Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: k8HJmBHvcIzFSh8FjGGik+GPSk4k8iP0VwENQh74SF4=
Subject key identifier: A4:DD:F1:7F:55:92:A5:6F:F8:33:5D:C2:11:94:88:59:EC:E4:44:A4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C235C2D4F7F99FA0C27BFC113EE59FEBAF5B1C6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:23:5c:2d:4f:7f:99:fa:0c:27:bf:c1:13:ee:59:fe:ba:f5:b1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=14c3578e077a4759f8c109ba549f2c255273d828ebbcc8516a1d2e88fa5f3d4f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:be:f0:f2:3e:88:29:e6:bb:c1:dd:c0:7a:aa:
12:23:5b:db:2f:1b:b7:1c:3f:c8:03:d8:ba:7b:13:
2c:4f:58:db:68:75:36:69:73:83:84:b5:4b:44:43:
49:89:81:e8:ae:56:dc:f6:d4:75:c1:13:44:2f:b6:
db:04:5b:be:34:b1:50:4f:09:c7:de:a9:ed:55:b8:
10:5b:6e:1e:09:58:74:42:b9:f8:3f:e3:2f:ed:4f:
dc:91:6b:c5:29:ac:b4:e3:78:79:bc:3b:04:82:1f:
b5:7f:6e:18:ed:11:35:75:61:4e:05:64:70:8a:3f:
31:e1:0f:35:33:ed:cc:c3:de:04:36:36:52:05:88:
f0:9a:fc:38:82:b1:52:9c:89:cf:4e:a3:00:af:ac:
63:40:4d:5c:58:00:fd:54:67:24:15:46:a7:cf:d0:
9e:55:ea:b9:da:04:c5:e4:23:c6:8b:da:c2:a3:ac:
d7:c2:e0:dd:3d:78:a2:9d:13:e9:00:f9:35:4a:80:
e1:eb:ae:58:b5:98:c7:d2:85:0d:fc:9d:55:24:83:
df:f5:92:6e:2c:ad:c5:73:45:45:26:37:51:3d:36:
53:10:cc:f7:f1:23:5c:d9:eb:f7:b8:7c:3e:71:f2:
f7:42:25:ca:76:d6:cc:15:c5:eb:2e:57:35:5c:8b:
1e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DD:F1:7F:55:92:A5:6F:F8:33:5D:C2:11:94:88:59:EC:E4:44:A4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ca:6d:64:b3:71:e8:75:fa:0d:94:02:f7:8f:2e:bd:56:fa:a5:
44:73:3a:b0:4c:eb:be:47:b4:5d:50:f7:51:54:33:77:c0:6e:
8c:45:13:81:27:a0:51:fe:65:e3:96:8c:a5:a9:6e:eb:28:55:
a0:c5:1e:2b:33:14:cc:09:7b:2b:31:c5:82:55:e8:a2:13:a6:
d4:ca:5b:00:2f:3d:86:d9:f9:d9:6b:60:c0:8d:a1:fe:19:19:
13:f2:eb:02:7a:96:db:b1:a8:50:28:18:ee:db:6f:aa:f0:7e:
8e:1b:29:d6:4e:24:94:0e:30:5f:71:6a:b6:b2:46:59:6e:77:
aa:31:db:7e:f8:96:92:a2:64:a2:a6:c4:59:c3:6e:e6:ff:a3:
ed:21:ea:3c:39:b3:35:d2:02:b8:33:94:d7:ad:b3:92:c8:07:
e4:b9:49:ac:72:af:da:fa:34:59:9b:32:ff:a8:d4:6d:bf:45:
2a:31:7c:db:f9:52:9d:ef:b6:78:a7:3b:6f:3a:23:ca:57:bc:
3b:9c:38:f4:09:06:8d:5b:cb:30:8a:28:62:86:25:0e:5c:88:
15:6a:8a:6f:81:1f:b9:e8:19:e2:e7:7c:82:2b:1a:34:46:85:
c4:18:fc:20:e6:5e:49:7c:3b:93:01:45:35:50:b4:86:42:77:
b0:9e:2f:6f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPCNcLU9/mfoMJ7/BE+5Z/rr1scYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0YzM1NzhlMDc3YTQ3NTlmOGMxMDliYTU0OWYyYzI1NTI3M2Q4MjhlYmJj
Yzg1MTZhMWQyZTg4ZmE1ZjNkNGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq+8PI+iCnmu8HdwHqqEiNb2y8btxw/yAPYunsTLE9Y22h1Nmlzg4S1S0RD
SYmB6K5W3PbUdcETRC+22wRbvjSxUE8Jx96p7VW4EFtuHglYdEK5+D/jL+1P3JFr
xSmstON4ebw7BIIftX9uGO0RNXVhTgVkcIo/MeEPNTPtzMPeBDY2UgWI8Jr8OIKx
UpyJz06jAK+sY0BNXFgA/VRnJBVGp8/QnlXqudoExeQjxovawqOs18Lg3T14op0T
6QD5NUqA4euuWLWYx9KFDfydVSSD3/WSbiytxXNFRSY3UT02UxDM9/EjXNnr97h8
PnHy90IlynbWzBXF6y5XNVyLHk0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSk3fF/
VZKlb/gzXcIRlIhZ7OREpDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAym1ks3HodfoNlAL3jy69VvqlRHM6sEzrvke0XVD3
UVQzd8BujEUTgSegUf5l45aMpalu6yhVoMUeKzMUzAl7KzHFglXoohOm1MpbAC89
htn52WtgwI2h/hkZE/LrAnqW27GoUCgY7ttvqvB+jhsp1k4klA4wX3FqtrJGWW53
qjHbfviWkqJkoqbEWcNu5v+j7SHqPDmzNdICuDOU162zksgH5LlJrHKv2vo0WZsy
/6jUbb9FKjF82/lSne+2eKc7bzojyle8O5w49AkGjVvLMIooYoYlDlyIFWqKb4Ef
uegZ4ud8gisaNEaFxBj8IOZeSXw7kwFFNVC0hkJ3sJ4vbw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:22:29 2025 by rpki-client