Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: eYrV7XUnP9A4sZFRKRqIPuYA9boOcdDILMh5CYLX1nY=
Subject key identifier: 34:A1:5F:E4:99:67:CB:E6:AD:BD:06:53:06:AB:8E:41:0B:BE:74:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24E9FBDCA70A35B9CCA109311E8F5DF698772EE5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Mon 17 Mar 2025 15:40:25 +0000
ROA not before: Mon 17 Mar 2025 15:40:25 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e9:fb:dc:a7:0a:35:b9:cc:a1:09:31:1e:8f:5d:f6:98:77:2e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:25 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:29:44:cd:e0:74:37:05:c4:b2:e2:b8:8b:fd:
33:be:55:ad:30:7a:05:be:63:eb:d5:a8:a0:c4:a8:
8b:30:8d:d0:b8:cc:a3:33:f0:2e:f1:f3:17:d3:08:
0d:08:5a:10:5d:2b:2b:61:ad:f3:68:62:c5:8b:cd:
00:e6:29:9d:ad:0f:49:8f:c2:a8:97:6a:66:61:7b:
64:75:5e:4c:7d:ed:7f:0e:b5:eb:3a:30:24:0e:40:
e7:1f:28:e8:e4:20:36:32:b2:27:9d:92:0f:71:89:
d7:60:46:98:56:72:17:12:21:4f:1a:4f:69:9c:ac:
68:9a:cf:bb:26:4a:33:4d:85:66:f5:7e:0d:02:a0:
00:33:95:d6:10:fc:6d:c0:b1:66:5c:fb:4a:40:1e:
5b:0a:79:eb:3b:81:8d:fa:5f:28:ac:27:3e:2e:a6:
fc:6e:66:88:31:48:08:77:6a:d7:e3:ac:dc:e7:67:
4c:ea:87:0d:fc:12:33:22:56:c0:4f:de:45:75:32:
88:cd:2f:63:a7:9a:b0:f2:f1:fc:23:d9:b3:d2:68:
1c:b1:ac:74:40:57:7f:d4:71:b6:4c:0a:fd:6b:77:
e0:43:7a:57:14:71:c1:65:a2:ae:77:bd:15:1f:94:
b4:9f:2b:77:a5:07:68:78:e1:99:6b:0d:e6:3f:eb:
af:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A1:5F:E4:99:67:CB:E6:AD:BD:06:53:06:AB:8E:41:0B:BE:74:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
72:43:ca:cc:d6:a4:78:36:79:56:14:fe:00:68:5d:27:f7:3b:
84:df:8c:7e:45:f0:59:24:3c:e0:69:54:17:dc:27:c5:8c:12:
cc:e1:5f:3d:e7:24:da:59:e2:fc:db:16:c4:2e:25:cd:ba:67:
29:a1:f5:e5:04:16:45:45:84:32:f4:17:cc:b4:b6:b1:d2:7a:
08:61:9d:9f:db:5f:93:4a:52:fa:5a:65:a9:88:d7:58:ca:f0:
e7:50:f8:ac:7d:64:3b:f1:13:d9:b6:55:37:2b:66:ab:a4:9c:
b5:21:2b:4e:00:b6:01:43:67:e4:69:1f:5a:cc:b2:d9:7b:a6:
cc:c9:09:c8:9c:db:3d:11:99:e5:57:5c:03:e8:19:5f:01:63:
c0:93:4d:1d:68:d2:fa:1b:1e:16:05:5e:3c:17:ad:d0:55:de:
06:c9:ce:98:ff:71:1e:20:94:53:e7:dd:da:59:b0:ba:7b:d3:
db:ca:b9:96:a7:c3:0d:da:06:7d:67:b2:67:95:e9:ab:e7:f7:
ce:f8:4e:83:d1:61:67:ca:1a:b5:de:bb:34:cc:fe:12:28:a9:
75:56:4d:d8:20:fe:4e:68:87:b6:b6:09:0a:83:9a:81:3b:b8:
20:77:9a:d2:cc:40:2a:14:ce:63:0e:6b:99:d1:72:25:e0:26:
95:49:08:69
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJOn73KcKNbnMoQkxHo9d9ph3LuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwMjVaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5N2M5ZGU5OGMxYTNlMzgxZjk2MDEwODYzOTcxNDdiNWE0NDNkMTQ0NTFk
NzI3MGM4ZTdmMTc5ZDM2ZmY2ZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALspRM3gdDcFxLLiuIv9M75VrTB6Bb5j69WooMSoizCN0LjMozPwLvHzF9MI
DQhaEF0rK2Gt82hixYvNAOYpna0PSY/CqJdqZmF7ZHVeTH3tfw616zowJA5A5x8o
6OQgNjKyJ52SD3GJ12BGmFZyFxIhTxpPaZysaJrPuyZKM02FZvV+DQKgADOV1hD8
bcCxZlz7SkAeWwp56zuBjfpfKKwnPi6m/G5miDFICHdq1+Os3OdnTOqHDfwSMyJW
wE/eRXUyiM0vY6easPLx/CPZs9JoHLGsdEBXf9RxtkwK/Wt34EN6VxRxwWWirne9
FR+UtJ8rd6UHaHjhmWsN5j/rrxkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ0oV/k
mWfL5q29BlMGq45BC750gDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAckPKzNakeDZ5VhT+AGhdJ/c7hN+MfkXwWSQ84GlU
F9wnxYwSzOFfPeck2lni/NsWxC4lzbpnKaH15QQWRUWEMvQXzLS2sdJ6CGGdn9tf
k0pS+lplqYjXWMrw51D4rH1kO/ET2bZVNytmq6SctSErTgC2AUNn5GkfWsyy2Xum
zMkJyJzbPRGZ5VdcA+gZXwFjwJNNHWjS+hseFgVePBet0FXeBsnOmP9xHiCUU+fd
2lmwunvT28q5lqfDDdoGfWeyZ5Xpq+f3zvhOg9FhZ8oatd67NMz+EiipdVZN2CD+
TmiHtrYJCoOagTu4IHea0sxAKhTOYw5rmdFyJeAmlUkIaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:07 2025 by rpki-client