Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: hKDEXco+DF82dc0BHDB1/540XHCaZbPk+4QqTzBPAec=
Subject key identifier: F5:98:B7:98:11:D1:E6:9F:2C:28:1B:6C:81:C1:B2:D0:E0:27:2E:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E33B4686ED9F021A41A6C2ED83EBF834F7C3F86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Wed 05 Mar 2025 17:50:05 +0000
ROA not before: Wed 05 Mar 2025 17:50:05 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:33:b4:68:6e:d9:f0:21:a4:1a:6c:2e:d8:3e:bf:83:4f:7c:3f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:50:05 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:42:9a:ac:1f:e3:bc:79:ea:10:2c:42:d4:18:
32:68:04:7b:42:9d:b5:1c:7a:9a:d9:84:38:92:3a:
3b:54:82:19:50:15:00:35:22:57:84:ae:a2:08:fa:
55:3c:bd:94:82:a4:62:f9:cd:2a:8d:a3:e9:9e:ed:
1c:20:43:0a:4b:65:29:da:8b:99:4c:1b:9e:ed:ce:
e2:c5:e7:6d:4e:29:1d:ec:17:46:39:b0:23:c6:ff:
bf:bc:cb:19:0d:1b:29:78:92:22:73:72:9e:04:f5:
7d:6f:90:a2:32:aa:a5:ae:25:f3:42:69:6e:fe:16:
4e:44:1c:8d:16:2e:30:7c:7c:97:a9:36:a3:a0:b6:
77:88:dd:21:5b:a8:33:51:71:41:d1:b4:6a:56:ba:
9a:38:04:8a:31:fa:bf:97:4a:d9:5e:f6:38:85:1a:
93:c2:9f:de:d1:c1:03:68:d0:d1:3e:84:2e:d2:17:
54:5b:f2:6f:e5:45:d7:6f:f4:4f:26:26:65:e6:f9:
f3:94:9d:1f:a3:5c:e5:6e:d7:b8:94:79:af:a9:f3:
b7:8c:21:07:06:ec:c2:a6:6e:19:98:d5:9f:ce:81:
3c:93:65:6b:4e:73:83:ae:c9:7a:2d:e5:90:c6:94:
7d:7b:20:73:5e:3b:16:ae:a2:13:46:ed:92:a9:56:
8d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:98:B7:98:11:D1:E6:9F:2C:28:1B:6C:81:C1:B2:D0:E0:27:2E:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
36:3f:fb:58:23:dc:fa:00:1c:df:a4:4e:bf:8e:bf:fb:4b:db:
c7:ac:d3:9b:b2:40:00:11:36:06:c0:78:a9:33:23:40:de:64:
9b:5a:26:30:be:70:68:aa:90:b7:93:94:15:6b:26:81:c9:04:
00:f9:f5:d6:5b:a5:ea:91:f0:5e:74:a9:97:39:ff:16:c8:d2:
a6:e6:e8:2c:ea:4c:c6:58:3b:01:e8:f5:79:58:64:18:34:e0:
90:9a:45:2c:8c:72:c7:50:e7:7f:3d:e7:11:62:ad:05:40:12:
b3:b5:52:d0:37:75:ee:80:9d:95:d4:fd:15:51:30:f7:35:80:
35:bb:c2:69:40:ae:09:27:bb:c8:a4:c4:37:3c:d0:f6:7f:31:
c4:1b:d5:0a:d9:ad:43:b1:22:90:56:e9:68:f8:88:b9:c7:64:
39:70:a5:08:01:8a:1a:de:1f:cf:b0:ba:3f:bc:64:3c:b8:ac:
3f:1d:dd:6e:c9:3e:71:02:0a:05:70:39:49:ef:42:2c:6f:7d:
15:2c:9f:c9:0b:9e:a8:6f:a5:0a:28:68:1f:2f:c7:ce:8c:81:
a5:58:61:58:7e:37:ba:7a:a5:8f:49:3a:45:8d:b3:fb:2e:24:
77:00:cd:33:cf:10:eb:ae:b9:c8:5e:a5:5e:76:0c:71:c8:bf:
50:21:30:0e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXjO0aG7Z8CGkGmwu2D6/g098P4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUwMDVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMzYzNjkxOTU3NDA2MGNjNDQzNzkwMDAwYzUxYTIwNmVkNTliNTYyZGVj
ZjQwZDU4OTllZDE4MmMxOGM5NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlCmqwf47x56hAsQtQYMmgEe0KdtRx6mtmEOJI6O1SCGVAVADUiV4Suogj6
VTy9lIKkYvnNKo2j6Z7tHCBDCktlKdqLmUwbnu3O4sXnbU4pHewXRjmwI8b/v7zL
GQ0bKXiSInNyngT1fW+QojKqpa4l80Jpbv4WTkQcjRYuMHx8l6k2o6C2d4jdIVuo
M1FxQdG0ala6mjgEijH6v5dK2V72OIUak8Kf3tHBA2jQ0T6ELtIXVFvyb+VF12/0
TyYmZeb585SdH6Nc5W7XuJR5r6nzt4whBwbswqZuGZjVn86BPJNla05zg67Jei3l
kMaUfXsgc147Fq6iE0btkqlWjT0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT1mLeY
EdHmnywoG2yBwbLQ4CcuejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBADY/+1gj3PoAHN+kTr+Ov/tL28es05uyQAARNgbA
eKkzI0DeZJtaJjC+cGiqkLeTlBVrJoHJBAD59dZbpeqR8F50qZc5/xbI0qbm6Czq
TMZYOwHo9XlYZBg04JCaRSyMcsdQ53895xFirQVAErO1UtA3de6AnZXU/RVRMPc1
gDW7wmlArgknu8ikxDc80PZ/McQb1QrZrUOxIpBW6Wj4iLnHZDlwpQgBihreH8+w
uj+8ZDy4rD8d3W7JPnECCgVwOUnvQixvfRUsn8kLnqhvpQooaB8vx86MgaVYYVh+
N7p6pY9JOkWNs/suJHcAzTPPEOuuuchepV52DHHIv1AhMA4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:49:59 2025 by rpki-client