Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: uSMISL2hfUCDtoRF5LeIlKlQeJaxpmgogoG5xZ+H83E=
Subject key identifier: 03:B6:58:56:CE:10:A4:3C:B9:24:90:C0:0A:98:22:A4:F5:2D:97:7B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F66FD3B0814E892252D261765A83680E491DD60
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:66:fd:3b:08:14:e8:92:25:2d:26:17:65:a8:36:80:e4:91:dd:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3998f135744e201548f77388b0f7d9dd0319c10d1b7ae41453cb0006c6d5d955, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:05:76:d7:0b:8d:18:ec:93:98:61:27:c9:
e0:ad:31:5b:32:fd:39:a6:df:1a:43:1b:08:c1:0d:
db:29:df:45:95:06:34:67:b2:8b:50:3d:f4:94:ac:
48:9c:0a:bb:d0:c3:5a:54:da:d8:56:2e:2e:9b:b4:
06:5e:e2:7b:e6:c6:65:d8:74:3d:bc:31:0d:9f:bd:
0a:24:a5:b1:81:c7:b3:00:22:a3:9c:12:ca:17:46:
7f:a0:e1:ae:c5:94:5b:bc:7b:f8:4a:88:91:19:32:
08:0c:eb:16:10:d2:dc:82:8e:0c:ff:a0:8a:1e:58:
ae:24:39:d9:e6:84:25:01:52:0b:d7:05:01:cd:40:
10:95:b5:70:37:77:81:a3:0b:5b:14:53:2f:f1:42:
e0:db:d0:79:90:dc:b1:b6:e1:28:93:62:c0:d1:fa:
22:94:93:97:7c:01:26:d7:98:a8:47:3d:40:d2:04:
d4:14:85:d4:e6:e6:a2:76:0b:8e:89:10:95:fa:a1:
4b:2d:33:0b:b2:91:f9:9d:cc:fb:52:6d:61:ef:e9:
63:14:c7:a7:bb:50:53:c8:33:66:f1:ee:e0:52:fb:
b7:d5:92:07:b8:90:68:5b:b6:cb:96:14:09:30:16:
f2:36:55:d5:69:f5:57:43:d4:48:76:60:32:8e:e6:
d0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B6:58:56:CE:10:A4:3C:B9:24:90:C0:0A:98:22:A4:F5:2D:97:7B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:5a:33:53:73:95:c6:16:45:1c:19:2a:ee:51:1a:db:25:7f:
5b:bc:0d:3b:d9:2c:d2:61:44:cb:2c:8c:db:93:af:bc:44:d6:
95:63:46:e2:e8:57:0e:6e:53:29:03:1e:0b:89:f3:99:eb:fd:
a7:39:58:6e:e4:1f:31:35:d8:52:19:1c:bf:ce:d0:3c:93:87:
f8:6c:38:19:ba:e5:be:16:e3:83:65:21:ab:52:37:ce:b6:48:
08:b6:d8:21:38:c1:eb:1d:0d:19:06:8e:14:f1:ba:5b:57:b4:
d4:05:44:26:50:d9:5b:bb:1c:aa:cd:f5:e0:04:c8:6d:b4:71:
b2:ea:d8:f0:13:f4:78:bf:3b:7a:1a:b0:e0:23:42:ab:a2:11:
63:1e:11:87:95:4b:44:da:ae:6b:18:82:8c:f0:f4:89:a2:50:
63:86:e3:a5:0e:e7:bc:5a:18:ad:97:b8:1a:44:ab:66:71:38:
f8:52:73:ce:4b:54:5c:9e:58:71:b5:5f:b7:40:f2:60:d0:fe:
bb:7a:5d:81:58:d2:6e:a4:6c:6a:28:a4:16:15:4a:8c:d2:19:
e4:77:03:89:e4:15:b3:d8:ac:08:cf:3c:07:cc:71:5c:35:ab:
8c:64:f3:63:da:9f:24:30:40:61:c4:ac:81:1d:2d:28:3f:fd:
4d:cc:5e:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf2b9OwgU6JIlLSYXZag2gOSR3WAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5OThmMTM1NzQ0ZTIwMTU0OGY3NzM4OGIwZjdkOWRkMDMxOWMxMGQxYjdh
ZTQxNDUzY2IwMDA2YzZkNWQ5NTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvmBXbXC40Y7JOYYSfJ4K0xWzL9OabfGkMbCMEN2ynfRZUGNGeyi1A99JSs
SJwKu9DDWlTa2FYuLpu0Bl7ie+bGZdh0PbwxDZ+9CiSlsYHHswAio5wSyhdGf6Dh
rsWUW7x7+EqIkRkyCAzrFhDS3IKODP+gih5YriQ52eaEJQFSC9cFAc1AEJW1cDd3
gaMLWxRTL/FC4NvQeZDcsbbhKJNiwNH6IpSTl3wBJteYqEc9QNIE1BSF1ObmonYL
jokQlfqhSy0zC7KR+Z3M+1JtYe/pYxTHp7tQU8gzZvHu4FL7t9WSB7iQaFu2y5YU
CTAW8jZV1Wn1V0PUSHZgMo7m0MMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQDtlhW
zhCkPLkkkMAKmCKk9S2XezAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQC0WjNTc5XGFkUcGSruURrbJX9bvA072SzSYUTLLIzb
k6+8RNaVY0bi6FcOblMpAx4LifOZ6/2nOVhu5B8xNdhSGRy/ztA8k4f4bDgZuuW+
FuODZSGrUjfOtkgIttghOMHrHQ0ZBo4U8bpbV7TUBUQmUNlbuxyqzfXgBMhttHGy
6tjwE/R4vzt6GrDgI0KrohFjHhGHlUtE2q5rGIKM8PSJolBjhuOlDue8Whitl7ga
RKtmcTj4UnPOS1RcnlhxtV+3QPJg0P67el2BWNJupGxqKKQWFUqM0hnkdwOJ5BWz
2KwIzzwHzHFcNauMZPNj2p8kMEBhxKyBHS0oP/1NzF51
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:07:34 2025 by rpki-client