Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: n5k3x6yP5yK8oc70gUu3lkgkdIsUyiXGxoeAPEiMTqc=
Subject key identifier: AB:4C:2A:00:50:AB:DE:FC:5D:7E:87:7C:02:59:18:8F:26:DD:BE:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19F8DF09241416CBF5B437B188D2FEA5F04ACB2C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Mon 17 Mar 2025 15:40:48 +0000
ROA not before: Mon 17 Mar 2025 15:40:48 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:f8:df:09:24:14:16:cb:f5:b4:37:b1:88:d2:fe:a5:f0:4a:cb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:48 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:29:80:60:b8:19:c1:9a:59:db:d0:8d:a7:26:
d9:b8:f0:b5:d2:19:ae:e8:63:7d:6c:5f:da:7c:77:
51:f0:7d:04:76:4e:3b:2c:8c:2a:b3:2e:22:c2:9b:
31:8d:bf:d6:52:92:26:7f:8f:ce:df:c2:a9:50:db:
d7:9b:d2:b0:0e:39:e7:7e:c2:95:08:74:69:94:9f:
7f:5a:28:d0:d6:2a:af:9e:26:31:b1:31:85:55:6b:
ef:c9:92:c1:9a:19:14:9b:46:ee:e7:5b:7e:5b:bc:
d5:ea:c8:e4:25:24:b0:a1:1d:c0:a0:ff:e2:35:55:
2d:8d:84:3e:98:2b:75:14:e0:40:8a:9c:a8:79:09:
6a:bd:4c:be:b2:04:46:24:09:c8:65:88:bc:a8:57:
4d:d1:4b:35:ca:7e:f8:02:b9:3f:d2:bd:01:fe:59:
a4:2c:ec:d9:06:7c:4d:22:0f:b5:4c:3f:d5:6e:bb:
22:16:10:d6:01:a7:da:98:29:c1:21:40:ba:d5:43:
dd:9c:35:10:2c:a5:58:0b:78:5f:43:8a:0e:ea:2c:
39:89:e1:d6:20:de:a8:13:74:15:67:ed:fc:7f:1a:
79:4e:f2:0d:1c:b9:3d:9d:19:7b:97:a4:c5:00:de:
52:39:03:4e:ac:5a:a3:6d:91:6c:8f:48:75:62:61:
6f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4C:2A:00:50:AB:DE:FC:5D:7E:87:7C:02:59:18:8F:26:DD:BE:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:9c:1e:c8:fd:a1:5f:52:b8:fb:b3:59:07:85:f4:3b:d8:ce:
5f:cb:0c:f3:ff:68:96:32:9a:41:74:c3:79:9e:28:4d:cb:22:
c9:c7:a3:d6:fb:1f:66:3a:e9:91:ad:8e:36:39:bb:ec:7c:62:
a2:fe:4c:a1:09:63:6a:44:c4:8e:c0:b4:63:25:3f:98:7a:e3:
97:18:35:32:83:80:62:5f:66:20:c3:07:7c:fa:e6:36:37:6d:
b7:44:12:1f:8f:a4:5d:d3:47:6e:f3:f0:bc:c5:03:29:fd:af:
48:3f:74:37:ff:b8:71:f5:40:b7:a0:be:81:1e:fd:66:33:2a:
b0:76:78:49:65:2a:8c:5f:3a:9f:ab:90:15:44:19:aa:1f:fc:
4f:17:1a:69:47:d9:0b:b5:14:57:7d:4d:13:fa:3d:f3:07:ec:
d7:40:a4:46:4f:41:ab:4f:72:28:f8:e4:33:60:1d:69:86:c8:
9b:a2:fc:43:f0:a5:6c:1e:b8:fe:a5:8e:0e:6a:d5:d4:cc:43:
0e:03:88:99:e5:e9:c9:11:e0:64:44:fa:9a:0c:aa:5c:94:1a:
ee:27:67:f9:08:66:99:2d:5b:3d:16:bc:99:34:0d:25:7c:5a:
f9:9f:9a:8b:6c:27:c7:81:a5:c7:96:a0:d4:7d:f0:5e:5b:ab:
9e:1b:a2:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGfjfCSQUFsv1tDexiNL+pfBKyywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwNDhaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzYzIxODQxNWQ1NzE1NDEwYjU1N2JlZmM4OTA1ODhmNGU5NjJlOTA5ZGM4
OTRkOTgyNmY5NWMwMTdmNTBjZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALApgGC4GcGaWdvQjacm2bjwtdIZruhjfWxf2nx3UfB9BHZOOyyMKrMuIsKb
MY2/1lKSJn+Pzt/CqVDb15vSsA45537ClQh0aZSff1oo0NYqr54mMbExhVVr78mS
wZoZFJtG7udbflu81erI5CUksKEdwKD/4jVVLY2EPpgrdRTgQIqcqHkJar1MvrIE
RiQJyGWIvKhXTdFLNcp++AK5P9K9Af5ZpCzs2QZ8TSIPtUw/1W67IhYQ1gGn2pgp
wSFAutVD3Zw1ECylWAt4X0OKDuosOYnh1iDeqBN0FWft/H8aeU7yDRy5PZ0Ze5ek
xQDeUjkDTqxao22RbI9IdWJhb7ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSrTCoA
UKve/F1+h3wCWRiPJt2+TDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQCFnB7I/aFfUrj7s1kHhfQ72M5fywzz/2iWMppBdMN5
nihNyyLJx6PW+x9mOumRrY42ObvsfGKi/kyhCWNqRMSOwLRjJT+YeuOXGDUyg4Bi
X2Ygwwd8+uY2N223RBIfj6Rd00du8/C8xQMp/a9IP3Q3/7hx9UC3oL6BHv1mMyqw
dnhJZSqMXzqfq5AVRBmqH/xPFxppR9kLtRRXfU0T+j3zB+zXQKRGT0GrT3Io+OQz
YB1phsibovxD8KVsHrj+pY4OatXUzEMOA4iZ5enJEeBkRPqaDKpclBruJ2f5CGaZ
LVs9FryZNA0lfFr5n5qLbCfHgaXHlqDUffBeW6ueG6KQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:18:30 2025 by rpki-client