Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: MDrYUKboOk66vLb5K7u/C6oPYvZwGijlVkT77yk66WE=
Subject key identifier: 72:BD:55:88:F3:28:97:57:D1:B4:36:7E:6D:D2:01:79:42:90:31:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7659BD48C870C72080177B1FA030AF10A677E896
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:59:bd:48:c8:70:c7:20:80:17:7b:1f:a0:30:af:10:a6:77:e8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=290adf42166405d4117e08da169d09d5594004e2aa7a7feb48b1b531a1f18750, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1c:58:25:47:e7:28:37:d6:a6:71:c8:2e:01:
9d:36:c9:b1:83:58:04:a6:32:d1:92:f1:a7:cb:a6:
e5:28:9b:c4:af:d4:45:a5:b6:14:30:3e:19:4f:52:
87:82:a8:40:1d:32:18:08:c0:ab:a7:14:ea:1f:62:
fa:3f:52:cc:bd:82:b8:33:e2:cd:98:90:3c:2a:2d:
19:3d:84:93:be:a6:80:39:7d:9a:c4:a4:c8:9d:de:
2a:a5:b3:70:c4:36:ed:15:4b:1e:ba:c2:bb:40:73:
22:82:fb:fb:d4:b3:6d:8c:53:44:0e:25:0a:15:25:
7f:7d:fb:6e:72:ac:bc:af:f2:f5:30:f5:97:1e:10:
20:a5:22:29:89:48:36:a8:ca:2e:d0:f8:89:eb:7a:
ad:a1:38:4e:67:26:15:c9:64:e6:f5:73:8f:f1:73:
25:04:d0:41:34:e3:52:f0:54:2c:a8:a2:8a:17:45:
fe:8d:7e:a3:45:e1:0e:98:d8:59:7c:0f:bd:f4:a0:
8e:cf:10:7e:b1:82:e7:a1:81:1f:a3:e5:34:7a:18:
ee:25:86:89:f5:da:76:e1:3b:6c:c1:f4:46:d1:6c:
cc:d8:57:ac:0e:80:b8:49:25:ff:15:3b:2b:b0:c7:
5d:94:36:92:78:7c:db:80:c4:0d:6d:7a:90:b4:71:
fc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BD:55:88:F3:28:97:57:D1:B4:36:7E:6D:D2:01:79:42:90:31:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:27:ca:9a:43:1c:3b:7e:28:24:e3:ba:27:3c:dc:b0:93:8a:
2e:00:d4:51:3a:c6:7a:84:d2:1e:22:15:1d:8d:fb:ee:97:9c:
30:2f:4f:29:6a:bc:76:01:89:71:2b:e4:6e:df:c5:fe:47:34:
8b:ac:27:82:71:4b:50:94:c8:20:70:ea:27:92:51:c7:e3:9a:
6f:44:47:59:e9:40:a1:cc:22:e4:48:36:a1:a9:bc:6a:47:ac:
89:a8:18:5f:12:f8:e5:ad:f6:02:6d:c4:c6:00:75:70:c1:d9:
35:42:f0:fc:13:d3:d8:1f:89:cc:4d:e3:f6:f0:6d:91:4d:84:
50:b9:36:fd:0a:2f:d3:f4:a6:34:75:a6:8d:80:f3:11:92:63:
f3:b3:91:7b:05:42:43:9b:72:d5:76:a3:3a:13:a5:93:b2:2b:
2a:70:0e:c7:7a:3a:f5:1c:2d:f1:f9:91:d0:fc:36:fb:73:af:
e1:23:c4:1b:7a:33:68:a5:e4:27:ea:c5:2a:fd:55:73:0a:67:
29:8c:2b:3c:2c:bc:2b:ef:82:aa:09:e5:24:b1:82:08:be:2c:
6e:9b:8b:8b:c8:7e:4d:6b:82:ba:ea:fe:aa:45:58:d9:26:6e:
9f:91:b0:80:8f:b1:26:a1:8d:2c:5a:40:0c:83:7e:1e:67:6a:
62:7a:1f:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdlm9SMhwxyCAF3sfoDCvEKZ36JYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MGFkZjQyMTY2NDA1ZDQxMTdlMDhkYTE2OWQwOWQ1NTk0MDA0ZTJhYTdh
N2ZlYjQ4YjFiNTMxYTFmMTg3NTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEcWCVH5yg31qZxyC4BnTbJsYNYBKYy0ZLxp8um5SibxK/URaW2FDA+GU9S
h4KoQB0yGAjAq6cU6h9i+j9SzL2CuDPizZiQPCotGT2Ek76mgDl9msSkyJ3eKqWz
cMQ27RVLHrrCu0BzIoL7+9SzbYxTRA4lChUlf337bnKsvK/y9TD1lx4QIKUiKYlI
NqjKLtD4iet6raE4TmcmFclk5vVzj/FzJQTQQTTjUvBULKiiihdF/o1+o0XhDpjY
WXwPvfSgjs8QfrGC56GBH6PlNHoY7iWGifXaduE7bMH0RtFszNhXrA6AuEkl/xU7
K7DHXZQ2knh824DEDW16kLRx/G0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRyvVWI
8yiXV9G0Nn5t0gF5QpAxaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQBjJ8qaQxw7figk47onPNywk4ouANRROsZ6hNIeIhUd
jfvul5wwL08parx2AYlxK+Ru38X+RzSLrCeCcUtQlMggcOonklHH45pvREdZ6UCh
zCLkSDahqbxqR6yJqBhfEvjlrfYCbcTGAHVwwdk1QvD8E9PYH4nMTeP28G2RTYRQ
uTb9Ci/T9KY0daaNgPMRkmPzs5F7BUJDm3LVdqM6E6WTsisqcA7Hejr1HC3x+ZHQ
/Db7c6/hI8QbejNopeQn6sUq/VVzCmcpjCs8LLwr74KqCeUksYIIvixum4uLyH5N
a4K66v6qRVjZJm6fkbCAj7EmoY0sWkAMg34eZ2pieh+j
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:30 2025 by rpki-client