Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
File: 5bf13655-f776-45ba-8cff-e3d853dce89d.roa (raw, json)
Hash identifier: sblMp2bwIEaoYC8Axx1Qk7e4yIdR/s/E1qT8iXDuNBI=
Subject key identifier: 62:A1:C1:E3:A1:FF:1E:1C:5A:D9:14:D0:5F:D9:92:03:7F:A8:1A:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63927FD378706F17E1B289F75DAF5FF1C764A2A4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:92:7f:d3:78:70:6f:17:e1:b2:89:f7:5d:af:5f:f1:c7:64:a2:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ee:f2:22:6c:01:9d:2b:9f:ed:a5:7e:e8:ec:
69:1a:c7:56:7b:00:78:b0:b4:24:65:9c:7a:80:07:
5f:12:eb:cf:2c:d8:d8:24:2f:a4:7e:98:33:d4:3e:
ce:c2:29:c9:4d:b6:44:00:be:f4:4e:f4:b3:4c:48:
07:54:51:84:ce:75:27:8a:af:50:41:ae:46:aa:21:
bb:b4:4c:d0:0f:75:24:3b:34:9c:75:bc:55:fb:e4:
3a:61:b9:3b:bf:f4:2b:9d:b3:83:26:59:65:89:11:
b2:a5:24:b0:61:cd:bf:3b:82:fd:5f:88:bb:c8:a4:
19:ff:0b:22:25:85:5a:d3:97:43:85:15:83:48:70:
ba:5f:3e:72:fc:1a:7b:30:68:62:42:e5:85:05:aa:
dd:ea:c0:52:23:7a:8f:88:ee:69:cb:f5:39:56:ac:
61:50:32:aa:cd:86:9f:7e:29:ff:96:22:4d:99:db:
17:99:f9:ad:6d:b1:2e:77:65:8c:da:45:a1:f6:86:
34:6d:17:4f:98:40:72:e4:29:14:51:f5:79:db:8a:
94:48:4f:3e:d6:d0:49:d1:40:2d:97:0a:35:46:07:
76:10:83:78:38:58:a5:4d:da:68:45:39:b8:b5:c1:
9c:42:db:99:94:3d:ed:af:2a:9f:74:dd:0d:01:c5:
ff:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A1:C1:E3:A1:FF:1E:1C:5A:D9:14:D0:5F:D9:92:03:7F:A8:1A:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
40:26:00:e3:b1:ce:93:7b:d6:f3:61:c3:51:d3:9d:bc:cd:a1:
5f:45:47:79:af:b9:a2:a5:c8:e9:43:9e:ca:58:d3:39:2f:60:
a4:ad:26:c2:b9:a7:9c:7d:0f:e9:06:cf:b7:59:b3:fe:84:f7:
fb:e9:b7:61:a7:8e:92:36:ef:c7:01:c0:08:3c:75:1d:c3:6d:
21:5c:1d:83:e9:c6:2d:c5:6c:0a:ec:ae:4b:41:a9:d2:e1:3e:
21:a1:38:f7:dd:94:71:a5:52:b7:50:61:2a:da:a9:17:f6:1b:
1f:b9:a6:41:aa:ac:b0:13:c5:8c:6d:b5:b3:0a:1c:72:a5:a8:
23:09:9e:9d:b2:b9:9c:cc:ef:a0:94:e6:82:95:07:8f:d8:af:
34:6d:8e:39:29:f5:3e:68:f1:12:e3:4c:97:8c:e1:e6:7c:27:
cc:15:2e:8d:11:1f:ad:c1:60:fb:20:a2:3e:d8:65:43:38:a7:
92:4f:7d:fa:e2:7b:e5:48:03:c4:ea:61:f3:4f:b1:83:e0:3f:
f5:ca:02:11:65:0d:cd:97:5d:8b:31:60:2e:eb:93:e4:cd:0f:
84:40:ee:53:b1:76:74:cd:d0:ad:71:36:7e:9b:2b:93:07:4a:
5b:f5:95:44:0c:56:7d:12:25:33:25:ed:58:c4:4b:03:26:4f:
75:40:d4:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY5J/03hwbxfhson3Xa9f8cdkoqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2ZTRlZWM3ODhhNDVhZjY0OGZjNDkxYzE4NzI2OGFmMjc3MjZkYzgwOGE4
ZGM5Y2ZkMTkyYjQwZmM0MDU5MmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3u8iJsAZ0rn+2lfujsaRrHVnsAeLC0JGWceoAHXxLrzyzY2CQvpH6YM9Q+
zsIpyU22RAC+9E70s0xIB1RRhM51J4qvUEGuRqohu7RM0A91JDs0nHW8VfvkOmG5
O7/0K52zgyZZZYkRsqUksGHNvzuC/V+Iu8ikGf8LIiWFWtOXQ4UVg0hwul8+cvwa
ezBoYkLlhQWq3erAUiN6j4juacv1OVasYVAyqs2Gn34p/5YiTZnbF5n5rW2xLndl
jNpFofaGNG0XT5hAcuQpFFH1eduKlEhPPtbQSdFALZcKNUYHdhCDeDhYpU3aaEU5
uLXBnELbmZQ97a8qn3TdDQHF/ykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRiocHj
of8eHFrZFNBf2ZIDf6ga3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJmMTM2NTUtZjc3Ni00NWJhLThjZmYtZTNkODUzZGNlODlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAQCYA47HOk3vW82HDUdOdvM2hX0VHea+5oqXI6UOe
yljTOS9gpK0mwrmnnH0P6QbPt1mz/oT3++m3YaeOkjbvxwHACDx1HcNtIVwdg+nG
LcVsCuyuS0Gp0uE+IaE4992UcaVSt1BhKtqpF/YbH7mmQaqssBPFjG21swoccqWo
IwmenbK5nMzvoJTmgpUHj9ivNG2OOSn1PmjxEuNMl4zh5nwnzBUujREfrcFg+yCi
PthlQzinkk99+uJ75UgDxOph80+xg+A/9coCEWUNzZddizFgLuuT5M0PhEDuU7F2
dM3QrXE2fpsrkwdKW/WVRAxWfRIlMyXtWMRLAyZPdUDUdA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:42:11 2025 by rpki-client