Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29137037-201e-4aac-bd8f-5d80d0cbcb96.roa
File: 29137037-201e-4aac-bd8f-5d80d0cbcb96.roa (raw, json)
Hash identifier: 2eCHAkQdf78DH5RTPzhpZTw1hcx8V7zpJiCiixT47F8=
Subject key identifier: 19:4D:7B:0D:2C:E6:76:98:F1:58:25:91:FE:57:A2:6F:63:19:EB:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ADE24915BE04984C162002260580B97062CA93C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29137037-201e-4aac-bd8f-5d80d0cbcb96.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:de:24:91:5b:e0:49:84:c1:62:00:22:60:58:0b:97:06:2c:a9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cd:11:fd:dd:30:80:a5:9d:03:1d:86:02:59:
bb:eb:16:3d:e6:77:2a:70:84:08:21:3f:f0:5d:88:
f7:94:20:8b:da:1b:45:c9:d5:bf:e0:fe:f5:38:1d:
58:ff:f4:ce:60:97:56:e8:2b:21:73:ac:d2:ea:81:
0d:cc:7a:29:e3:b6:3b:f4:a2:e5:a8:14:17:61:95:
b7:5a:76:25:d0:e4:20:70:b7:e0:2a:bb:19:00:c2:
6f:66:e9:7b:e4:b1:be:0d:61:76:ef:5d:e6:35:fb:
5e:00:72:09:38:c5:bc:c5:e9:14:fb:74:76:b0:58:
06:2e:65:b6:07:fa:98:0b:aa:e4:86:ad:ca:69:34:
ae:5b:1d:d7:ad:33:3e:3b:a0:ad:07:7e:e8:65:70:
5b:25:ba:15:c4:ea:13:6e:c4:0c:13:65:5d:93:96:
d3:f8:8b:4e:51:d4:e6:5b:e9:5d:7a:15:3d:22:06:
14:00:24:3c:ee:06:96:a7:d0:8d:69:6b:1e:ee:09:
54:c8:35:a4:b4:23:04:c2:de:2c:39:4f:e6:b3:9a:
9b:71:5c:36:56:69:a2:30:25:9b:7c:b2:a4:88:d4:
69:1f:46:40:85:45:c8:17:6e:3a:14:b5:9e:fb:99:
4a:9f:cf:4b:10:a1:8f:6b:84:05:38:40:33:a7:fe:
86:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:4D:7B:0D:2C:E6:76:98:F1:58:25:91:FE:57:A2:6F:63:19:EB:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29137037-201e-4aac-bd8f-5d80d0cbcb96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1100::/40
Signature Algorithm: sha256WithRSAEncryption
35:34:94:f6:ae:a8:42:93:4b:e1:4c:ea:55:de:2a:cc:99:e5:
23:dc:16:1f:bc:5b:36:0d:89:7f:b5:96:1b:e8:67:87:1a:5c:
90:e5:ea:7a:1d:77:22:b1:4e:d9:46:00:62:7d:f1:82:fd:58:
ac:56:e5:d8:cb:09:1f:55:f7:aa:4e:93:01:f8:cc:0e:e0:3c:
cc:33:3a:e7:ca:57:c7:97:5b:d2:43:1c:fd:cc:a3:39:d1:e8:
7f:4a:62:b9:bd:59:f9:01:57:d1:43:52:b6:1c:cb:fa:31:79:
36:ef:5b:c8:bf:c3:59:a2:09:ae:f2:e3:f4:bc:2a:f5:83:4d:
65:52:c1:3f:e2:70:7f:15:cb:eb:a7:9e:70:24:40:d0:1a:11:
aa:af:da:3b:7c:a6:89:be:3e:d3:8b:00:ff:10:71:33:30:1f:
ac:49:33:36:44:7e:e6:30:1a:85:d8:e5:9d:c3:f2:f5:3d:4d:
06:22:3b:28:6c:90:04:b2:ea:f7:ba:6b:1f:21:e8:ad:06:86:
0d:96:3d:db:56:15:aa:99:b4:7c:fe:1d:15:da:54:a4:e8:c1:
ef:ae:3b:d6:c6:db:6e:84:9b:40:23:35:02:98:9e:65:89:1a:
cf:10:90:6f:bb:a1:e2:5c:51:44:09:71:6c:28:52:f5:53:99:
70:b3:63:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUet4kkVvgSYTBYgAiYFgLlwYsqTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxODhmYzViMWY4NGQyMzRiN2E4YjBhMjkwMjJiYzY4MThjZjFlMTg0Y2Ni
OWM0YmU5NDdlNTJkMjdkODA4OTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbNEf3dMIClnQMdhgJZu+sWPeZ3KnCECCE/8F2I95Qgi9obRcnVv+D+9Tgd
WP/0zmCXVugrIXOs0uqBDcx6KeO2O/Si5agUF2GVt1p2JdDkIHC34Cq7GQDCb2bp
e+Sxvg1hdu9d5jX7XgByCTjFvMXpFPt0drBYBi5ltgf6mAuq5Iatymk0rlsd160z
PjugrQd+6GVwWyW6FcTqE27EDBNlXZOW0/iLTlHU5lvpXXoVPSIGFAAkPO4GlqfQ
jWlrHu4JVMg1pLQjBMLeLDlP5rOam3FcNlZpojAlm3yypIjUaR9GQIVFyBduOhS1
nvuZSp/PSxChj2uEBThAM6f+hh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZTXsN
LOZ2mPFYJZH+V6JvYxnrTDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjkxMzcwMzctMjAxZS00YWFjLWJkOGYtNWQ4MGQwY2JjYjk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBXgR
MA0GCSqGSIb3DQEBCwUAA4IBAQA1NJT2rqhCk0vhTOpV3irMmeUj3BYfvFs2DYl/
tZYb6GeHGlyQ5ep6HXcisU7ZRgBiffGC/VisVuXYywkfVfeqTpMB+MwO4DzMMzrn
ylfHl1vSQxz9zKM50eh/SmK5vVn5AVfRQ1K2HMv6MXk271vIv8NZogmu8uP0vCr1
g01lUsE/4nB/Fcvrp55wJEDQGhGqr9o7fKaJvj7TiwD/EHEzMB+sSTM2RH7mMBqF
2OWdw/L1PU0GIjsobJAEsur3umsfIeitBoYNlj3bVhWqmbR8/h0V2lSk6MHvrjvW
xttuhJtAIzUCmJ5liRrPEJBvu6HiXFFECXFsKFL1U5lws2M7
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:45 2025 by rpki-client