Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: fkmkRRoL+WSLh1JleQNKeP004czc6t8XLZ5hsIDpPiE=
Subject key identifier: EF:8D:11:F1:C4:94:6B:E9:06:DC:C0:D4:0F:85:9C:B0:84:94:75:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45AE78EE09EF8FE01BB21DCDF1495E4BF131C09A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:ae:78:ee:09:ef:8f:e0:1b:b2:1d:cd:f1:49:5e:4b:f1:31:c0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=281624b8a42ba7e23d1029e38423c8fe993eb94747e746aa57053cd05621365d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:65:a4:c3:55:34:7c:ac:b0:d3:03:a5:bd:24:
aa:b7:bb:ba:fd:1e:1e:84:0f:71:50:29:29:f3:b6:
3e:99:fe:11:af:39:80:a2:33:04:62:bf:cc:2b:5b:
20:b9:9a:0e:96:55:b8:16:3f:38:02:db:5a:fc:30:
c4:ec:0a:2e:4f:4b:04:f6:7e:e7:dc:39:a7:a9:a4:
ac:c8:45:ba:81:d9:31:71:6c:8d:72:26:5e:38:66:
63:58:98:39:ba:06:81:36:e1:eb:f3:a1:a1:21:71:
05:93:8c:c5:08:04:cc:16:e0:3c:67:ab:e6:78:92:
4a:5b:29:37:92:93:b1:74:e1:76:dd:33:c0:5d:e1:
3f:b8:81:fc:3d:6e:df:0d:8a:f6:73:90:90:ae:f1:
0d:da:fb:7a:00:1a:c6:79:96:8a:b6:60:51:06:4f:
8d:6a:b1:92:4c:7b:f2:6e:27:57:66:fe:11:cb:e0:
94:8a:ad:f8:50:dd:0a:cc:5b:8a:8c:53:0c:39:e5:
36:64:a0:54:03:8f:99:57:4f:c7:f7:e3:f7:a0:f1:
c1:a1:e4:1d:b1:db:74:d8:22:bb:05:8a:fb:39:a1:
94:55:58:57:e9:d5:58:f5:d1:aa:be:56:e9:e4:43:
09:ab:d7:57:b4:a1:ba:07:f7:1c:cb:dd:07:f5:54:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:8D:11:F1:C4:94:6B:E9:06:DC:C0:D4:0F:85:9C:B0:84:94:75:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
52:b3:32:07:7f:21:66:29:36:d3:36:d0:1c:6c:5f:98:b7:59:
89:b7:a2:57:70:11:3a:81:d9:7e:12:65:2a:00:9a:61:de:4e:
6b:40:6f:f2:4e:38:94:63:a6:d3:48:b9:dd:03:20:28:ed:b6:
91:92:02:a5:5a:19:66:bf:c5:4c:ed:f2:6b:be:85:04:2d:73:
45:cd:fe:6d:50:6d:82:9b:4a:65:c7:4b:19:b3:21:1e:cb:bc:
1e:47:7f:f9:4d:e5:18:a3:24:96:85:27:8d:16:e5:4d:b4:20:
10:4a:d9:c3:b7:f4:e7:ca:9d:6e:ee:ba:26:0d:00:a7:dd:af:
37:85:4f:6e:e8:67:89:5d:83:a3:a5:15:6b:0e:65:5a:b2:41:
88:2a:a2:c0:09:cc:7d:c4:d2:4a:48:c0:ef:49:a9:fc:da:cd:
90:9c:5a:82:eb:83:27:8e:c2:f8:ac:0d:43:8d:9f:2e:6d:41:
31:ab:e5:5c:ec:30:b6:33:42:9d:e1:39:5b:1e:e9:25:5d:7a:
23:82:d9:e8:03:15:02:43:72:bb:fa:f9:2c:87:83:19:7b:4f:
4d:2f:d6:dc:42:3a:c7:06:dc:21:3a:bb:09:85:a3:78:e4:a4:
60:12:97:5a:c9:90:d6:3e:31:7e:77:fd:e5:81:82:20:76:cb:
64:68:c1:13
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURa547gnvj+Absh3N8UleS/ExwJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MTYyNGI4YTQyYmE3ZTIzZDEwMjllMzg0MjNjOGZlOTkzZWI5NDc0N2U3
NDZhYTU3MDUzY2QwNTYyMTM2NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFlpMNVNHyssNMDpb0kqre7uv0eHoQPcVApKfO2Ppn+Ea85gKIzBGK/zCtb
ILmaDpZVuBY/OALbWvwwxOwKLk9LBPZ+59w5p6mkrMhFuoHZMXFsjXImXjhmY1iY
OboGgTbh6/OhoSFxBZOMxQgEzBbgPGer5niSSlspN5KTsXThdt0zwF3hP7iB/D1u
3w2K9nOQkK7xDdr7egAaxnmWirZgUQZPjWqxkkx78m4nV2b+EcvglIqt+FDdCsxb
ioxTDDnlNmSgVAOPmVdPx/fj96DxwaHkHbHbdNgiuwWK+zmhlFVYV+nVWPXRqr5W
6eRDCavXV7Shugf3HMvdB/VUHfsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTvjRHx
xJRr6QbcwNQPhZywhJR1sTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAUrMyB38hZik20zbQHGxfmLdZibeiV3AROoHZfhJl
KgCaYd5Oa0Bv8k44lGOm00i53QMgKO22kZICpVoZZr/FTO3ya76FBC1zRc3+bVBt
gptKZcdLGbMhHsu8Hkd/+U3lGKMkloUnjRblTbQgEErZw7f058qdbu66Jg0Ap92v
N4VPbuhniV2Do6UVaw5lWrJBiCqiwAnMfcTSSkjA70mp/NrNkJxaguuDJ47C+KwN
Q42fLm1BMavlXOwwtjNCneE5Wx7pJV16I4LZ6AMVAkNyu/r5LIeDGXtPTS/W3EI6
xwbcITq7CYWjeOSkYBKXWsmQ1j4xfnf95YGCIHbLZGjBEw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:11:43 2025 by rpki-client