Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: qC+VJflsgINgABad/IT/P1q2qfyodK4JLn8LX7oA6f8=
Subject key identifier: B1:AC:C7:C8:86:AF:44:40:45:53:AE:FA:7A:7F:3E:5C:57:9C:48:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4FC1E1E6B9BA95ED45A2FC3EBAF625CA1A4F61CB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Wed 05 Mar 2025 17:51:29 +0000
ROA not before: Wed 05 Mar 2025 17:51:29 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c1:e1:e6:b9:ba:95:ed:45:a2:fc:3e:ba:f6:25:ca:1a:4f:61:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:29 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:d7:49:25:06:16:42:b2:6b:92:8a:be:6a:
6b:fa:40:4a:be:22:4e:0c:5f:6c:3b:08:d3:13:1e:
31:0e:c4:ec:5b:af:38:1d:5d:3b:e6:22:30:18:93:
6d:01:b0:f1:fd:cf:6a:65:83:43:2a:3f:ec:2f:06:
13:88:38:46:6f:2e:b0:f8:94:93:7e:40:fc:36:f0:
5f:0b:3d:d6:ac:02:a3:f0:43:92:e4:8a:e8:3f:e8:
79:97:ca:d1:e7:c6:41:b3:27:5e:a1:eb:db:4d:64:
ec:fd:eb:b6:7e:e5:10:ff:aa:e2:22:4b:20:b5:63:
fe:2f:bb:6f:e2:09:44:d2:8e:78:26:e3:08:52:1b:
c0:bb:f3:e3:67:2e:29:a1:3c:2b:00:2e:0a:03:bd:
cd:ea:6e:ec:e5:90:27:37:41:78:8b:82:20:82:40:
bf:4f:a1:86:60:ef:81:b8:94:43:e7:a2:ba:ce:f8:
ae:8f:a2:44:4e:1e:11:f2:3a:3f:03:6b:79:f4:3c:
f2:e2:d5:f7:cd:2d:37:3c:77:6e:ea:9a:26:bd:b6:
1e:1d:a6:c6:f3:7a:7a:1e:0b:9e:e7:30:0e:79:dd:
ff:ec:9a:a2:ad:a1:f6:91:30:4b:14:ad:8e:ec:1c:
62:08:cb:00:e7:28:75:ac:87:8d:32:44:63:01:64:
42:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AC:C7:C8:86:AF:44:40:45:53:AE:FA:7A:7F:3E:5C:57:9C:48:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:ce:3a:15:cb:fe:62:b4:7b:e2:66:3e:eb:68:79:ad:81:05:
1a:c9:af:3e:f7:bb:9d:63:1b:fa:81:1a:ce:df:a0:d5:7e:ac:
44:c3:e2:1c:cb:25:60:e1:6e:e7:44:a7:d3:65:17:8b:0f:e5:
25:e4:72:51:db:a3:b7:bc:00:19:ad:c7:65:5b:1f:0f:2c:9a:
9a:69:17:3f:de:47:7d:3b:17:08:6c:56:c6:23:b3:16:b8:f4:
78:02:11:4a:7f:94:9d:20:0a:74:d2:ae:81:51:34:ea:82:e8:
df:20:62:ea:dc:26:d3:b2:fb:43:94:9c:a2:0e:ba:0a:67:94:
ef:6b:f4:a1:f9:ac:7d:5e:20:21:2e:9a:32:f9:f1:4d:0c:5b:
90:7b:29:af:48:a7:80:c8:2d:3a:78:fa:5d:d0:ef:ab:5c:5b:
43:15:3f:a2:08:f4:31:eb:9b:2a:5a:e8:2a:66:82:f8:e7:da:
43:21:48:f1:9f:4b:d5:26:15:aa:09:a1:09:24:de:3f:0d:7c:
40:fa:58:5c:c0:92:f8:69:2e:21:38:58:f7:36:5d:8a:78:66:
15:93:6e:c2:0d:1e:38:da:0b:dd:f4:05:8e:75:0f:39:4f:63:
39:46:a8:91:27:ed:bb:7d:d1:94:70:13:52:ac:4a:b0:b4:08:
e1:9d:43:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT8Hh5rm6le1Fovw+uvYlyhpPYcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMjlaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyODdlZWFkM2FhZDYwOTlkYWRmODdhMmU1ZTBjMTQ0YTQ2YTdiZmQzNWNh
OGRlNGNiYjM1NzQwMmQwNGRmMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjA10klBhZCsmuSir5qa/pASr4iTgxfbDsI0xMeMQ7E7FuvOB1dO+YiMBiT
bQGw8f3PamWDQyo/7C8GE4g4Rm8usPiUk35A/DbwXws91qwCo/BDkuSK6D/oeZfK
0efGQbMnXqHr201k7P3rtn7lEP+q4iJLILVj/i+7b+IJRNKOeCbjCFIbwLvz42cu
KaE8KwAuCgO9zepu7OWQJzdBeIuCIIJAv0+hhmDvgbiUQ+eius74ro+iRE4eEfI6
PwNrefQ88uLV980tNzx3buqaJr22Hh2mxvN6eh4LnucwDnnd/+yaoq2h9pEwSxSt
juwcYgjLAOcodayHjTJEYwFkQlcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSxrMfI
hq9EQEVTrvp6fz5cV5xIGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQDHzjoVy/5itHviZj7raHmtgQUaya8+97udYxv6gRrO
36DVfqxEw+IcyyVg4W7nRKfTZReLD+Ul5HJR26O3vAAZrcdlWx8PLJqaaRc/3kd9
OxcIbFbGI7MWuPR4AhFKf5SdIAp00q6BUTTqgujfIGLq3CbTsvtDlJyiDroKZ5Tv
a/Sh+ax9XiAhLpoy+fFNDFuQeymvSKeAyC06ePpd0O+rXFtDFT+iCPQx65sqWugq
ZoL459pDIUjxn0vVJhWqCaEJJN4/DXxA+lhcwJL4aS4hOFj3Nl2KeGYVk27CDR44
2gvd9AWOdQ85T2M5RqiRJ+27fdGUcBNSrEqwtAjhnUMG
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:02:17 2025 by rpki-client