Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
File: 43c182d6-87cf-4ea0-9709-b661212b9631.roa (raw, json)
Hash identifier: I2LdR+7ZFBcXXXrtTjuD4sgVnEO4FAjSLxzq2z+b98Y=
Subject key identifier: 1D:25:CE:84:4A:1E:C1:27:90:3B:3F:A9:06:66:4E:77:1D:98:FD:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D5E56256E52225E40D5262CAB445DDFC4FBBDD0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:5e:56:25:6e:52:22:5e:40:d5:26:2c:ab:44:5d:df:c4:fb:bd:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:50:f2:a8:e0:a3:f5:c0:6c:76:f6:9f:41:
a5:80:f8:f4:ba:b3:fa:67:6d:a4:74:48:1c:57:82:
36:4a:a7:6b:38:da:3f:52:96:98:57:19:e2:71:f1:
0f:3f:d2:78:50:51:4c:79:65:6b:3c:5f:82:19:8a:
02:aa:e7:c6:00:1b:63:a8:e6:be:1b:59:47:2f:cb:
9e:10:af:94:98:36:0a:02:84:0f:02:0b:70:6e:9a:
15:e4:c1:5b:38:09:51:e9:41:34:44:ca:78:09:40:
a8:e2:dd:1c:4a:68:48:45:0d:43:bd:65:20:9b:bd:
40:a6:a8:7d:c3:e6:d5:e7:1d:78:fb:2d:34:40:59:
2d:79:dc:95:92:93:39:c6:52:90:ea:ff:3c:ca:40:
03:40:31:ba:02:b5:34:e8:29:83:c7:1d:8d:25:7c:
ea:5f:57:de:fa:2f:c7:d2:45:f2:22:50:ed:fb:20:
09:35:eb:af:1d:85:69:06:43:3e:26:5e:2e:94:71:
ef:06:60:67:16:59:c4:14:ce:9e:f2:7c:7f:12:a6:
23:e3:c5:b3:3c:f2:6b:f2:b1:7e:3a:4e:a7:4b:7f:
1a:10:48:26:87:8e:3d:db:ac:01:3f:bb:ac:a4:18:
c5:63:98:bb:70:04:0f:70:49:f3:59:47:77:81:f4:
a8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:25:CE:84:4A:1E:C1:27:90:3B:3F:A9:06:66:4E:77:1D:98:FD:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5a:b3:5e:43:51:33:66:37:e0:8b:95:91:d1:5f:ca:df:ab:ad:
62:68:1a:34:7f:15:81:c0:ea:f9:8a:32:1a:2c:db:f9:f4:d2:
c7:95:05:2c:21:54:11:e5:5a:f2:ee:85:36:33:c5:24:22:0c:
a9:3f:b8:32:f7:54:6b:8d:55:83:12:3a:54:35:45:57:6a:8f:
93:3d:fa:5c:4f:3e:dc:63:5d:a9:bc:b2:03:97:a0:c2:8e:52:
0e:a0:a8:b7:84:65:e8:53:c2:42:13:62:ed:70:0c:f2:c4:2c:
e9:bc:3d:0b:52:13:6a:35:70:3e:9c:12:e0:ec:37:6b:d4:61:
b8:67:bc:7d:76:66:3c:eb:3b:e4:27:43:2d:4d:dd:68:8c:f7:
ad:3c:2b:14:e7:30:09:9c:a0:f9:32:8d:cf:e1:b2:cb:41:12:
80:2f:e8:f4:cf:ee:a0:14:25:84:a4:67:58:d3:e0:d8:15:ac:
4e:fe:0c:55:5a:a2:b3:81:66:17:da:bd:e6:cb:27:6d:ff:6a:
a0:1a:ea:47:03:1d:d3:8b:6f:f1:1c:83:05:88:b5:d2:fc:bb:
0f:b3:af:de:ac:0b:cf:a8:c4:6a:81:53:5b:1c:fc:b6:67:93:
0b:82:a0:d6:9e:94:35:2c:d9:97:88:04:ea:90:c8:70:68:f6:
b8:cf:87:52
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTV5WJW5SIl5A1SYsq0Rd38T7vdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NDU4Mjk3NDQ5MjQ2OTZkNTVlNTgwMWQ0YTgxNzA2OTk5YmIwZjRiYWYz
NmUzMDE5ZDEzOWQ4YWNlMThmZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdiUPKo4KP1wGx29p9BpYD49Lqz+mdtpHRIHFeCNkqnazjaP1KWmFcZ4nHx
Dz/SeFBRTHllazxfghmKAqrnxgAbY6jmvhtZRy/LnhCvlJg2CgKEDwILcG6aFeTB
WzgJUelBNETKeAlAqOLdHEpoSEUNQ71lIJu9QKaofcPm1ecdePstNEBZLXnclZKT
OcZSkOr/PMpAA0AxugK1NOgpg8cdjSV86l9X3vovx9JF8iJQ7fsgCTXrrx2FaQZD
PiZeLpRx7wZgZxZZxBTOnvJ8fxKmI+PFszzya/KxfjpOp0t/GhBIJoeOPdusAT+7
rKQYxWOYu3AED3BJ81lHd4H0qK0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQdJc6E
Sh7BJ5A7P6kGZk53HZj9pTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNjMTgyZDYtODdjZi00ZWEwLTk3MDktYjY2MTIxMmI5NjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAWrNeQ1EzZjfgi5WR0V/K36utYmgaNH8VgcDq+Yoy
Gizb+fTSx5UFLCFUEeVa8u6FNjPFJCIMqT+4MvdUa41VgxI6VDVFV2qPkz36XE8+
3GNdqbyyA5egwo5SDqCot4Rl6FPCQhNi7XAM8sQs6bw9C1ITajVwPpwS4Ow3a9Rh
uGe8fXZmPOs75CdDLU3daIz3rTwrFOcwCZyg+TKNz+Gyy0ESgC/o9M/uoBQlhKRn
WNPg2BWsTv4MVVqis4FmF9q95ssnbf9qoBrqRwMd04tv8RyDBYi10vy7D7Ov3qwL
z6jEaoFTWxz8tmeTC4Kg1p6UNSzZl4gE6pDIcGj2uM+HUg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:41:08 2025 by rpki-client