Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: lJ+0xY3p7QZF7w/jKbULl3uNy7Bqs7rbUHit/aa7GhE=
Subject key identifier: 21:96:A3:4C:56:DF:D7:03:7A:40:66:3F:CA:BF:AE:9B:83:7B:EC:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B22E09AF3EE17A0E7D8517D42791001AD1FC1CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:22:e0:9a:f3:ee:17:a0:e7:d8:51:7d:42:79:10:01:ad:1f:c1:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=214762f1ed71983909974730bbf39375ba266fe539a5f36b9ce19c175971fc05, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:52:c0:70:92:30:af:97:5d:cd:0b:f3:ae:ef:
3f:88:a1:7d:0b:56:03:1f:d9:58:e9:01:f3:48:1c:
d8:66:c8:3c:19:83:1a:36:d0:2f:d7:4b:23:5b:fd:
df:a9:d0:c5:bf:37:ab:fd:9b:06:a5:cb:21:5a:d1:
69:be:2c:9d:43:f5:bd:70:0e:50:17:a6:fa:1c:31:
2e:6d:9f:34:41:fa:46:ea:0b:24:32:dc:81:f7:05:
1c:f9:ff:33:af:8e:48:5a:6a:32:8d:b1:ca:35:05:
0b:1e:7b:88:a0:fc:c1:0b:29:c4:65:e3:41:42:dc:
c0:95:d3:f0:14:5c:ec:a1:78:f7:63:d7:a8:f6:5b:
8d:3c:02:cd:57:ce:a4:57:d7:5a:57:27:f9:36:1a:
8d:b2:ab:4b:bf:e8:0f:01:49:10:4b:df:46:17:ce:
68:c2:ae:40:7c:cc:76:07:b7:5e:08:1c:25:67:bb:
1b:ea:a8:6a:a2:5b:fa:39:f1:12:0e:be:0d:9c:ed:
a3:a2:f8:29:6e:2f:5c:d5:46:30:fd:75:94:c3:0f:
03:18:91:7c:c1:1d:e1:41:0c:30:70:67:89:a7:a6:
84:da:80:f7:5b:97:ad:53:d8:6a:80:71:c4:68:cb:
c6:ed:70:71:b3:3a:7b:58:3f:47:a2:72:80:84:70:
9a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:96:A3:4C:56:DF:D7:03:7A:40:66:3F:CA:BF:AE:9B:83:7B:EC:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
46:bf:b4:a7:c4:8a:33:c4:c7:24:1a:d9:18:be:b5:be:31:78:
49:8a:35:ea:0c:9d:5d:9c:af:3b:3f:18:fc:06:72:ef:18:02:
9c:af:2c:57:87:5d:fc:62:28:66:b8:5f:5e:fd:ce:76:10:93:
de:3d:8f:30:b4:13:5d:c5:d0:cf:c4:fc:c7:fa:0b:d6:e2:71:
35:3c:5b:02:f5:9a:73:47:54:ba:bb:f4:b6:0c:e3:16:55:42:
d4:cd:71:59:01:d1:90:f2:f7:65:f6:10:c6:62:0b:fc:53:19:
6b:3a:d8:a7:1a:6c:45:ab:b1:20:33:27:ea:c5:8d:c8:a5:a7:
9c:c1:be:a7:3e:3b:d8:0d:1e:43:7e:5a:78:89:41:f2:99:f2:
f3:85:c1:d3:fa:ee:59:45:f9:a6:41:6a:e0:85:b8:f1:c4:01:
b3:7b:c0:28:bd:d2:13:d7:64:ca:e4:af:3f:04:ab:87:dc:ec:
75:9c:39:4c:a1:fa:b5:21:4c:56:44:9f:4f:29:ea:cf:16:7c:
05:97:ac:94:25:86:18:9a:8d:6e:14:28:95:f0:71:c4:64:15:
26:8d:15:06:bc:58:7b:00:e8:77:1e:fb:35:ed:b5:08:8b:2a:
aa:1b:05:5a:44:78:d2:c8:eb:76:83:66:9e:d4:1c:ae:4b:8a:
de:68:ab:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeyLgmvPuF6Dn2FF9QnkQAa0fwc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxNDc2MmYxZWQ3MTk4MzkwOTk3NDczMGJiZjM5Mzc1YmEyNjZmZTUzOWE1
ZjM2YjljZTE5YzE3NTk3MWZjMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAItSwHCSMK+XXc0L867vP4ihfQtWAx/ZWOkB80gc2GbIPBmDGjbQL9dLI1v9
36nQxb83q/2bBqXLIVrRab4snUP1vXAOUBem+hwxLm2fNEH6RuoLJDLcgfcFHPn/
M6+OSFpqMo2xyjUFCx57iKD8wQspxGXjQULcwJXT8BRc7KF492PXqPZbjTwCzVfO
pFfXWlcn+TYajbKrS7/oDwFJEEvfRhfOaMKuQHzMdge3XggcJWe7G+qoaqJb+jnx
Eg6+DZzto6L4KW4vXNVGMP11lMMPAxiRfMEd4UEMMHBniaemhNqA91uXrVPYaoBx
xGjLxu1wcbM6e1g/R6JygIRwmocCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQhlqNM
Vt/XA3pAZj/Kv66bg3vsSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEARr+0p8SKM8THJBrZGL61vjF4SYo16gydXZyvOz8Y
/AZy7xgCnK8sV4dd/GIoZrhfXv3OdhCT3j2PMLQTXcXQz8T8x/oL1uJxNTxbAvWa
c0dUurv0tgzjFlVC1M1xWQHRkPL3ZfYQxmIL/FMZazrYpxpsRauxIDMn6sWNyKWn
nMG+pz472A0eQ35aeIlB8pny84XB0/ruWUX5pkFq4IW48cQBs3vAKL3SE9dkyuSv
PwSrh9zsdZw5TKH6tSFMVkSfTynqzxZ8BZeslCWGGJqNbhQolfBxxGQVJo0VBrxY
ewDodx77Ne21CIsqqhsFWkR40sjrdoNmntQcrkuK3mirfQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:25 2025 by rpki-client