Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
File: 1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa (raw, json)
Hash identifier: /rHaDpVniAZRIQeHUwjvPO/poEC3B9rOsLIPBwrY8fI=
Subject key identifier: 6F:02:37:0A:33:B6:91:8B:AE:14:5E:5D:4F:1D:EA:8C:20:B0:72:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ACDE6D9D421D230AA55B2F7A587F90CACC13F2F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:cd:e6:d9:d4:21:d2:30:aa:55:b2:f7:a5:87:f9:0c:ac:c1:3f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:d7:06:2c:dd:86:af:1f:d9:ed:76:28:8d:
70:73:51:2a:14:54:1b:b5:e1:96:aa:fa:5e:1e:44:
70:80:ad:90:f2:ec:ae:a7:0c:a7:e5:cc:6c:a0:1d:
a4:5d:7f:c4:38:38:be:f2:18:c4:db:ec:60:a2:f8:
b0:96:e3:ea:3c:89:56:c6:c1:77:74:be:69:b9:0e:
79:2c:02:ec:8e:80:68:43:77:05:ef:40:5d:d2:ab:
f6:1d:3e:03:f0:ea:40:7a:13:42:a4:14:24:3e:45:
63:25:d1:a0:4f:39:62:0b:21:b5:cf:04:f0:b1:45:
a7:59:91:d3:63:db:f4:db:3c:c4:cf:fe:76:cd:1f:
8e:36:d2:72:5e:28:42:06:7a:f6:95:bb:4f:28:dc:
54:f8:cb:67:04:83:28:94:4d:6b:6f:cf:43:86:61:
2a:c3:9c:3b:70:77:60:e6:e3:70:28:39:9f:90:72:
9a:05:b1:4a:51:f8:b6:03:9e:f7:ba:eb:b5:76:35:
f6:48:3a:3c:e6:38:60:fb:f6:63:df:f7:f8:e1:13:
8c:c7:6d:c1:ef:9c:b6:5a:00:89:ba:90:a7:d7:09:
c2:5e:c6:92:09:b7:a9:80:99:c0:75:23:e3:3b:36:
2a:07:6a:ae:b8:94:8b:10:82:e9:c4:df:26:44:47:
e4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:02:37:0A:33:B6:91:8B:AE:14:5E:5D:4F:1D:EA:8C:20:B0:72:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:0f:b2:c5:aa:ce:fd:c0:bc:6b:e3:f8:8a:e2:1a:6e:21:f7:
6a:58:42:84:b1:4d:8a:08:62:29:68:e3:9a:7b:6a:8a:e7:58:
2d:61:d7:45:be:7a:f3:d8:7b:38:6d:26:e9:cc:d6:a4:eb:66:
9d:ec:9f:0b:4e:52:17:0b:58:86:2c:6a:29:b1:f4:08:1e:ea:
fb:c7:ca:a0:72:3d:fe:d1:f9:af:74:c2:77:ea:38:bc:86:70:
f2:b0:4b:60:6c:82:ff:9a:94:c6:74:fa:f0:be:14:68:bf:16:
1e:8b:1b:c0:bf:7a:1a:61:ae:ad:c8:93:38:1f:b3:7b:38:b6:
b9:1b:80:87:1a:f4:8b:54:ae:4f:cf:12:b2:2e:a3:ce:ac:0c:
96:f5:50:8d:95:6e:a6:c9:3d:04:30:7c:f0:9d:2d:e7:2b:1e:
64:d7:47:18:05:d5:9b:28:e0:d7:3b:76:48:90:3f:b8:da:17:
5d:3a:3c:7b:20:3d:8f:d5:c7:f8:8b:c2:72:1d:84:ba:6d:4a:
bb:c2:1f:e6:9c:47:de:e5:f0:78:68:05:5f:ee:c3:07:80:17:
82:fe:88:22:7f:08:e1:8b:a8:0d:43:04:a4:e5:88:a5:a8:10:
02:e6:4b:69:31:30:20:43:c7:b1:65:12:fa:a7:2c:fd:1c:f8:
13:1b:7a:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUes3m2dQh0jCqVbL3pYf5DKzBPy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwNTkwYWZkM2MzZWNhZjk1MjFhOTcwMjc2YzFmNGU0NTA5ZTg4MjBiZmE2
NWEzNWRlYzRmYjg0Nzk2MmIxZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhn1wYs3YavH9ntdiiNcHNRKhRUG7Xhlqr6Xh5EcICtkPLsrqcMp+XMbKAd
pF1/xDg4vvIYxNvsYKL4sJbj6jyJVsbBd3S+abkOeSwC7I6AaEN3Be9AXdKr9h0+
A/DqQHoTQqQUJD5FYyXRoE85Ygshtc8E8LFFp1mR02Pb9Ns8xM/+ds0fjjbScl4o
QgZ69pW7TyjcVPjLZwSDKJRNa2/PQ4ZhKsOcO3B3YObjcCg5n5BymgWxSlH4tgOe
97rrtXY19kg6POY4YPv2Y9/3+OETjMdtwe+ctloAibqQp9cJwl7Gkgm3qYCZwHUj
4zs2KgdqrriUixCC6cTfJkRH5BsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRvAjcK
M7aRi64UXl1PHeqMILByZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWI0YWVlYWEtZDZhOC00ODFmLWI2YWEtYmVlMTRmNGU4MGJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQDUD7LFqs79wLxr4/iK4hpuIfdqWEKEsU2KCGIpaOOa
e2qK51gtYddFvnrz2Hs4bSbpzNak62ad7J8LTlIXC1iGLGopsfQIHur7x8qgcj3+
0fmvdMJ36ji8hnDysEtgbIL/mpTGdPrwvhRovxYeixvAv3oaYa6tyJM4H7N7OLa5
G4CHGvSLVK5PzxKyLqPOrAyW9VCNlW6myT0EMHzwnS3nKx5k10cYBdWbKODXO3ZI
kD+42hddOjx7ID2P1cf4i8JyHYS6bUq7wh/mnEfe5fB4aAVf7sMHgBeC/ogifwjh
i6gNQwSk5YilqBAC5ktpMTAgQ8exZRL6pyz9HPgTG3qQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:35:56 2025 by rpki-client