Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: tHZpScR8v2iA9G6idURo6FPmGqFNEgpfpjZ43R9J5vo=
Subject key identifier: 4A:C1:5C:5B:A1:FD:28:0B:E6:5F:06:82:C1:EA:02:41:6E:94:2B:E8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 340E2E79F6EF079125FC372572B52AD4D775DA56
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:0e:2e:79:f6:ef:07:91:25:fc:37:25:72:b5:2a:d4:d7:75:da:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=601e7df770efac052847a5c9725eec00abd405e6c1f7b3e8bdc2331be44df285, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:af:b2:e7:42:ae:44:82:50:ff:4c:c9:6a:
e8:e0:8e:73:f6:c2:28:60:99:25:74:3c:00:5a:79:
c3:f1:f1:6a:5c:a5:ac:3d:9e:06:6b:c5:00:ab:b3:
da:8d:f0:f3:a4:ba:63:ff:56:82:39:30:4c:73:18:
85:d5:a7:19:67:67:2f:9a:ba:03:29:f2:e0:36:82:
30:ed:35:9a:22:09:52:d0:01:53:94:69:e8:c4:d9:
43:6f:14:5c:2c:52:b1:b2:d4:7e:81:20:2e:fd:53:
41:42:b9:4c:12:34:76:77:25:5e:6a:9e:3a:fd:06:
6f:0a:eb:e9:d9:82:b5:fa:52:2d:af:2f:41:f9:6e:
32:04:40:16:2f:ef:5c:03:01:e8:9a:5e:19:f9:6d:
f1:de:02:9c:7e:e3:56:98:29:6e:29:12:40:ed:86:
98:a5:6b:f2:af:cf:65:f0:a5:06:37:34:35:50:a3:
09:c8:a7:5c:20:63:7b:e0:db:d4:80:18:3f:2d:ec:
b7:b8:a0:61:8a:35:7a:df:c5:54:61:1e:e7:24:07:
9a:11:9a:45:06:42:18:68:44:82:60:f9:4f:28:1e:
2c:12:57:bd:b0:3f:cd:2d:9e:d3:44:e3:2c:8c:4f:
cf:57:7f:15:b3:2f:35:4e:b3:71:12:8c:a1:a6:c8:
77:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C1:5C:5B:A1:FD:28:0B:E6:5F:06:82:C1:EA:02:41:6E:94:2B:E8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:7a:63:fb:b6:7c:64:44:b1:ae:70:b0:b6:97:7d:0d:9e:42:
85:4e:51:d9:9d:7f:d9:29:7e:1b:39:32:63:d6:90:b8:32:f1:
8b:f1:b8:23:8b:22:44:bd:af:5a:10:b5:44:27:4b:31:d7:65:
05:32:68:62:8f:bc:33:9c:cf:49:39:48:75:69:15:99:d4:46:
49:7c:a2:9d:49:24:88:57:e9:86:6e:bb:18:46:9f:9e:ff:e6:
91:fb:fe:d7:16:77:a5:78:92:27:a3:d6:bd:6b:e2:8a:b9:96:
9e:1f:87:e9:f4:5e:da:d6:0d:15:43:fa:e8:15:4f:4a:d1:d7:
ea:36:0d:6e:d7:2b:0a:a1:2f:7e:9c:8f:b6:b0:06:24:bd:ed:
02:4b:b0:66:0c:85:93:45:40:69:0e:2e:fb:4f:17:08:0c:cb:
c8:52:ea:65:a5:92:b3:6a:60:c1:f4:18:d5:98:0e:05:75:77:
42:10:a3:74:5a:f1:90:44:92:48:af:ef:d2:fb:7f:cf:8a:22:
b3:8a:23:95:00:ab:b0:40:a0:17:1b:de:7a:ea:75:9d:ca:69:
db:30:5e:41:b1:eb:a3:c2:f4:c9:ce:70:bf:86:9b:fd:df:09:
13:3a:f2:b1:50:97:d8:51:b9:11:41:7e:ee:ed:54:38:8d:03:
8d:c6:84:eb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNA4uefbvB5El/DclcrUq1Nd12lYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMWU3ZGY3NzBlZmFjMDUyODQ3YTVjOTcyNWVlYzAwYWJkNDA1ZTZjMWY3
YjNlOGJkYzIzMzFiZTQ0ZGYyODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlLr7LnQq5EglD/TMlq6OCOc/bCKGCZJXQ8AFp5w/HxalylrD2eBmvFAKuz
2o3w86S6Y/9WgjkwTHMYhdWnGWdnL5q6Ayny4DaCMO01miIJUtABU5Rp6MTZQ28U
XCxSsbLUfoEgLv1TQUK5TBI0dnclXmqeOv0Gbwrr6dmCtfpSLa8vQfluMgRAFi/v
XAMB6JpeGflt8d4CnH7jVpgpbikSQO2GmKVr8q/PZfClBjc0NVCjCcinXCBje+Db
1IAYPy3st7igYYo1et/FVGEe5yQHmhGaRQZCGGhEgmD5TygeLBJXvbA/zS2e00Tj
LIxPz1d/FbMvNU6zcRKMoabId9cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKwVxb
of0oC+ZfBoLB6gJBbpQr6DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQDBemP7tnxkRLGucLC2l30NnkKFTlHZnX/ZKX4bOTJj
1pC4MvGL8bgjiyJEva9aELVEJ0sx12UFMmhij7wznM9JOUh1aRWZ1EZJfKKdSSSI
V+mGbrsYRp+e/+aR+/7XFneleJIno9a9a+KKuZaeH4fp9F7a1g0VQ/roFU9K0dfq
Ng1u1ysKoS9+nI+2sAYkve0CS7BmDIWTRUBpDi77TxcIDMvIUuplpZKzamDB9BjV
mA4FdXdCEKN0WvGQRJJIr+/S+3/PiiKziiOVAKuwQKAXG9566nWdymnbMF5Bseuj
wvTJznC/hpv93wkTOvKxUJfYUbkRQX7u7VQ4jQONxoTr
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:59 2025 by rpki-client