Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: ZBGkQrpc8OXuHcW4z5IgWNJr+qOv6rnuptpwFzHDEK8=
Subject key identifier: 14:DF:34:76:E1:56:D8:C0:0A:A7:10:04:78:CB:3F:DD:65:75:01:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AA7C2C9A322530717E699D85E59F8D33977D308
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Fri 07 Mar 2025 15:10:45 +0000
ROA not before: Fri 07 Mar 2025 15:10:45 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:a7:c2:c9:a3:22:53:07:17:e6:99:d8:5e:59:f8:d3:39:77:d3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:45 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4d:b4:b7:b7:57:11:ca:9d:e9:aa:e2:19:1c:
2c:b8:01:12:30:e1:70:12:53:b5:d1:69:68:f5:74:
15:24:bd:af:a1:e6:be:40:54:5d:ee:a6:9b:23:19:
aa:f2:23:19:89:3a:f3:d2:8e:5b:0d:16:16:e1:8e:
62:ed:5d:d7:3e:2e:9c:1c:40:b5:af:7f:fe:05:87:
45:28:65:fd:87:01:42:5d:7e:36:a6:ee:7e:23:02:
89:fa:d5:6d:df:e4:13:5a:2c:b6:5a:1f:02:8f:95:
43:e2:99:19:d5:52:88:0e:61:59:d8:b6:cb:e5:cf:
74:78:36:65:a0:6a:04:fc:e5:3b:04:0c:eb:1f:9a:
36:b1:8a:70:d8:2b:c8:2b:ce:81:b2:2d:56:db:e6:
d4:4b:c5:f3:c5:16:6e:14:13:0c:5c:75:04:8f:96:
48:52:1c:5f:49:79:0d:9f:8a:f4:8e:39:fa:c2:4b:
7b:c0:fc:08:03:34:1c:9f:19:1f:fb:33:9c:54:b8:
7f:a4:0b:73:ef:77:ce:17:cf:e6:64:e9:e6:73:dd:
3f:5b:38:de:44:c3:25:2c:ab:2d:f6:07:9f:e0:da:
4e:9e:f6:b7:98:16:4e:74:e3:bf:d1:07:93:34:f1:
7e:7e:6b:65:fa:ce:d3:df:f5:42:0c:06:90:32:0c:
f4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DF:34:76:E1:56:D8:C0:0A:A7:10:04:78:CB:3F:DD:65:75:01:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
2d:8f:4b:fb:36:f8:d2:51:24:9c:52:eb:99:99:a7:a5:0f:1c:
29:74:0a:4e:05:ff:ef:fa:c2:d5:de:8a:15:d0:26:17:7e:4e:
31:61:79:c9:fc:57:ae:40:f6:c8:31:79:eb:83:c3:5a:25:cb:
82:25:96:75:4f:bb:c7:e3:67:03:b3:99:02:ef:b4:33:fb:b8:
6c:ec:b4:34:b5:26:25:82:6e:30:d2:5c:79:fc:bc:9a:56:c3:
6b:79:15:fc:bc:8c:53:67:b2:2d:bc:e1:e2:70:3b:b3:82:fb:
69:dc:56:d2:e9:56:1c:d1:0c:31:cb:47:a8:7f:82:ec:2d:56:
a8:b1:8c:ae:b1:2a:19:79:a0:e4:46:4e:d2:46:c5:56:f0:6e:
62:3e:3e:f8:23:91:95:e5:ba:f1:f4:c0:b7:55:23:ed:50:bd:
83:33:77:da:01:d7:84:97:90:62:8b:04:b2:11:fc:fd:b1:4a:
9b:f3:7e:4c:7d:5f:b1:69:3c:e7:ca:8d:eb:8a:fa:0e:c3:05:
eb:b1:0b:38:1d:19:cd:28:27:99:2c:b8:5b:b0:a9:91:35:5c:
26:77:53:0f:e3:be:8c:b1:36:33:fc:6d:23:f3:51:17:40:7c:
04:66:06:0f:6e:dc:bf:8e:81:b3:2a:42:dd:bb:7a:8e:9c:3f:
ef:81:72:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWqfCyaMiUwcX5pnYXln40zl30wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwNDVaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NDliOWE5YmM4ZTI3MGNjZWVhYTY5ZmQ0ZTYyOWE3OTFkZjdmMzEwNDE3
YzRmOGNmNTljMGJlMjExNmIyNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpNtLe3VxHKnemq4hkcLLgBEjDhcBJTtdFpaPV0FSS9r6HmvkBUXe6mmyMZ
qvIjGYk689KOWw0WFuGOYu1d1z4unBxAta9//gWHRShl/YcBQl1+NqbufiMCifrV
bd/kE1ostlofAo+VQ+KZGdVSiA5hWdi2y+XPdHg2ZaBqBPzlOwQM6x+aNrGKcNgr
yCvOgbItVtvm1EvF88UWbhQTDFx1BI+WSFIcX0l5DZ+K9I45+sJLe8D8CAM0HJ8Z
H/sznFS4f6QLc+93zhfP5mTp5nPdP1s43kTDJSyrLfYHn+DaTp72t5gWTnTjv9EH
kzTxfn5rZfrO09/1QgwGkDIM9GMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQU3zR2
4VbYwAqnEAR4yz/dZXUBJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEALY9L+zb40lEknFLrmZmnpQ8cKXQKTgX/7/rC
1d6KFdAmF35OMWF5yfxXrkD2yDF564PDWiXLgiWWdU+7x+NnA7OZAu+0M/u4bOy0
NLUmJYJuMNJcefy8mlbDa3kV/LyMU2eyLbzh4nA7s4L7adxW0ulWHNEMMctHqH+C
7C1WqLGMrrEqGXmg5EZO0kbFVvBuYj4++CORleW68fTAt1Uj7VC9gzN32gHXhJeQ
YosEshH8/bFKm/N+TH1fsWk858qN64r6DsMF67ELOB0ZzSgnmSy4W7CpkTVcJndT
D+O+jLE2M/xtI/NRF0B8BGYGD27cv46BsypC3bt6jpw/74FyzQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:16 2025 by rpki-client