bd:c9:
71:61:1e:fd:1b:10:77:cb:c4:a8:25:9c:10:99:80:0b:a1:37:
f2:80:9a:6d:b7:da:89:de:14:af:61:a7:79:01:45:40:a4:a1:
f4:da:23:c8:fe:fa:2f:42:46:0c:8a:01:eb:bd:3c:9b:07:63:
ed:9d:32:19:5b:32:76:a9:1f:83:a7:62:fd:7b:a5:a2:29:40:
cf:ab:2c:cd:d3:87:c5:57:88:db:cf:89:8f:a0:69:fa:4e:f7:
62:32:48:ee:a4:a1:17:2b:88:1b:4e:0f:0d:da:d0:64:77:d5:
13:15:38:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFDQEzoT/VU4vH5bacrDSNf/60CswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiZGI0Mzg1OGJjMTc3Y2M3M2QwYTBiOWJmMGVkZGE2YjY0MGJlNGFhOGY5
M2I4YmM3M2QwNTRlMzFiZmUwMGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMycHSLQcerQHG79+Aqx++mEd735IXQNTBdTW4jlxk/REKQZmRRBL9bOD2Ay
UELxR2wsmF/Gn/6P+5hSox3N8TLWxoCocwLkX43i1sb+3x/R3fizwc1sBpOnR2O2
bgXVcomdGbPPsFq1obwQ130ff5EwLm2FEtJpRIy7IOitFmDh95gIQ9kRYVo8Vq5x
j+fAWz+WzpF12c/z1k2HC+5Lf/BKXPERBe6cXJpBoAmlM30H7RAJ7/N/486BTd3t
MtW8Uh4+wThk6h4Ss8hLkarJ4Z4xTXvEdUEZPq8crZSGxRZ2lSsvw28VZRPmJifO
QJaQnLQGDT48J9ry5kkGaftr3E8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSnlbec
EuRJS1RmqYU0ajAKJKMO2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQCyBvMDODIX+1pVAY4GRgxQBokRgCoWHf4cSENvDrsB
hVS9uk9V045598cchNpMcOsU19LU2aN5gX1D96QFHY/Xz0k4sqT8FvgzrWau2BTj
+GYvXMXz4cFWjbBLcIIMNYw/rq3MTr6DHLKScl4/QbqlVKN+EEORAfGiXske0XM1
oHdYdPBATVRrWEDAMSIyvclxYR79GxB3y8SoJZwQmYALoTfygJptt9qJ3hSvYad5
AUVApKH02iPI/vovQkYMigHrvTybB2PtnTIZWzJ2qR+Dp2L9e6WiKUDPqyzN04fF
V4jbz4mPoGn6TvdiMkjupKEXK4gbTg8N2tBkd9UTFThd
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:39 2025 by rpki-client