Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: EvM3go8Iv36xkUifr5xGUmu29cmGKmlRW9uHjn66QqM=
Subject key identifier: 5F:F1:98:23:54:23:1C:6A:FD:EA:C4:6E:9B:0D:84:82:D5:42:91:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4177DE8FB876F4E65F6C3BED7A6A27EA6B8C2CE2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Wed 05 Mar 2025 17:51:02 +0000
ROA not before: Wed 05 Mar 2025 17:51:02 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:77:de:8f:b8:76:f4:e6:5f:6c:3b:ed:7a:6a:27:ea:6b:8c:2c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:02 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d5:a5:da:da:6d:d9:f8:7c:18:9f:ad:90:58:
71:80:a6:e7:b9:89:1f:81:d3:b1:2f:97:1d:ad:56:
37:09:a9:59:69:c8:29:62:ca:17:10:fb:67:bf:d6:
cf:8a:44:08:70:41:99:a5:56:7f:50:a2:01:3e:bf:
d3:dc:11:85:27:e0:2f:17:52:2f:ab:e7:c2:e6:88:
2d:f8:80:64:48:ed:40:94:f0:f1:c0:a6:ea:50:1c:
e9:3d:dc:3b:f1:8c:f4:5e:87:a5:91:c8:0b:d4:a0:
59:b5:49:1a:d0:1e:85:5f:91:5d:6e:a7:4b:bb:41:
1d:15:f0:37:e0:bf:2e:0f:41:bf:16:72:d1:83:c7:
3f:a5:ab:c8:aa:c8:1d:d4:34:9e:a4:30:83:07:2b:
d9:8b:b6:6c:4d:19:9a:e8:f8:57:f3:c8:a2:62:90:
60:19:25:dd:d2:58:52:fe:4d:ea:72:71:41:74:55:
9c:33:af:c8:05:27:5b:2d:fa:c5:0b:3c:02:6e:d5:
1a:f4:52:8d:89:e3:a9:7e:15:19:30:2b:ca:08:01:
74:9f:db:e1:95:c7:aa:c2:a6:59:65:9f:0c:5c:4b:
bf:cd:3c:ce:c9:18:b5:a4:e0:1d:d8:2a:79:c9:c3:
51:69:83:96:f9:d2:94:23:01:d6:eb:31:5a:09:e3:
b8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F1:98:23:54:23:1C:6A:FD:EA:C4:6E:9B:0D:84:82:D5:42:91:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6b:24:dd:6b:7c:d7:eb:ca:ad:a6:c1:1e:4d:82:e9:08:16:04:
ee:91:21:e4:ad:99:44:f6:1d:53:21:41:1b:44:0a:88:4b:a7:
1c:04:0b:a9:fc:be:69:0d:8a:3c:4f:99:68:11:22:a1:e5:48:
7d:1e:3e:6c:57:cb:f1:d5:16:32:78:90:a2:fe:65:cb:d6:4a:
a4:89:bf:33:fd:72:1f:a8:91:09:85:99:a8:24:3a:23:b9:9d:
89:1c:d7:9b:5a:57:7c:a2:21:ae:9a:4f:26:23:f5:ed:72:20:
cb:63:8a:ef:53:10:2f:07:33:0a:80:4e:37:a8:e6:61:ba:32:
bf:5c:f0:f8:ec:e9:ab:fd:68:5d:dc:2b:8b:b6:d7:50:1b:63:
61:82:3a:fb:3d:8c:3a:f6:3a:06:41:5c:50:b4:93:fa:cb:09:
53:f7:ae:3f:77:7d:db:98:c9:5d:6a:c9:5f:a8:3e:f8:ab:c0:
7b:ab:ff:89:94:19:09:9b:fd:01:64:9c:e3:c9:b6:f8:6c:46:
c6:50:97:1e:fe:16:1e:a1:fc:8e:dd:ee:19:cd:c0:8d:52:eb:
f9:b1:a6:81:83:af:9c:69:f6:44:be:7f:69:a1:79:0d:13:2a:
e8:6a:9e:2d:bb:d9:ca:a0:2d:0a:b3:77:19:35:7c:18:2e:23:
3e:7e:94:d0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQXfej7h29OZfbDvtemon6muMLOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMDJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4ZTg1ODEzYTJjZTkwODdjZWNiMzgzNjJiMjc2ZTMxYTQ3NDE4MTI5Mzc5
M2RhNzFlNmIyNzk3OGRjMzA0YzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvVpdrabdn4fBifrZBYcYCm57mJH4HTsS+XHa1WNwmpWWnIKWLKFxD7Z7/W
z4pECHBBmaVWf1CiAT6/09wRhSfgLxdSL6vnwuaILfiAZEjtQJTw8cCm6lAc6T3c
O/GM9F6HpZHIC9SgWbVJGtAehV+RXW6nS7tBHRXwN+C/Lg9BvxZy0YPHP6WryKrI
HdQ0nqQwgwcr2Yu2bE0Zmuj4V/PIomKQYBkl3dJYUv5N6nJxQXRVnDOvyAUnWy36
xQs8Am7VGvRSjYnjqX4VGTAryggBdJ/b4ZXHqsKmWWWfDFxLv808zskYtaTgHdgq
ecnDUWmDlvnSlCMB1usxWgnjuFECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRf8Zgj
VCMcav3qxG6bDYSC1UKRuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAayTda3zX68qtpsEeTYLpCBYE7pEh5K2ZRPYdUyFB
G0QKiEunHAQLqfy+aQ2KPE+ZaBEioeVIfR4+bFfL8dUWMniQov5ly9ZKpIm/M/1y
H6iRCYWZqCQ6I7mdiRzXm1pXfKIhrppPJiP17XIgy2OK71MQLwczCoBON6jmYboy
v1zw+Ozpq/1oXdwri7bXUBtjYYI6+z2MOvY6BkFcULST+ssJU/euP3d925jJXWrJ
X6g++KvAe6v/iZQZCZv9AWSc48m2+GxGxlCXHv4WHqH8jt3uGc3AjVLr+bGmgYOv
nGn2RL5/aaF5DRMq6GqeLbvZyqAtCrN3GTV8GC4jPn6U0A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:16 2025 by rpki-client