Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
File: 1dff7204-d968-4bb7-8e61-2db8925bf33e.roa (raw, json)
Hash identifier: UuKBW1zBw9mQur86XXzlNYjmEu0n618ZG/r62VqewGo=
Subject key identifier: 26:33:09:63:BF:6C:D9:8D:C1:46:C6:3D:D9:10:85:A3:93:08:01:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 220D54A3EB7739C4B50EC0B6E9219F84FDE48E07
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0d:54:a3:eb:77:39:c4:b5:0e:c0:b6:e9:21:9f:84:fd:e4:8e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:58:fd:e1:56:74:51:04:64:a9:00:43:a9:
73:d3:f2:47:d8:26:0e:12:70:73:57:54:5c:24:3e:
62:aa:a3:cc:1d:d2:16:15:8e:7c:b2:b8:c0:5b:0c:
5e:5c:aa:a7:24:66:94:19:b5:9a:0f:35:5e:21:ea:
17:82:f7:4d:97:04:6e:9b:43:5f:31:53:0e:2a:0b:
34:ab:16:a8:3a:64:6d:66:0f:1b:42:ab:d7:73:dd:
2b:7c:72:64:8c:de:3c:75:a7:65:9c:f5:4d:c3:b0:
cb:3b:06:5b:60:c9:4f:de:31:01:e0:78:b0:4c:f0:
72:e4:59:e7:64:63:2e:9b:96:66:3e:05:92:78:7e:
85:33:86:b1:4e:86:e3:05:e4:13:21:0c:88:15:5e:
d9:ca:cc:19:1e:b6:ad:ea:11:98:07:ed:89:6b:10:
2b:30:df:b4:82:1c:4d:a2:76:ab:e8:72:aa:73:81:
eb:df:f0:3e:18:e0:87:5a:25:6f:ed:3b:0a:06:b7:
0e:85:96:a6:03:7d:7f:62:93:87:a9:2e:02:0e:05:
a2:c2:02:9b:e7:d6:29:f2:6c:78:8e:52:0d:da:74:
b0:45:70:f3:69:29:44:bf:57:dd:d2:1e:ec:b7:5c:
f9:e3:7b:b3:15:0d:fd:48:09:67:b9:08:10:a9:fa:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:33:09:63:BF:6C:D9:8D:C1:46:C6:3D:D9:10:85:A3:93:08:01:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:13:f5:13:49:06:76:c4:ec:99:0d:c5:6f:a7:0e:ee:96:c1:
0c:68:ad:ab:31:e4:71:6f:9b:1f:5c:13:ac:c2:02:32:3a:44:
95:3d:22:b4:3d:ef:5f:83:f7:e5:fb:c4:f4:e9:0f:b0:92:bd:
a1:f6:e9:e5:b7:43:78:7b:0f:fd:1b:d0:4e:e1:b3:e1:3a:ab:
e2:ed:7d:76:ad:04:92:f0:6d:ce:59:95:0f:be:bf:da:16:6a:
18:82:90:a6:3e:10:90:37:ac:26:80:d9:ee:f8:84:f7:91:4b:
3f:56:c2:57:75:3c:5f:a0:ac:02:8e:17:73:a4:9b:ef:2e:08:
9d:5a:3b:bd:0f:6a:fb:2c:db:0f:f7:50:ad:76:b1:ce:07:1f:
88:d1:cb:21:c0:99:3d:df:29:fd:12:15:35:83:6d:5c:05:97:
36:f5:64:5d:58:77:fc:d3:ff:bc:31:43:d6:91:98:72:89:4a:
d6:d8:19:96:7c:19:70:47:6e:2f:f7:0b:08:83:dd:0e:32:19:
7c:da:ab:bd:bb:cb:68:df:d7:0a:d2:00:77:9c:30:06:c3:37:
9b:6a:d2:31:1c:5e:5b:38:5f:d8:6a:ef:44:d3:9b:99:2a:f6:
b8:2d:8a:cc:d4:9b:cd:3a:9e:8a:ff:f1:ff:5b:47:83:f7:d0:
82:d0:9a:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIg1Uo+t3OcS1DsC26SGfhP3kjgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkYjZlOTU5OGI5NzYwZTFlMGI1MzkxOTAzNzQwYTczN2MxYjgwZmZjZGIx
NTUwZmRjMThjZTM2MmJjNWFhYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLzWP3hVnRRBGSpAEOpc9PyR9gmDhJwc1dUXCQ+YqqjzB3SFhWOfLK4wFsM
XlyqpyRmlBm1mg81XiHqF4L3TZcEbptDXzFTDioLNKsWqDpkbWYPG0Kr13PdK3xy
ZIzePHWnZZz1TcOwyzsGW2DJT94xAeB4sEzwcuRZ52RjLpuWZj4Fknh+hTOGsU6G
4wXkEyEMiBVe2crMGR62reoRmAftiWsQKzDftIIcTaJ2q+hyqnOB69/wPhjgh1ol
b+07Cga3DoWWpgN9f2KTh6kuAg4FosICm+fWKfJseI5SDdp0sEVw82kpRL9X3dIe
7Ldc+eN7sxUN/UgJZ7kIEKn6gZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmMwlj
v2zZjcFGxj3ZEIWjkwgBDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRmZjcyMDQtZDk2OC00YmI3LThlNjEtMmRiODkyNWJmMzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAQE/UTSQZ2xOyZDcVvpw7ulsEMaK2rMeRxb5sfXBOs
wgIyOkSVPSK0Pe9fg/fl+8T06Q+wkr2h9unlt0N4ew/9G9BO4bPhOqvi7X12rQSS
8G3OWZUPvr/aFmoYgpCmPhCQN6wmgNnu+IT3kUs/VsJXdTxfoKwCjhdzpJvvLgid
Wju9D2r7LNsP91CtdrHOBx+I0cshwJk93yn9EhU1g21cBZc29WRdWHf80/+8MUPW
kZhyiUrW2BmWfBlwR24v9wsIg90OMhl82qu9u8to39cK0gB3nDAGwzebatIxHF5b
OF/Yau9E05uZKva4LYrM1JvNOp6K//H/W0eD99CC0JrT
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:36:44 2025 by rpki-client