Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: j7zMV+huojOhouljapAOWqGCFq3qqy74RP8ZLAtvqPw=
Subject key identifier: 67:E7:36:E1:00:49:3B:80:5F:36:85:B9:3E:D3:48:61:06:C2:63:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 025F273BC0EA4AD8AE01117F9F3DF1298D94ADB1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:5f:27:3b:c0:ea:4a:d8:ae:01:11:7f:9f:3d:f1:29:8d:94:ad:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=23fc0b7de2e4b114ed9d6184a16d926d78956bb4c449fb0890de30d3ed6a6b25, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:6a:84:8b:c5:48:b3:2e:64:fd:3a:bf:80:
5a:8f:44:1d:2b:cf:d1:c8:2b:ec:e2:0c:22:39:93:
b8:97:35:59:16:2c:e9:fb:a1:a3:6c:be:b6:51:95:
b1:f6:e2:c5:26:53:5b:dd:1f:be:f4:e7:66:27:aa:
9b:92:dd:20:0f:41:c6:ee:af:f1:3f:82:21:d4:84:
30:77:29:3c:c8:4d:87:4b:75:98:bd:56:1d:39:df:
b7:56:93:ed:fd:cc:93:7e:e3:e7:74:ad:e3:a9:09:
05:4c:0d:0c:a6:69:95:d8:10:f4:ed:c4:b1:75:6e:
bc:d9:28:4c:f9:11:d3:ea:e1:3d:ed:ac:8f:c5:04:
b9:a2:02:c8:53:87:06:ab:90:bd:f4:3c:ca:5c:d0:
02:bf:28:0a:1f:11:fb:3e:a8:56:8e:8e:76:c4:9d:
63:16:e2:fc:47:d7:c6:3a:51:dd:ef:0f:aa:95:3d:
80:af:f6:c3:30:72:8b:37:0b:e5:d1:35:5b:d7:21:
2b:77:65:dc:94:35:65:54:f6:dc:bf:76:84:cd:d9:
77:36:a8:8e:1e:23:0d:ba:5d:4b:3a:1a:bc:06:9c:
c5:9b:c5:96:21:41:df:65:a3:48:30:37:65:4f:86:
ea:af:c7:e6:a1:d3:a2:57:f1:8b:61:1a:a9:d9:a8:
81:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E7:36:E1:00:49:3B:80:5F:36:85:B9:3E:D3:48:61:06:C2:63:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:11:b7:c5:9f:7b:75:da:cb:92:5d:61:b2:7e:8d:37:d5:de:
9b:17:a4:26:df:fc:1f:ce:a6:a8:5e:01:78:fd:ee:68:76:a0:
95:fd:ca:70:43:f3:9b:48:39:bd:0c:9e:02:a8:c3:f6:34:1f:
1b:5e:cb:12:f4:48:77:ee:10:2a:1b:a0:bc:3a:e4:4c:e3:b5:
01:6e:09:04:af:8e:33:b3:94:b0:2e:6d:36:a1:d2:0e:d5:4f:
dc:39:f7:db:44:2e:04:a6:78:ba:e2:95:31:2b:76:20:e6:22:
73:53:d4:50:11:fc:1e:8e:43:b0:c1:ef:8e:e1:3f:63:bc:fb:
09:72:12:ed:b1:2b:5e:6f:8f:05:8b:5e:10:da:0e:9b:f0:86:
bc:26:97:b7:6d:d5:d2:a9:98:2f:ae:7d:9b:b5:ea:47:2d:73:
45:a3:f4:95:53:73:de:58:f8:8c:c6:8e:93:2e:85:36:15:47:
2c:b5:d3:80:c0:d5:6e:d1:9e:10:5e:5b:29:e8:76:8c:0b:4e:
f8:d0:b4:ae:36:31:88:fc:b2:99:8b:83:41:41:f7:7f:dd:ae:
2b:71:fe:86:51:1e:d8:f5:4d:92:b6:2f:7c:51:a0:77:13:82:
e8:76:ed:4f:21:32:23:94:e2:6d:60:6c:70:62:21:e6:93:ff:
af:7e:de:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAl8nO8DqStiuARF/nz3xKY2UrbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzZmMwYjdkZTJlNGIxMTRlZDlkNjE4NGExNmQ5MjZkNzg5NTZiYjRjNDQ5
ZmIwODkwZGUzMGQzZWQ2YTZiMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCmaoSLxUizLmT9Or+AWo9EHSvP0cgr7OIMIjmTuJc1WRYs6fuho2y+tlGV
sfbixSZTW90fvvTnZieqm5LdIA9Bxu6v8T+CIdSEMHcpPMhNh0t1mL1WHTnft1aT
7f3Mk37j53St46kJBUwNDKZpldgQ9O3EsXVuvNkoTPkR0+rhPe2sj8UEuaICyFOH
BquQvfQ8ylzQAr8oCh8R+z6oVo6OdsSdYxbi/EfXxjpR3e8PqpU9gK/2wzByizcL
5dE1W9chK3dl3JQ1ZVT23L92hM3Zdzaojh4jDbpdSzoavAacxZvFliFB32WjSDA3
ZU+G6q/H5qHTolfxi2EaqdmogZUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRn5zbh
AEk7gF82hbk+00hhBsJjTDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQCqEbfFn3t12suSXWGyfo031d6bF6Qm3/wfzqaoXgF4
/e5odqCV/cpwQ/ObSDm9DJ4CqMP2NB8bXssS9Eh37hAqG6C8OuRM47UBbgkEr44z
s5SwLm02odIO1U/cOffbRC4Epni64pUxK3Yg5iJzU9RQEfwejkOwwe+O4T9jvPsJ
chLtsSteb48Fi14Q2g6b8Ia8Jpe3bdXSqZgvrn2btepHLXNFo/SVU3PeWPiMxo6T
LoU2FUcstdOAwNVu0Z4QXlsp6HaMC0740LSuNjGI/LKZi4NBQfd/3a4rcf6GUR7Y
9U2Sti98UaB3E4Lodu1PITIjlOJtYGxwYiHmk/+vft49
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:14:17 2025 by rpki-client