Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa
File: 1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa (raw, json)
Hash identifier: NyHWq3XZ8TUIu6Qvw2UHmaZxGdGRLq5B7RLxpuOzeLs=
Subject key identifier: 96:01:B7:33:1B:4B:59:35:EF:0F:D4:A0:68:88:BE:98:24:6B:28:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75A1FFAFD517A70FBB11A0696916666EF046965A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1020::/43 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:a1:ff:af:d5:17:a7:0f:bb:11:a0:69:69:16:66:6e:f0:46:96:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d7:ba:52:82:d2:41:1d:04:21:3d:c7:47:77:
a5:4c:bd:5f:00:dc:1e:de:1e:46:43:82:2a:01:ef:
a9:f8:61:71:b8:77:2d:e0:22:6d:63:cb:41:0a:30:
61:f0:a5:0f:11:4f:5e:10:fc:ac:39:10:d3:63:06:
b5:7c:2a:1a:09:10:e6:09:6b:01:36:3a:c6:66:3b:
71:d2:72:4a:ec:ba:f1:41:54:f4:64:0d:54:0c:48:
79:ed:bb:e9:f0:88:22:93:26:b9:07:e1:cc:25:ec:
03:44:7d:d8:2a:5c:04:7f:df:70:72:ac:61:b9:33:
87:48:b2:c5:ba:e9:d1:2c:ce:69:51:43:85:48:26:
d1:69:7c:57:c1:bd:08:71:42:c7:e5:dd:f4:d0:9a:
02:5a:48:33:61:c5:2f:68:99:e0:ad:9c:17:6b:fe:
dd:5c:80:fb:12:ec:8e:e4:bf:90:17:8c:ad:4d:b4:
af:0a:2a:51:1c:a9:57:ea:4e:95:ad:9a:77:6d:e8:
cc:e5:78:48:03:6a:e4:6a:45:65:fe:46:b2:25:0d:
81:86:fb:70:ab:9e:19:1b:90:3c:5c:89:1b:54:c9:
ab:d0:33:9e:3f:e9:ec:63:27:d6:f0:58:6d:11:f5:
63:d3:c6:a1:86:09:63:8f:d5:4b:74:85:17:67:b5:
ce:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:01:B7:33:1B:4B:59:35:EF:0F:D4:A0:68:88:BE:98:24:6B:28:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1020::/43
Signature Algorithm: sha256WithRSAEncryption
85:49:94:88:d6:04:c3:5c:06:5e:40:7f:bd:24:9d:66:85:7b:
4c:66:23:f5:53:8f:a9:89:f0:6d:f4:1b:91:98:12:55:c9:f0:
37:d5:4f:8f:dc:b9:91:10:6c:07:bf:da:07:55:46:be:25:58:
90:fc:a9:04:83:c0:28:0c:e1:82:ac:38:d8:5b:d1:5a:c7:0a:
5f:3b:ae:64:7a:f4:96:3a:7e:db:8e:7b:d6:ce:82:43:7a:21:
99:25:15:d9:5f:98:bc:af:aa:84:22:b9:80:14:83:8a:51:6e:
6b:bc:84:ff:b3:24:5d:09:b8:9e:44:f6:1b:b5:14:07:2d:10:
f4:39:4f:9c:c1:3c:8c:f4:61:d5:7b:db:ca:a9:86:dc:62:8c:
4c:8e:95:bc:a8:c7:19:5e:b1:ed:b0:4e:7d:af:1e:3f:f1:ae:
8d:70:64:ed:c5:a1:db:b6:f1:46:ba:11:10:d7:33:32:8e:89:
97:81:71:7b:5d:15:b4:1b:e6:ab:72:bf:30:09:5e:9b:e7:6a:
2d:2d:be:e0:5f:33:b7:ff:75:9b:1e:bb:59:f1:ff:b2:db:7e:
ff:7d:5e:bd:cf:c3:66:ed:9f:71:90:c7:08:35:d5:8f:21:2b:
7f:0b:89:f7:31:2a:ce:5d:35:3c:14:ee:6e:ed:b7:ce:0b:d3:
bd:b4:f5:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdaH/r9UXpw+7EaBpaRZmbvBGllowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NjFkYjRkNWI5NTRkNzMwYzVlMzUwNTFhMTg4MmJhZTcxNmQyNjUyMDcy
ZWYxMWYzMWQ4MTQyMjA5Y2ZmMWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvXulKC0kEdBCE9x0d3pUy9XwDcHt4eRkOCKgHvqfhhcbh3LeAibWPLQQow
YfClDxFPXhD8rDkQ02MGtXwqGgkQ5glrATY6xmY7cdJySuy68UFU9GQNVAxIee27
6fCIIpMmuQfhzCXsA0R92CpcBH/fcHKsYbkzh0iyxbrp0SzOaVFDhUgm0Wl8V8G9
CHFCx+Xd9NCaAlpIM2HFL2iZ4K2cF2v+3VyA+xLsjuS/kBeMrU20rwoqURypV+pO
la2ad23ozOV4SANq5GpFZf5GsiUNgYb7cKueGRuQPFyJG1TJq9Aznj/p7GMn1vBY
bRH1Y9PGoYYJY4/VS3SFF2e1zlcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSWAbcz
G0tZNe8P1KBoiL6YJGsoMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRmYzE0MmYtODBhMC00ZmE5LWE1ODYtYmQ0NWM3N2FjMzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoBBXgQ
IDANBgkqhkiG9w0BAQsFAAOCAQEAhUmUiNYEw1wGXkB/vSSdZoV7TGYj9VOPqYnw
bfQbkZgSVcnwN9VPj9y5kRBsB7/aB1VGviVYkPypBIPAKAzhgqw42FvRWscKXzuu
ZHr0ljp+24571s6CQ3ohmSUV2V+YvK+qhCK5gBSDilFua7yE/7MkXQm4nkT2G7UU
By0Q9DlPnME8jPRh1XvbyqmG3GKMTI6VvKjHGV6x7bBOfa8eP/GujXBk7cWh27bx
RroRENczMo6Jl4Fxe10VtBvmq3K/MAlem+dqLS2+4F8zt/91mx67WfH/stt+/31e
vc/DZu2fcZDHCDXVjyErfwuJ9zEqzl01PBTubu23zgvTvbT15A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:38 2025 by rpki-client