Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
File: 0481d995-4a3d-4e25-8d0e-33271809f9a9.roa (raw, json)
Hash identifier: tGTr5+aWTDkVwee+3tGSA45C1z0UhvR3/E2N5NUkwkw=
Subject key identifier: DC:F0:F4:51:80:53:59:35:4C:E4:F5:E3:BF:5D:86:3B:01:FD:E5:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F7F9698FF25A13C5104DAFEDCB99A66A7F7C0A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:7f:96:98:ff:25:a1:3c:51:04:da:fe:dc:b9:9a:66:a7:f7:c0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:41:2a:cf:76:5d:dc:0f:d8:ea:da:96:16:91:
4c:45:92:bf:4a:d9:a2:96:48:75:6c:6e:a9:13:a2:
eb:cc:17:1f:34:5e:95:7f:5e:14:be:7b:6e:c7:d8:
21:ef:ba:50:95:53:1c:36:a0:7e:4f:b3:9c:66:6a:
54:d5:91:f5:9a:93:5e:0c:c7:fe:c8:fb:25:d6:b2:
22:cc:1f:09:29:71:56:ef:da:06:bd:ae:38:69:2e:
ca:87:dd:55:96:d6:72:45:e3:83:3a:ee:ff:dc:48:
63:42:ff:f2:ee:70:4f:ae:13:36:3b:ee:06:d5:d1:
19:4b:12:e1:dc:ca:c2:66:0a:c7:c6:d6:e7:0b:66:
49:47:2a:87:de:a5:51:d9:0e:55:33:84:a4:43:3a:
26:01:24:86:af:ca:7d:de:9b:b9:4c:21:a6:f6:f6:
e5:8f:dc:e7:59:82:e6:80:8f:a0:95:32:4e:96:f7:
f1:73:70:53:77:a6:ed:67:99:ab:ca:7e:de:6a:d4:
c7:24:28:09:ff:72:be:3e:22:da:82:01:0e:29:a7:
82:01:ae:fc:f3:49:49:fd:48:4e:71:32:f4:a2:4f:
1e:39:e1:8c:6a:da:08:f1:12:0d:0d:8a:7b:0c:12:
01:0e:16:51:c3:e2:e4:f9:ea:5b:a4:96:2b:d6:35:
ad:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F0:F4:51:80:53:59:35:4C:E4:F5:E3:BF:5D:86:3B:01:FD:E5:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:66:d1:10:b7:48:b5:38:e6:05:f8:61:8e:aa:b8:66:21:80:
bc:26:07:59:32:20:b0:17:83:63:a3:35:37:63:9e:b3:6d:10:
05:86:be:43:dd:63:17:4a:83:9d:2f:84:06:26:b6:89:69:48:
72:eb:2a:0a:1d:be:d7:5f:52:8f:be:bb:28:8c:0b:a4:cb:57:
89:e0:4b:76:2b:41:69:3d:7a:6a:6d:0e:da:51:df:16:7d:46:
5e:d4:6e:68:5c:75:99:8d:9d:c3:58:4d:e1:6d:90:fc:56:30:
07:73:62:eb:f4:bc:4c:8b:b5:9b:52:bc:79:47:ce:81:bd:a3:
e7:db:df:c9:a6:48:55:d1:93:1e:04:7a:6f:d1:2c:21:4d:5f:
b1:b6:4f:b0:dc:da:40:28:d7:3b:6b:b6:df:03:d8:13:4b:8a:
c2:fe:52:aa:d2:db:59:35:56:90:99:a7:6c:d2:ee:6c:c2:c7:
5f:1a:82:f2:59:10:1d:d7:cd:30:24:f8:e3:88:1a:84:95:8c:
33:e6:2b:8a:38:f9:57:b3:31:e3:6d:9c:3a:a6:08:b4:47:f4:
b6:cd:37:c4:7f:99:56:77:b8:2f:ea:81:34:ca:8e:f1:db:fe:
b7:31:50:c5:bd:0d:0f:a3:ca:5e:94:be:db:8a:80:82:1a:66:
e5:d4:b6:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL3+WmP8loTxRBNr+3LmaZqf3wKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNjI5N2ZiMDVkNGUyOTcyZDgxY2JkZTViYzlhNGYyMmQ1M2JhODhhYmFi
OWM4Y2I5NzIzNmU0NTM5YzZiZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOZBKs92XdwP2OralhaRTEWSv0rZopZIdWxuqROi68wXHzRelX9eFL57bsfY
Ie+6UJVTHDagfk+znGZqVNWR9ZqTXgzH/sj7JdayIswfCSlxVu/aBr2uOGkuyofd
VZbWckXjgzru/9xIY0L/8u5wT64TNjvuBtXRGUsS4dzKwmYKx8bW5wtmSUcqh96l
UdkOVTOEpEM6JgEkhq/Kfd6buUwhpvb25Y/c51mC5oCPoJUyTpb38XNwU3em7WeZ
q8p+3mrUxyQoCf9yvj4i2oIBDimnggGu/PNJSf1ITnEy9KJPHjnhjGraCPESDQ2K
ewwSAQ4WUcPi5PnqW6SWK9Y1rSMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTc8PRR
gFNZNUzk9eO/XYY7Af3lVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDQ4MWQ5OTUtNGEzZC00ZTI1LThkMGUtMzMyNzE4MDlmOWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQA+ZtEQt0i1OOYF+GGOqrhmIYC8JgdZMiCwF4NjozU3
Y56zbRAFhr5D3WMXSoOdL4QGJraJaUhy6yoKHb7XX1KPvrsojAuky1eJ4Et2K0Fp
PXpqbQ7aUd8WfUZe1G5oXHWZjZ3DWE3hbZD8VjAHc2Lr9LxMi7WbUrx5R86BvaPn
29/JpkhV0ZMeBHpv0SwhTV+xtk+w3NpAKNc7a7bfA9gTS4rC/lKq0ttZNVaQmads
0u5swsdfGoLyWRAd180wJPjjiBqElYwz5iuKOPlXszHjbZw6pgi0R/S2zTfEf5lW
d7gv6oE0yo7x2/63MVDFvQ0Po8pelL7bioCCGmbl1LZV
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:49:34 2025 by rpki-client