Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: AmWoxG+0/F8/iBxWjQIv4/XWWAzf8dp6zdBFSOt25MQ=
Subject key identifier: B3:6A:33:87:F7:D9:1D:FE:E6:FC:EC:C9:B3:E9:CE:19:1C:97:F3:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 154DE8C7E5721B2281E0EA134CD85C42728FEA30
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:4d:e8:c7:e5:72:1b:22:81:e0:ea:13:4c:d8:5c:42:72:8f:ea:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=7418551c867765ee548fa8f5194244f9e81b9583ba6ed5fcfa378fd2b526fda6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9c:32:8b:ff:30:ca:c6:1e:9d:17:b4:39:51:
c0:87:26:8d:75:29:49:38:73:af:0d:7b:48:8f:8b:
fe:ea:c8:2e:c9:00:e1:bb:e6:58:93:98:e7:85:05:
62:43:5c:7d:34:4d:32:b5:a7:7d:ce:e9:2e:72:df:
c8:47:a9:eb:d5:31:41:18:cc:57:c9:8a:cb:c1:4c:
7e:d2:b5:20:17:2f:90:98:11:f2:8f:24:09:03:a1:
1b:d6:e5:f4:f3:7b:be:8a:57:cc:b4:cb:76:06:65:
fd:92:18:18:30:79:d6:6b:e1:34:35:48:a8:6f:62:
a4:b8:2f:2a:47:52:81:07:f7:03:f9:e0:87:23:df:
42:ed:bd:0e:a1:3a:e4:31:ff:3a:06:b3:26:74:9e:
b2:14:41:c8:ea:eb:45:bf:10:ee:24:27:67:ab:e0:
e4:f7:33:10:5c:9a:dc:d7:c7:bb:79:78:86:aa:79:
80:bd:54:c9:49:c2:f0:39:e4:37:05:3c:1f:4b:9a:
c8:3e:f1:0e:e6:bf:c2:de:f8:cc:2a:a6:81:2f:74:
1e:ec:7f:de:38:bf:f2:19:36:67:44:16:92:b6:70:
c7:9b:72:03:fe:d3:da:97:66:81:6a:ea:b9:04:9b:
19:98:5a:f9:02:8c:cc:a7:56:93:82:db:40:0b:33:
2d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6A:33:87:F7:D9:1D:FE:E6:FC:EC:C9:B3:E9:CE:19:1C:97:F3:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
39:8d:82:22:b1:9b:54:22:99:9b:58:df:66:c8:7c:cf:d0:e0:
d1:2d:63:c4:dd:cc:95:cb:2a:5f:1f:07:d7:41:13:d2:2d:19:
91:48:a8:5e:23:9b:b5:e7:60:23:cd:98:b8:9b:f6:b7:74:61:
41:3b:69:62:2f:87:47:13:d3:14:27:d8:16:12:d2:56:ad:fc:
c1:49:7c:39:2f:37:1c:ec:ac:21:4d:a0:5f:59:01:c2:22:e3:
19:93:0d:28:ea:f2:35:e9:10:4a:65:19:ac:73:1e:88:3b:a2:
66:ab:e9:e7:12:e6:8b:99:18:d7:c7:4f:f0:9e:cb:50:8f:90:
59:b5:bc:72:85:b4:39:02:2f:e8:d0:18:d1:b0:db:92:9c:84:
dd:61:d4:86:6f:49:0d:1d:85:ed:b0:c5:89:87:7d:d2:45:89:
f8:5a:24:b2:02:6c:81:0b:aa:95:a3:d8:ca:64:bb:19:1b:93:
13:f5:6e:19:c0:07:01:c9:1c:28:72:20:a0:f4:56:a5:e8:d7:
9d:ad:70:67:4c:8d:5c:d3:1c:b2:06:5a:c2:f3:dc:7c:ff:64:
65:b1:56:74:8b:8a:85:39:04:84:da:af:3d:61:2e:ca:70:d9:
89:71:0d:69:2d:85:d7:4c:d6:54:c0:07:12:12:83:86:dc:ec:
ae:a3:f1:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFU3ox+VyGyKB4OoTTNhcQnKP6jAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MTg1NTFjODY3NzY1ZWU1NDhmYThmNTE5NDI0NGY5ZTgxYjk1ODNiYTZl
ZDVmY2ZhMzc4ZmQyYjUyNmZkYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmcMov/MMrGHp0XtDlRwIcmjXUpSThzrw17SI+L/urILskA4bvmWJOY54UF
YkNcfTRNMrWnfc7pLnLfyEep69UxQRjMV8mKy8FMftK1IBcvkJgR8o8kCQOhG9bl
9PN7vopXzLTLdgZl/ZIYGDB51mvhNDVIqG9ipLgvKkdSgQf3A/nghyPfQu29DqE6
5DH/OgazJnSeshRByOrrRb8Q7iQnZ6vg5PczEFya3NfHu3l4hqp5gL1UyUnC8Dnk
NwU8H0uayD7xDua/wt74zCqmgS90Hux/3ji/8hk2Z0QWkrZwx5tyA/7T2pdmgWrq
uQSbGZha+QKMzKdWk4LbQAszLf8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSzajOH
99kd/ub87Mmz6c4ZHJfzPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAOY2CIrGbVCKZm1jfZsh8z9Dg0S1jxN3Mlcsq
Xx8H10ET0i0ZkUioXiObtedgI82YuJv2t3RhQTtpYi+HRxPTFCfYFhLSVq38wUl8
OS83HOysIU2gX1kBwiLjGZMNKOryNekQSmUZrHMeiDuiZqvp5xLmi5kY18dP8J7L
UI+QWbW8coW0OQIv6NAY0bDbkpyE3WHUhm9JDR2F7bDFiYd90kWJ+FoksgJsgQuq
laPYymS7GRuTE/VuGcAHAckcKHIgoPRWpejXna1wZ0yNXNMcsgZawvPcfP9kZbFW
dIuKhTkEhNqvPWEuynDZiXENaS2F10zWVMAHEhKDhtzsrqPxNA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:33 2025 by rpki-client