Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: BQekqTOAaU/qsNZmQZauLj0TDiwf+99lMxToS28lec8=
Subject key identifier: 37:3D:4F:AD:D0:7D:98:2B:5A:37:98:23:76:1B:F7:05:4E:76:D0:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AEC51E3FA23BD27AADC38492613E4CB11541497
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ec:51:e3:fa:23:bd:27:aa:dc:38:49:26:13:e4:cb:11:54:14:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=1f7ce7be849e2f96abbcd33a49f9173585d7e1b193365c5e2bab5f51aba416b3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a4:8c:3f:ba:55:2e:a6:8b:54:c9:b7:c1:b7:
f3:ba:7b:dc:9d:d1:3b:b1:c4:8e:dc:a4:83:87:e6:
a4:e6:7c:b4:36:46:dd:fe:29:db:91:b1:e5:b3:cf:
1f:2e:d4:ee:bb:7f:68:a9:3b:44:e1:ff:84:78:52:
f1:b4:ec:fb:14:da:53:2d:92:53:b5:46:6f:75:f3:
08:c8:70:ee:e4:53:b1:6f:b4:56:be:f2:2b:e8:c6:
b0:d6:19:7b:e2:84:7f:16:18:a8:e4:3b:c8:3e:73:
21:34:45:00:06:91:e9:23:23:17:be:f7:e4:a1:ca:
d9:a9:90:b5:21:ca:59:65:82:df:2a:a5:34:0a:be:
a8:bd:48:e8:af:8d:d2:5f:6d:6f:1b:69:1e:52:e9:
ae:a2:88:df:76:e1:e5:dd:c6:b7:84:62:8e:bc:68:
09:77:4a:dd:25:99:ef:ea:a8:13:2e:54:d3:f3:96:
f7:77:d4:2e:ee:3f:7f:c1:44:da:98:77:2c:a4:6b:
8f:64:2c:3b:22:0a:b9:c5:1a:27:57:42:e7:1d:bd:
f9:6e:2e:62:d6:65:e5:87:a0:f3:2e:a1:06:54:bf:
6f:58:16:bf:ba:e6:55:70:40:b2:f4:2d:2e:61:ee:
d1:ee:b4:d5:db:72:70:fd:3b:c9:22:04:d2:ba:06:
85:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3D:4F:AD:D0:7D:98:2B:5A:37:98:23:76:1B:F7:05:4E:76:D0:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
11:09:1e:cf:d2:f9:72:1c:15:d1:28:54:45:d4:93:eb:e1:1e:
c8:0b:77:ac:23:22:c3:b5:44:2a:68:76:ba:26:6f:be:e1:c9:
ea:79:36:95:e8:1f:cf:56:14:b5:16:2c:b9:3d:87:1f:67:0b:
7b:3a:5c:d2:cf:a1:26:50:cc:db:38:43:1e:09:db:53:39:4b:
17:d6:b1:73:ee:01:98:85:62:42:af:3e:43:f2:67:c3:db:b4:
62:8c:0c:ae:f4:5a:b8:0d:e2:2f:0c:f0:4f:ef:0f:56:a1:0d:
86:db:1f:b5:25:25:65:b4:45:b5:e2:bb:a7:d9:71:5d:27:8f:
ad:d3:2a:35:a0:8e:50:91:b9:2f:6e:c4:08:a1:9b:68:c4:f6:
e1:8c:11:a3:6b:57:62:f1:a9:99:63:e2:2f:33:2f:54:de:db:
29:17:66:7a:38:0b:ad:08:c7:93:63:53:3e:53:13:a0:c1:ea:
0f:b6:78:d0:0d:af:9e:86:20:ca:a8:f6:25:d4:cd:cd:c9:c0:
17:6f:e7:82:b3:4d:1f:b0:93:a9:64:26:46:6f:c6:a8:ea:93:
da:99:3e:86:d7:37:5b:7c:d8:26:ee:b9:90:b5:89:24:dd:8d:
e8:3c:c7:46:f4:cf:ff:95:43:f2:50:2e:0d:62:21:81:cb:97:
c9:61:6b:fc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWuxR4/ojvSeq3DhJJhPkyxFUFJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmN2NlN2JlODQ5ZTJmOTZhYmJjZDMzYTQ5ZjkxNzM1ODVkN2UxYjE5MzM2
NWM1ZTJiYWI1ZjUxYWJhNDE2YjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKykjD+6VS6mi1TJt8G387p73J3RO7HEjtykg4fmpOZ8tDZG3f4p25Gx5bPP
Hy7U7rt/aKk7ROH/hHhS8bTs+xTaUy2SU7VGb3XzCMhw7uRTsW+0Vr7yK+jGsNYZ
e+KEfxYYqOQ7yD5zITRFAAaR6SMjF7735KHK2amQtSHKWWWC3yqlNAq+qL1I6K+N
0l9tbxtpHlLprqKI33bh5d3Gt4RijrxoCXdK3SWZ7+qoEy5U0/OW93fULu4/f8FE
2ph3LKRrj2QsOyIKucUaJ1dC5x29+W4uYtZl5Yeg8y6hBlS/b1gWv7rmVXBAsvQt
LmHu0e601dtycP07ySIE0roGhSkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ3PU+t
0H2YK1o3mCN2G/cFTnbQaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAEQkez9L5chwV0ShURdST6+EeyAt3rCMiw7VEKmh2
uiZvvuHJ6nk2legfz1YUtRYsuT2HH2cLezpc0s+hJlDM2zhDHgnbUzlLF9axc+4B
mIViQq8+Q/Jnw9u0YowMrvRauA3iLwzwT+8PVqENhtsftSUlZbRFteK7p9lxXSeP
rdMqNaCOUJG5L27ECKGbaMT24YwRo2tXYvGpmWPiLzMvVN7bKRdmejgLrQjHk2NT
PlMToMHqD7Z40A2vnoYgyqj2JdTNzcnAF2/ngrNNH7CTqWQmRm/GqOqT2pk+htc3
W3zYJu65kLWJJN2N6DzHRvTP/5VD8lAuDWIhgcuXyWFr/A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:28:47 2025 by rpki-client