Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
File: 43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa (raw, json)
Hash identifier: zlJCRNHuZX5fkVRy9+/Q+PFMCEHz/QK820/rivdk4gg=
Subject key identifier: C9:AE:D3:D9:A0:F6:11:EA:8C:39:81:AB:A9:CE:F7:52:AB:39:0A:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 214A617C7969691E143DEF938E4AF4649FB0844E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:4a:61:7c:79:69:69:1e:14:3d:ef:93:8e:4a:f4:64:9f:b0:84:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:cd:ec:e8:bb:97:4a:f3:bf:0c:c4:88:27:
c3:79:20:12:f4:4e:38:84:b3:e8:8e:12:a4:49:90:
46:2d:d3:54:74:30:4f:19:2b:38:9e:8b:75:b3:6f:
19:70:e5:18:f3:10:f9:e1:30:8f:8d:e7:03:08:ce:
0d:07:c4:78:37:c2:52:de:48:f2:08:9e:0d:36:f9:
b8:39:05:be:2f:dd:ab:31:45:b7:e7:f1:da:df:19:
8f:f9:ee:aa:14:dd:da:1f:b6:08:ef:29:01:a3:f7:
46:31:ff:e7:9f:69:2b:36:e0:45:ce:cc:54:15:8f:
d7:83:67:82:15:91:ae:f3:5a:8b:d2:29:2e:10:d2:
b2:bb:34:01:02:d2:37:76:b2:aa:f7:1a:13:44:bc:
e3:bf:ec:08:43:fd:78:f3:6d:1c:11:89:1a:01:64:
66:21:aa:7e:fe:d3:da:95:c4:f9:9a:2f:8f:27:1a:
a4:f2:87:a4:5f:c4:2c:66:5b:8e:a1:98:28:ce:e9:
e8:1d:86:b4:9d:ab:9b:4f:ae:17:78:d5:e2:e7:bf:
15:2b:04:ce:85:7b:10:d6:d1:52:cc:41:2b:47:9c:
7f:51:5d:2d:5e:bc:14:e8:b6:93:05:9c:7c:7a:9b:
47:db:8a:01:e5:93:36:ab:e6:48:bd:f4:bf:e7:ec:
34:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AE:D3:D9:A0:F6:11:EA:8C:39:81:AB:A9:CE:F7:52:AB:39:0A:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:14:e5:55:f9:05:31:b2:c1:95:97:fc:f9:39:20:1d:45:cd:
74:89:cd:ca:14:2e:b1:e9:e8:43:b2:e7:fc:ab:b1:16:b8:89:
a5:f2:8a:40:b5:be:6a:1b:1b:f4:b5:f9:11:69:18:c8:44:fd:
e3:43:de:70:45:94:6c:6a:32:a5:98:38:9a:9d:81:a9:e3:25:
30:72:2e:f6:97:49:bd:7b:02:59:0a:52:d9:5c:13:29:ae:63:
99:59:d6:b6:0f:18:c6:02:04:a9:7d:a9:a9:cc:2d:df:aa:15:
8e:31:dd:bd:74:ae:d2:b5:d3:d6:05:47:39:78:ef:fc:03:ff:
80:2c:f4:43:96:cb:33:fe:9e:4f:6a:32:6b:2c:05:95:45:86:
1a:41:e5:89:de:c2:ba:5a:ac:bb:65:39:a8:0e:03:5b:cf:01:
60:84:1e:81:b3:d6:f0:4d:ba:fd:bc:27:96:4f:51:62:5c:63:
64:06:1f:7c:3d:87:82:7d:cd:a2:dd:2c:4f:f0:cc:42:ec:54:
7e:e3:ef:9e:14:ba:5b:88:63:a3:de:59:71:31:e8:a0:b6:28:
5b:33:3b:66:6d:11:c8:75:92:77:84:a7:4f:4b:0d:58:a2:e0:
6d:92:73:19:1d:15:ec:08:66:7e:19:f7:20:ac:25:4e:b0:b6:
f9:e7:9f:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIUphfHlpaR4UPe+Tjkr0ZJ+whE4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjOWExMGI2MDJlZTg3MzU2YzBkMTlkOGM5YmE5ODA4MjA4YTE2Njk3MDYx
ZmQ0Yjk2OTllYzVlNTJhM2Q2MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZSzezou5dK878MxIgnw3kgEvROOISz6I4SpEmQRi3TVHQwTxkrOJ6LdbNv
GXDlGPMQ+eEwj43nAwjODQfEeDfCUt5I8gieDTb5uDkFvi/dqzFFt+fx2t8Zj/nu
qhTd2h+2CO8pAaP3RjH/559pKzbgRc7MVBWP14NnghWRrvNai9IpLhDSsrs0AQLS
N3ayqvcaE0S847/sCEP9ePNtHBGJGgFkZiGqfv7T2pXE+ZovjycapPKHpF/ELGZb
jqGYKM7p6B2GtJ2rm0+uF3jV4ue/FSsEzoV7ENbRUsxBK0ecf1FdLV68FOi2kwWc
fHqbR9uKAeWTNqvmSL30v+fsNJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTJrtPZ
oPYR6ow5gaupzvdSqzkKCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNiNGY1ZTEtMDVlZC00YzJjLTk2YTktMTY1MzQ4ODM1ZThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQA0FOVV+QUxssGVl/z5OSAdRc10ic3KFC6x6ehDsuf8
q7EWuIml8opAtb5qGxv0tfkRaRjIRP3jQ95wRZRsajKlmDianYGp4yUwci72l0m9
ewJZClLZXBMprmOZWda2DxjGAgSpfampzC3fqhWOMd29dK7StdPWBUc5eO/8A/+A
LPRDlssz/p5PajJrLAWVRYYaQeWJ3sK6Wqy7ZTmoDgNbzwFghB6Bs9bwTbr9vCeW
T1FiXGNkBh98PYeCfc2i3SxP8MxC7FR+4++eFLpbiGOj3llxMeigtihbMztmbRHI
dZJ3hKdPSw1YouBtknMZHRXsCGZ+GfcgrCVOsLb555+d
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:39:16 2025 by rpki-client