Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
File: 2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa (raw, json)
Hash identifier: acUi1Krx+H8hsKiysYmzVvunKrkGfQVnZTeN7YfEQdA=
Subject key identifier: B0:85:CD:69:13:6C:27:69:71:23:DA:FA:A0:85:CF:BE:92:DF:0E:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A1DE9FF0163DF1DBEB9F0A41F85FF811E47AB15
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:1d:e9:ff:01:63:df:1d:be:b9:f0:a4:1f:85:ff:81:1e:47:ab:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:aa:d2:d8:07:b9:80:0d:6c:73:f2:74:60:e5:
cf:0d:d3:fa:ca:0d:8b:af:d4:d0:ff:e9:07:29:18:
ce:19:1c:3c:62:77:78:86:be:cc:23:c3:8e:9a:b5:
a6:7b:50:cc:09:00:14:d4:1d:4e:c9:40:84:9f:cb:
52:93:be:b1:44:6a:6c:1b:67:54:87:d8:9e:9f:2a:
a5:99:b3:81:8e:3d:ce:f3:24:7b:7b:28:3d:1a:d1:
94:1d:2e:47:aa:43:4c:dd:09:06:f9:44:bf:aa:92:
a1:53:1f:3c:5f:7d:73:b2:74:44:9b:56:96:68:12:
be:d1:17:4b:df:e3:9a:08:7a:8b:d7:0e:07:da:24:
56:55:c6:e6:d7:0f:bd:7b:04:b3:a3:6f:d4:08:92:
8b:5c:4a:34:d5:32:42:5e:38:fd:6c:49:8f:1b:29:
67:41:f6:39:ec:44:ad:34:14:dd:31:b5:fb:b6:ad:
5f:d5:81:d7:d4:2c:22:9c:c7:2b:96:4c:5a:71:63:
8a:d2:be:1b:71:a1:3b:e4:4b:fd:81:a1:ed:bd:27:
29:ca:0b:02:66:9a:c6:48:63:8e:a5:66:96:ee:e6:
57:04:4e:16:9a:de:12:c6:57:a5:57:11:20:26:fd:
ac:f2:b4:f1:a1:65:46:ea:fb:91:da:35:69:65:6a:
74:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:85:CD:69:13:6C:27:69:71:23:DA:FA:A0:85:CF:BE:92:DF:0E:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:01:3b:01:5a:21:27:6a:7a:9a:07:77:dc:ed:7b:69:0c:5a:
f5:19:01:d9:0c:e4:a4:58:97:c7:94:b6:3d:16:12:14:43:fc:
9c:12:46:da:82:d0:b6:ae:ae:18:9c:94:be:ca:a9:c7:af:25:
f1:3f:66:39:09:2a:62:50:c5:ca:bc:45:b2:e2:f8:f9:a0:87:
21:c4:41:3a:2d:9e:66:19:55:7e:05:33:88:de:c6:21:60:fd:
ed:38:33:cc:ec:fa:df:b0:66:2f:cb:1f:d4:bc:6c:d9:c6:18:
16:b9:21:e3:bf:00:af:79:d7:d1:b2:47:85:58:b1:1c:cd:11:
d1:da:fc:f6:ef:76:26:32:79:d1:f8:cb:55:74:47:36:18:a7:
43:99:13:5d:eb:33:d9:8b:1e:2a:a5:aa:64:fe:72:6d:25:7a:
33:0d:b8:3a:e9:74:04:7a:b0:d7:c2:40:e8:41:11:c3:b0:2b:
d7:0c:8d:33:18:34:18:74:c3:88:10:28:d0:d6:3a:ab:85:57:
32:93:c0:a0:55:55:64:dd:9d:37:86:6b:d6:c8:6c:02:04:66:
db:aa:f7:f9:a5:13:62:8f:9c:f7:5c:11:19:f5:2d:ed:94:c6:
e1:13:5b:dd:53:70:6d:79:8a:71:1f:7e:a7:4b:23:8f:17:f8:
70:6f:02:44
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOh3p/wFj3x2+ufCkH4X/gR5HqxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MTQ0MzcwNGQ0Mjc3OGNiZGRlZTYwMTAwMWQzMjdmOTNlMDY1YTQ0MzNk
NGI4MTU3NGE4NTI0ZWQzODBkZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+q0tgHuYANbHPydGDlzw3T+soNi6/U0P/pBykYzhkcPGJ3eIa+zCPDjpq1
pntQzAkAFNQdTslAhJ/LUpO+sURqbBtnVIfYnp8qpZmzgY49zvMke3soPRrRlB0u
R6pDTN0JBvlEv6qSoVMfPF99c7J0RJtWlmgSvtEXS9/jmgh6i9cOB9okVlXG5tcP
vXsEs6Nv1AiSi1xKNNUyQl44/WxJjxspZ0H2OexErTQU3TG1+7atX9WB19QsIpzH
K5ZMWnFjitK+G3GhO+RL/YGh7b0nKcoLAmaaxkhjjqVmlu7mVwROFpreEsZXpVcR
ICb9rPK08aFlRur7kdo1aWVqdEMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSwhc1p
E2wnaXEj2vqghc++kt8OZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmUxMzcwYTYtOGRhNC00YjQ2LWE5ZTAtZjBmNmRjODdkOWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQB8ATsBWiEnanqaB3fc7XtpDFr1GQHZDOSkWJfHlLY9
FhIUQ/ycEkbagtC2rq4YnJS+yqnHryXxP2Y5CSpiUMXKvEWy4vj5oIchxEE6LZ5m
GVV+BTOI3sYhYP3tODPM7PrfsGYvyx/UvGzZxhgWuSHjvwCvedfRskeFWLEczRHR
2vz273YmMnnR+MtVdEc2GKdDmRNd6zPZix4qpapk/nJtJXozDbg66XQEerDXwkDo
QRHDsCvXDI0zGDQYdMOIECjQ1jqrhVcyk8CgVVVk3Z03hmvWyGwCBGbbqvf5pRNi
j5z3XBEZ9S3tlMbhE1vdU3BteYpxH36nSyOPF/hwbwJE
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:41 2025 by rpki-client