Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: RA9IOY4X736c1Habc9UJBHPxlHp12vVgBk/Wkq65+ig=
Subject key identifier: D5:03:C7:73:EA:29:FB:76:F0:E7:63:FF:F6:F5:49:2B:51:7A:01:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B9533BD2C2B77C4BE57EF4474C9FBD9E4D0B718
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Wed 05 Mar 2025 17:51:31 +0000
ROA not before: Wed 05 Mar 2025 17:51:31 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:95:33:bd:2c:2b:77:c4:be:57:ef:44:74:c9:fb:d9:e4:d0:b7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:31 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:67:3f:61:fc:b4:fa:f3:48:47:01:3c:07:
00:43:bb:9e:4b:48:17:51:ca:2b:5c:d2:39:d6:a3:
69:30:c9:f8:22:ed:6f:9a:a3:2f:aa:74:f0:97:35:
54:34:27:90:af:2d:ac:ac:23:1f:f9:1e:96:b7:b1:
fc:71:b1:7f:ac:30:b0:90:ea:25:ad:c1:9a:13:d0:
1f:19:39:81:58:6b:b3:c2:2d:ac:5c:84:39:e8:b6:
03:52:be:eb:9a:dd:68:01:b6:6a:67:8d:9e:7e:44:
75:29:2f:74:4d:00:8c:66:bb:e1:76:18:4c:ca:1b:
54:29:e4:82:e4:83:ab:34:f0:70:2b:17:cb:5b:86:
4d:77:e3:8c:e5:91:e3:1a:95:bf:f0:67:28:d4:05:
d2:8a:d5:62:ca:92:d8:7f:f9:97:55:25:c3:68:42:
4d:7c:da:e0:62:1d:61:36:9f:4c:3f:4f:18:3e:63:
b9:29:d0:af:4f:a9:dd:c2:84:63:6d:32:9a:9b:4b:
68:15:f8:35:62:17:6d:5c:ce:78:89:62:c0:09:94:
fe:45:9c:3d:98:55:50:36:28:8d:f1:24:3d:34:32:
f0:75:de:95:c7:75:33:c3:43:db:16:4a:e2:1a:fc:
ec:e1:6c:94:fe:c0:f7:a1:7c:39:b8:46:51:ec:d7:
4e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:03:C7:73:EA:29:FB:76:F0:E7:63:FF:F6:F5:49:2B:51:7A:01:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:c5:6c:7d:b3:0b:06:5e:0a:02:fd:50:8f:54:31:67:dd:59:
3d:36:a0:eb:7c:c4:01:e5:38:bc:6a:10:a2:ff:99:ca:61:cb:
c9:39:12:ba:62:04:23:42:de:29:ea:45:8e:39:0d:b5:c3:8d:
f0:4f:89:5b:cc:d2:c0:9c:80:ef:2b:41:26:47:52:2e:f4:0e:
4d:f6:2e:4c:ff:d7:9f:eb:aa:f7:f7:da:ce:ec:d8:59:de:85:
cf:84:16:a9:7b:08:f1:15:33:b4:33:98:25:90:9f:84:e9:3f:
6a:c7:30:3b:d7:eb:3e:d8:15:5a:00:fd:4c:98:53:0d:db:66:
9b:41:04:67:49:d5:14:1d:27:ba:7e:5e:3b:f4:d5:e7:f4:c8:
86:61:02:f9:47:5b:2f:fb:27:ec:1e:aa:51:a4:a5:1a:fe:b6:
52:76:46:68:a0:e3:7e:ba:bc:f8:d1:29:31:cd:32:00:c2:bb:
39:d0:b4:47:68:ed:d7:70:44:e6:8e:f1:cf:86:ff:01:12:11:
4f:ef:cb:ae:56:af:89:53:b7:e9:bc:ec:3b:7a:a5:0c:a8:6f:
04:b9:b3:34:c5:7d:c8:38:76:96:eb:a8:1c:71:06:df:07:40:
40:d2:09:c8:f4:f7:d7:d7:6c:c7:85:ff:0e:25:94:6e:b1:fd:
8d:a4:95:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK5UzvSwrd8S+V+9EdMn72eTQtxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMzFaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYTEzYzliNWZiNjRmOGFmMzgwYzBhNzAzM2ZmMGI5MjU5M2Y3MjA3ZTJl
ODYxN2RjZmI0YjFjMjEyMjkxOTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKkZz9h/LT680hHATwHAEO7nktIF1HKK1zSOdajaTDJ+CLtb5qjL6p08Jc1
VDQnkK8trKwjH/kelrex/HGxf6wwsJDqJa3BmhPQHxk5gVhrs8ItrFyEOei2A1K+
65rdaAG2ameNnn5EdSkvdE0AjGa74XYYTMobVCnkguSDqzTwcCsXy1uGTXfjjOWR
4xqVv/BnKNQF0orVYsqS2H/5l1Ulw2hCTXza4GIdYTafTD9PGD5juSnQr0+p3cKE
Y20ymptLaBX4NWIXbVzOeIliwAmU/kWcPZhVUDYojfEkPTQy8HXelcd1M8ND2xZK
4hr87OFslP7A96F8ObhGUezXTqsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTVA8dz
6in7dvDnY//29UkrUXoBkzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBLxWx9swsGXgoC/VCPVDFn3Vk9NqDrfMQB5Ti8ahCi
/5nKYcvJORK6YgQjQt4p6kWOOQ21w43wT4lbzNLAnIDvK0EmR1Iu9A5N9i5M/9ef
66r399rO7NhZ3oXPhBapewjxFTO0M5glkJ+E6T9qxzA71+s+2BVaAP1MmFMN22ab
QQRnSdUUHSe6fl479NXn9MiGYQL5R1sv+yfsHqpRpKUa/rZSdkZooON+urz40Skx
zTIAwrs50LRHaO3XcETmjvHPhv8BEhFP78uuVq+JU7fpvOw7eqUMqG8EubM0xX3I
OHaW66gccQbfB0BA0gnI9PfX12zHhf8OJZRusf2NpJUI
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:17 2025 by rpki-client