Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: eXiTprMKMr6VeBEtjKMRgeK3lrX6fAsR+dcJhu2ZwHY=
Subject key identifier: E8:D3:8D:4D:05:FB:CA:ED:EB:6B:25:62:88:06:4C:DD:6C:9A:4C:F4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 436C2BE5DBF828E411AFE494E782252F816B5C6E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:6c:2b:e5:db:f8:28:e4:11:af:e4:94:e7:82:25:2f:81:6b:5c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=4c245a17f7db21c519c034a1a513c6d66e97f2943be1e03e727a6c2181799211, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7d:7e:ff:fd:ec:a9:f5:8f:f9:f3:50:d1:53:
c9:b9:82:e4:26:ee:3d:51:f0:cf:f2:87:c2:22:bc:
0a:8a:73:f9:17:9a:3e:de:4f:a0:c0:dd:56:9a:8f:
f4:09:36:9c:20:16:65:fe:c0:97:9c:0d:be:bb:cd:
0c:24:2e:da:2a:ff:3a:ee:e3:8a:bb:8f:4d:39:8e:
6d:6a:84:49:5d:03:7d:77:77:d5:94:f3:06:c9:a0:
da:4d:1f:20:d7:d4:af:65:8a:52:6e:5b:de:3d:ac:
f9:e8:e0:49:dd:f3:0a:b3:a1:fd:25:42:27:ba:36:
3c:ac:06:ad:31:bc:2c:d4:5f:5e:d3:01:63:e0:e0:
69:6d:53:cd:1d:59:b3:63:7b:f0:7f:e2:39:45:f2:
80:14:4a:c5:ce:3b:14:c9:0d:f2:eb:1e:5b:e8:51:
96:29:93:b6:b8:e8:1f:ad:da:0b:50:2f:43:7f:e1:
d1:74:3c:48:8e:82:a4:f8:41:17:59:15:2f:0a:f2:
1d:63:1b:d6:3e:41:89:b8:5d:cb:5c:f1:7f:43:2a:
bf:d3:ce:a8:88:f6:ec:28:47:d2:ea:83:ea:a7:6b:
8a:86:01:63:c8:98:a9:da:9a:2f:49:62:ff:8b:07:
d4:e1:5a:0a:c2:f7:a9:7b:e0:c2:21:97:4c:de:1c:
06:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D3:8D:4D:05:FB:CA:ED:EB:6B:25:62:88:06:4C:DD:6C:9A:4C:F4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:7e:0d:32:a2:6b:6f:ef:b0:04:e7:7b:9e:da:31:c4:65:f2:
53:bc:b4:ec:f0:e6:ea:14:a5:90:2a:5c:eb:91:7f:2b:6b:0f:
5b:b3:02:c4:03:3e:bd:fb:6e:82:6a:e6:78:37:4d:d6:03:f5:
6f:93:31:6d:ab:26:cd:fe:0d:ff:98:35:fb:f7:67:f9:24:15:
1c:5e:2c:02:82:d9:a9:37:9c:4e:fb:20:2c:4f:49:dd:d2:76:
09:66:21:7c:b3:66:e1:c9:bd:f6:fc:35:ef:f5:57:92:75:76:
91:f9:39:f2:fe:80:20:da:20:13:10:5c:8d:40:2e:1a:03:6a:
df:94:29:30:9f:c0:7c:2b:00:1e:cb:ef:00:c8:97:e0:d8:52:
1f:60:54:6f:2f:27:04:8d:15:db:16:83:b7:65:22:94:26:76:
ac:dc:1c:28:e8:90:16:2c:43:ac:eb:67:36:7d:e5:a2:08:ba:
2d:15:d9:42:07:16:f2:b3:de:7d:85:33:b7:13:ac:15:da:88:
09:02:99:f3:fd:2d:3e:48:62:f1:20:07:64:28:b4:12:78:35:
94:8c:ed:dd:8a:d0:55:95:03:bd:70:64:58:67:ab:c8:2c:ae:
ce:11:ae:c0:e4:88:b1:32:c1:a2:88:3e:09:d9:25:ca:63:be:
0b:17:f6:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ2wr5dv4KOQRr+SU54IlL4FrXG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMjQ1YTE3ZjdkYjIxYzUxOWMwMzRhMWE1MTNjNmQ2NmU5N2YyOTQzYmUx
ZTAzZTcyN2E2YzIxODE3OTkyMTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp9fv/97Kn1j/nzUNFTybmC5CbuPVHwz/KHwiK8Copz+ReaPt5PoMDdVpqP
9Ak2nCAWZf7Al5wNvrvNDCQu2ir/Ou7jiruPTTmObWqESV0DfXd31ZTzBsmg2k0f
INfUr2WKUm5b3j2s+ejgSd3zCrOh/SVCJ7o2PKwGrTG8LNRfXtMBY+DgaW1TzR1Z
s2N78H/iOUXygBRKxc47FMkN8useW+hRlimTtrjoH63aC1AvQ3/h0XQ8SI6CpPhB
F1kVLwryHWMb1j5Bibhdy1zxf0Mqv9POqIj27ChH0uqD6qdrioYBY8iYqdqaL0li
/4sH1OFaCsL3qXvgwiGXTN4cBr8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTo041N
BfvK7etrJWKIBkzdbJpM9DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQA/fg0yomtv77AE53ue2jHEZfJTvLTs8ObqFKWQKlzr
kX8raw9bswLEAz69+26CauZ4N03WA/VvkzFtqybN/g3/mDX792f5JBUcXiwCgtmp
N5xO+yAsT0nd0nYJZiF8s2bhyb32/DXv9VeSdXaR+Tny/oAg2iATEFyNQC4aA2rf
lCkwn8B8KwAey+8AyJfg2FIfYFRvLycEjRXbFoO3ZSKUJnas3Bwo6JAWLEOs62c2
feWiCLotFdlCBxbys959hTO3E6wV2ogJApnz/S0+SGLxIAdkKLQSeDWUjO3ditBV
lQO9cGRYZ6vILK7OEa7A5IixMsGiiD4J2SXKY74LF/an
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:29 2025 by rpki-client