Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
File: 5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa (raw, json)
Hash identifier: tFFSwSDXpuhePwE/8+EI7cJgIKUDbfEj8KcIqDiZLLI=
Subject key identifier: A4:64:7E:23:88:74:96:E8:F0:96:0A:32:74:29:1D:32:C1:F5:89:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65B5C7B06C1915C52BB42D1CA2BB088F8C37BE3B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b5:c7:b0:6c:19:15:c5:2b:b4:2d:1c:a2:bb:08:8f:8c:37:be:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:53:27:9f:cb:80:a6:64:ba:fc:92:da:d2:4e:
37:5d:15:2a:70:d9:a8:03:7c:39:19:cc:af:02:ed:
b4:23:76:fa:98:e2:16:7c:63:9c:27:eb:f1:fd:a0:
7a:03:5e:54:8a:84:93:74:ce:64:bb:64:12:30:40:
9e:8d:dd:d0:be:35:18:4d:fd:fe:a0:36:62:f3:83:
9d:20:7f:af:90:c9:5b:9a:df:65:b7:33:67:fe:81:
97:7a:d5:e3:bf:ec:68:51:6c:00:20:d1:b7:4e:f7:
56:ce:96:59:fd:9e:96:ec:61:fc:82:a7:3e:88:15:
c5:6e:27:d0:1a:a0:75:46:24:dd:99:d0:5d:ca:47:
ba:9b:93:60:37:78:87:89:4c:72:d6:1c:7f:3a:84:
cd:fe:2c:cc:57:a5:df:aa:4a:7e:0e:b9:c9:52:b2:
ca:e2:73:02:b1:4c:6f:ad:41:36:ea:4e:6e:8d:64:
b1:b5:ae:a5:12:f5:3c:e8:0c:a0:b9:36:7c:dc:af:
32:6f:5a:85:75:98:08:d1:be:3c:46:62:f7:1b:cc:
57:d1:5f:66:26:c6:2c:64:6e:34:1d:2f:a1:3e:b8:
6a:08:39:78:eb:d1:e0:21:b3:c3:87:46:f3:7d:64:
cc:a8:70:67:c4:f7:a8:2f:6b:92:d0:45:cf:d8:b1:
ac:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:64:7E:23:88:74:96:E8:F0:96:0A:32:74:29:1D:32:C1:F5:89:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:21:7f:ed:8a:7c:9d:49:01:73:a6:d1:ef:0b:b0:ba:1e:8c:
f3:11:14:b8:33:f3:18:48:14:bb:d9:2b:36:10:4c:a4:9e:05:
47:9c:f9:e2:a6:09:32:81:45:ac:79:bf:7d:58:5a:ff:80:b5:
04:a6:ae:0b:d0:04:50:69:94:b1:67:93:89:bf:33:bc:07:1b:
7b:20:2c:e2:8f:2e:67:29:17:d5:67:4c:cc:68:54:13:2d:bd:
f2:fe:54:50:44:d0:75:b2:f5:55:77:6e:41:d6:a6:df:c4:45:
ff:98:69:c2:ab:71:ea:0e:e1:3e:99:51:e3:0c:82:6e:29:c2:
f9:9b:38:cc:7f:51:e2:df:de:fc:0c:84:98:57:2d:58:e7:31:
8a:56:7e:c0:94:be:87:21:c6:d5:93:30:40:73:f4:77:61:92:
3c:fe:80:1e:b9:da:09:24:33:4e:52:5a:e7:d7:f2:86:b4:89:
84:a1:c3:9d:48:59:c6:c7:74:6b:98:f1:11:26:1a:15:05:fa:
a8:f8:20:fe:74:11:a3:f6:ae:94:95:49:f7:9a:f0:b7:b9:ca:
98:90:d1:8d:15:9a:e0:08:51:dc:8e:87:8b:78:b4:bb:1e:4e:
ec:11:cb:82:88:f8:46:fe:7c:a3:bc:ee:1a:72:f2:c2:57:bb:
f0:a0:7a:9b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZbXHsGwZFcUrtC0corsIj4w3vjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ODlkMzQxMWY3NWM4Nzc0MDE0NTBiZjMxMzZmN2FlM2MyOTkzMmM4NGYw
ZTZjMDY5ZmFkZDRlZTRhYTAyOTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxTJ5/LgKZkuvyS2tJON10VKnDZqAN8ORnMrwLttCN2+pjiFnxjnCfr8f2g
egNeVIqEk3TOZLtkEjBAno3d0L41GE39/qA2YvODnSB/r5DJW5rfZbczZ/6Bl3rV
47/saFFsACDRt073Vs6WWf2eluxh/IKnPogVxW4n0BqgdUYk3ZnQXcpHupuTYDd4
h4lMctYcfzqEzf4szFel36pKfg65yVKyyuJzArFMb61BNupObo1ksbWupRL1POgM
oLk2fNyvMm9ahXWYCNG+PEZi9xvMV9FfZibGLGRuNB0voT64agg5eOvR4CGzw4dG
831kzKhwZ8T3qC9rktBFz9ixrGcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSkZH4j
iHSW6PCWCjJ0KR0ywfWJfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWVmNDg2YzAtNmIxNS00MjllLThiNTYtNWZiNWJjOTQ5MGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAJ4hf+2KfJ1JAXOm0e8LsLoejPMRFLgz8xhIFLvZ
KzYQTKSeBUec+eKmCTKBRax5v31YWv+AtQSmrgvQBFBplLFnk4m/M7wHG3sgLOKP
LmcpF9VnTMxoVBMtvfL+VFBE0HWy9VV3bkHWpt/ERf+YacKrceoO4T6ZUeMMgm4p
wvmbOMx/UeLf3vwMhJhXLVjnMYpWfsCUvochxtWTMEBz9Hdhkjz+gB652gkkM05S
WufX8oa0iYShw51IWcbHdGuY8REmGhUF+qj4IP50EaP2rpSVSfea8Le5ypiQ0Y0V
muAIUdyOh4t4tLseTuwRy4KI+Eb+fKO87hpy8sJXu/Cgeps=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:18:59 2025 by rpki-client