Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
File: 40a62114-09f8-4383-abc5-a7d805c42d0a.roa (raw, json)
Hash identifier: 1pg79CP+p0WnbALeldGbDEAQhkaFwf0l8e9utMeiHhM=
Subject key identifier: F1:E0:16:BE:1C:1B:60:F7:80:ED:69:04:AE:94:03:8E:76:DB:CA:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D11A3BE97C5DFADB44B60D3610AB7760B67CA55
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:11:a3:be:97:c5:df:ad:b4:4b:60:d3:61:0a:b7:76:0b:67:ca:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:c3:19:94:78:d2:e7:02:93:f5:71:9b:41:
20:db:40:c2:8d:04:1c:4f:20:18:b2:23:fe:01:a2:
08:d1:7b:08:fe:02:55:62:8e:36:dd:a3:13:d5:57:
76:1c:8a:48:e7:d4:a6:0d:c7:89:60:2e:1d:67:ec:
6f:b7:c5:40:7a:05:e9:f1:28:1f:f5:af:4d:c3:d4:
77:ed:15:36:a4:cf:a8:7d:85:38:5c:9e:79:c5:df:
c3:0a:ae:5a:a5:a8:f7:ef:1a:b2:df:63:cb:3f:b7:
fa:6a:84:b4:ab:51:15:f0:38:71:1b:6d:8e:dd:57:
64:4f:ac:c9:97:87:0e:65:89:06:e6:39:6e:ba:54:
b7:99:95:3e:65:35:df:50:d4:88:a2:36:59:45:1a:
95:7f:7e:7f:44:0d:66:90:72:c6:1e:2a:2b:08:bc:
06:f2:b2:a1:c6:9a:32:86:60:b4:4c:5d:d2:51:40:
0e:84:6b:10:9e:42:4a:64:b7:0a:34:66:f7:31:af:
db:a5:fa:b0:1d:5a:63:2a:c0:94:f1:b4:0e:04:33:
47:12:ea:0b:d7:3a:c7:fb:dc:10:79:b0:3c:eb:9d:
ad:87:0d:de:6a:a1:e4:18:90:8b:1d:dc:2a:4c:17:
cb:4c:be:62:13:31:cb:55:64:f5:e5:78:6f:99:59:
98:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E0:16:BE:1C:1B:60:F7:80:ED:69:04:AE:94:03:8E:76:DB:CA:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:a6:99:fe:bf:c2:e2:be:a9:18:eb:ab:0f:22:69:4e:fb:f7:
ba:50:af:4e:98:7d:f5:5c:64:31:37:12:9a:78:3a:39:2b:ce:
62:ac:94:fb:a3:fd:22:fe:bf:ab:d0:52:0b:66:99:76:7e:6b:
df:44:17:61:49:68:2c:c4:ab:b3:3d:fd:4d:09:91:20:5a:57:
2e:d9:a9:bf:f4:81:61:72:72:79:40:a4:21:75:27:d8:1f:38:
87:6b:d9:72:f8:90:a5:68:1f:ba:56:82:06:a6:ab:e6:f6:69:
11:85:b4:89:38:a3:55:74:f3:aa:1f:64:65:4f:46:69:40:95:
37:b7:3d:7c:a4:e9:ba:e0:c0:18:f5:3d:93:99:f6:f0:30:c3:
28:50:6b:2c:d7:17:34:dd:1c:0a:7e:84:e1:fe:db:0c:97:a2:
00:e7:ca:b9:9e:f3:16:ee:3f:48:c5:3c:32:53:4d:91:07:c6:
f2:16:b7:b1:3b:71:42:1e:23:6f:5b:3d:ca:0f:b9:b1:23:ae:
a3:11:51:3e:2a:37:32:24:0d:14:40:40:6f:9f:b2:1f:eb:f8:
9e:53:cf:ac:a3:fb:f6:e1:b5:d4:a4:04:86:d3:f5:58:50:eb:
42:7d:8f:45:b7:ef:16:58:97:1f:b1:ef:30:6b:55:f4:52:90:
ed:cc:e6:0b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUDRGjvpfF3620S2DTYQq3dgtnylUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5OTZiOTI3ZjI0NTMwNWNkMjdlMmNmYTNhMDE1MTU3MjVmN2IxZjRjZjc3
ZTdlMjhjYWZiODI4MzZhMGNkYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1owxmUeNLnApP1cZtBINtAwo0EHE8gGLIj/gGiCNF7CP4CVWKONt2jE9VX
dhyKSOfUpg3HiWAuHWfsb7fFQHoF6fEoH/WvTcPUd+0VNqTPqH2FOFyeecXfwwqu
WqWo9+8ast9jyz+3+mqEtKtRFfA4cRttjt1XZE+syZeHDmWJBuY5brpUt5mVPmU1
31DUiKI2WUUalX9+f0QNZpByxh4qKwi8BvKyocaaMoZgtExd0lFADoRrEJ5CSmS3
CjRm9zGv26X6sB1aYyrAlPG0DgQzRxLqC9c6x/vcEHmwPOudrYcN3mqh5BiQix3c
KkwXy0y+YhMxy1Vk9eV4b5lZmHUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTx4Ba+
HBtg94DtaQSulAOOdtvKPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDBhNjIxMTQtMDlmOC00MzgzLWFiYzUtYTdkODA1YzQyZDBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAGimmf6/wuK+qRjrqw8iaU7797pQr06YffVcZDE3
Epp4OjkrzmKslPuj/SL+v6vQUgtmmXZ+a99EF2FJaCzEq7M9/U0JkSBaVy7Zqb/0
gWFycnlApCF1J9gfOIdr2XL4kKVoH7pWggamq+b2aRGFtIk4o1V086ofZGVPRmlA
lTe3PXyk6brgwBj1PZOZ9vAwwyhQayzXFzTdHAp+hOH+2wyXogDnyrme8xbuP0jF
PDJTTZEHxvIWt7E7cUIeI29bPcoPubEjrqMRUT4qNzIkDRRAQG+fsh/r+J5Tz6yj
+/bhtdSkBIbT9VhQ60J9j0W37xZYlx+x7zBrVfRSkO3M5gs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:37:39 2025 by rpki-client