Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: ivn2t7vhseYqR22aNinHB04r5nDwJs+P0khMpAPHfJM=
Subject key identifier: B6:97:AD:4E:24:7F:20:E5:48:54:C3:FD:CF:E3:89:76:90:86:92:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5CD5885C424355E8B75321252C120FCAE9C218B3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Mon 17 Mar 2025 15:41:04 +0000
ROA not before: Mon 17 Mar 2025 15:41:04 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:d5:88:5c:42:43:55:e8:b7:53:21:25:2c:12:0f:ca:e9:c2:18:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:41:04 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:71:97:c8:5e:ef:8f:c6:fb:db:00:d9:fa:39:
a7:8d:d8:ae:9a:90:60:c1:56:8b:92:d7:2e:90:42:
93:0b:c0:52:6c:a4:a7:a5:97:55:00:bc:87:ef:f7:
43:9c:3c:3c:12:2c:bb:f5:6d:3d:8e:3f:75:fc:d6:
7f:60:94:ff:32:67:f7:dc:eb:3e:d5:f6:f4:36:0d:
e7:08:ad:b0:fe:bf:1d:be:8a:d3:c6:35:93:e3:30:
06:bf:bd:70:60:94:b0:fe:6a:f1:1d:e6:57:b0:29:
f0:6c:ba:ee:ef:9a:01:f1:55:7b:1c:15:e7:88:f3:
7c:5f:af:1f:76:2c:14:59:b3:4c:b9:fa:30:48:33:
60:58:b5:a4:c8:74:fa:11:a6:72:5b:c4:81:2c:e7:
81:d5:ee:c7:ac:e4:0e:ee:38:63:21:4c:24:90:09:
57:53:49:5a:c5:a5:7b:dc:5e:92:f8:5d:1e:63:04:
a8:05:6b:d8:ae:32:48:b1:ff:34:31:7c:6d:2e:a6:
d4:37:40:0a:73:5c:88:41:b8:47:f9:bf:84:bb:de:
6f:86:90:b9:b8:01:32:96:66:a1:0c:33:fe:e9:7b:
82:b2:4c:90:13:d9:9c:01:da:34:eb:11:b9:b3:f2:
d1:5f:42:20:eb:55:63:9c:f4:7b:2f:0c:90:52:27:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:97:AD:4E:24:7F:20:E5:48:54:C3:FD:CF:E3:89:76:90:86:92:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
9d:97:ef:fa:c4:ae:6f:c8:26:71:da:f8:84:ac:e2:a8:ba:2c:
0c:d8:37:7a:76:1a:2e:64:b9:ee:59:cf:10:67:27:07:88:eb:
aa:10:8e:af:3a:b7:03:ad:ad:86:be:34:ec:0a:19:aa:04:40:
5b:48:c4:24:f1:86:a8:f0:c6:66:84:41:64:1f:34:06:ea:69:
93:3e:a1:ed:1e:54:35:28:17:8e:08:1f:85:f6:ed:10:68:4b:
f3:08:78:df:3f:c7:2d:8a:af:7b:fa:3b:a5:b3:97:75:9e:bb:
2a:28:e6:d2:0d:c1:d5:da:b8:8a:ec:ad:de:52:bd:fc:8b:5b:
62:44:d1:c9:93:76:d3:62:e9:8f:5a:d1:9a:fd:e2:b5:1b:0e:
0d:af:13:bd:e1:c9:0f:57:7c:fa:43:cb:bb:97:f6:e7:ba:35:
d3:77:ae:01:e5:cb:05:db:e9:40:10:e8:9f:67:cc:97:06:90:
81:a1:34:51:42:12:e4:29:6a:d9:1a:a5:c1:86:cd:55:26:fa:
9a:fa:b8:8a:0e:b3:82:88:78:fb:88:f8:66:a2:26:07:88:6c:
92:13:85:e9:17:bc:d2:f3:94:12:cf:cb:84:b2:9f:3e:39:79:
1b:de:48:f6:b0:04:84:7b:68:bf:f2:2e:ef:a1:de:11:36:0f:
62:fe:bd:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXNWIXEJDVei3UyElLBIPyunCGLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQxMDRaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZmFhNjZjOTFlYzg0NWUyNjJiNmM5N2QxNmZiNTFhNjNmZmJmZGQyZTU0
N2Q1MTYzN2RiYjQyMjMwMDhmYWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxxl8he74/G+9sA2fo5p43YrpqQYMFWi5LXLpBCkwvAUmykp6WXVQC8h+/3
Q5w8PBIsu/VtPY4/dfzWf2CU/zJn99zrPtX29DYN5witsP6/Hb6K08Y1k+MwBr+9
cGCUsP5q8R3mV7Ap8Gy67u+aAfFVexwV54jzfF+vH3YsFFmzTLn6MEgzYFi1pMh0
+hGmclvEgSzngdXux6zkDu44YyFMJJAJV1NJWsWle9xekvhdHmMEqAVr2K4ySLH/
NDF8bS6m1DdACnNciEG4R/m/hLveb4aQubgBMpZmoQwz/ul7grJMkBPZnAHaNOsR
ubPy0V9CIOtVY5z0ey8MkFInUh8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2l61O
JH8g5UhUw/3P44l2kIaSoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCdl+/6xK5vyCZx2viErOKouiwM2Dd6dhouZLnuWc8Q
ZycHiOuqEI6vOrcDra2GvjTsChmqBEBbSMQk8Yao8MZmhEFkHzQG6mmTPqHtHlQ1
KBeOCB+F9u0QaEvzCHjfP8ctiq97+juls5d1nrsqKObSDcHV2riK7K3eUr38i1ti
RNHJk3bTYumPWtGa/eK1Gw4NrxO94ckPV3z6Q8u7l/bnujXTd64B5csF2+lAEOif
Z8yXBpCBoTRRQhLkKWrZGqXBhs1VJvqa+riKDrOCiHj7iPhmoiYHiGySE4XpF7zS
85QSz8uEsp8+OXkb3kj2sASEe2i/8i7vod4RNg9i/r3b
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:18:44 2025 by rpki-client