Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
File: 73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa (raw, json)
Hash identifier: ocdvHAPf6kJIELC0L+HS9SEk7W1AFJsNXupSGJjCvrU=
Subject key identifier: 6F:6B:EB:C7:3E:2E:E5:A0:A0:22:90:F1:15:EC:5B:B2:77:7F:F5:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C524DECBCF6CE567BF7029A5FFC65EB836199AC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:52:4d:ec:bc:f6:ce:56:7b:f7:02:9a:5f:fc:65:eb:83:61:99:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d8:02:86:79:03:3b:d0:84:2f:9d:d4:59:03:
16:92:ed:19:27:a8:0b:6c:54:9c:e9:30:c9:ab:da:
89:14:ef:19:57:7b:03:c9:15:24:50:a3:6f:c8:e5:
6e:6e:20:15:30:61:02:99:d3:52:34:94:7b:15:3a:
a8:83:56:51:a3:37:3d:18:3e:a1:3d:45:61:cc:a0:
cb:ff:58:c2:e4:9e:0d:98:b6:d2:6a:c2:1c:e5:ed:
a1:4a:06:5e:05:f9:cc:3f:ad:94:22:26:ca:39:c1:
13:e9:d6:5a:c9:16:8a:bc:7a:5a:9e:2a:e7:c7:01:
11:4e:ce:a5:1f:13:10:31:a8:28:07:29:79:33:45:
61:ed:6e:ea:d8:67:5f:0d:62:45:e3:fc:62:51:2b:
37:de:ad:e3:4f:7f:e7:86:85:5e:8c:fd:b8:d8:aa:
d3:c4:03:3a:94:10:ff:20:8f:ad:ca:cf:62:70:1f:
d1:cb:c4:16:af:73:8b:29:af:30:0b:bb:7d:a0:23:
8c:e4:ce:86:6d:3a:90:aa:b2:1e:d4:02:7e:c2:0d:
f8:15:46:40:7b:26:9b:f7:7b:33:13:7d:ae:b3:05:
c8:c4:01:b1:82:4c:fc:e1:71:ea:a9:64:1a:f6:eb:
e2:9c:52:c2:95:e2:25:6c:ea:0b:fa:66:f2:28:c1:
a9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:EB:C7:3E:2E:E5:A0:A0:22:90:F1:15:EC:5B:B2:77:7F:F5:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c0:fe:eb:75:86:13:83:43:20:32:9b:49:83:61:e7:fc:c1:d4:
56:82:88:ca:00:14:3a:5a:e4:f0:8f:06:00:cb:46:bf:39:01:
2b:fe:b9:b2:98:46:5c:54:79:b5:ea:1e:b6:cb:28:8f:c6:7a:
ed:bd:3f:36:2e:98:ec:f5:10:da:57:4e:66:87:0c:d2:2a:0f:
aa:f7:db:31:84:eb:77:c8:5f:cf:65:22:c6:53:42:89:7b:ae:
47:d3:71:2b:18:17:b4:79:d9:99:b8:3b:8d:fd:73:14:42:28:
68:97:81:9a:5a:07:04:fc:c3:56:56:d8:69:d1:47:d1:f1:58:
62:07:de:17:09:8a:0a:f5:fc:9c:63:af:64:aa:01:12:0b:93:
8f:c2:60:cf:78:cd:3e:67:e2:de:7e:3e:b8:7d:02:89:23:e0:
b8:fa:83:0f:b5:71:53:bf:d3:3d:20:85:1a:aa:d1:b3:b5:57:
8c:a9:12:09:f9:03:0a:ad:07:58:d5:a0:20:09:1e:80:b9:98:
63:39:8a:d9:02:8e:3f:04:13:60:46:ee:e8:ff:ab:91:03:4a:
26:b0:d5:47:18:e7:ca:b2:46:89:00:d3:31:ba:02:e0:01:b4:
8a:67:20:7e:2b:92:65:09:87:75:19:4c:c8:a6:bd:dd:ec:4a:
1f:1b:e2:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXFJN7Lz2zlZ79wKaX/xl64NhmawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDczYzcyYjc2YTkyYWQ2MzM4ZmMwNDk2YzBhNGVmZmQzMzU1ZjQ5Y2Y0OTU0
MGJmNTViODUxMWMyZWY5MTJkMmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbYAoZ5AzvQhC+d1FkDFpLtGSeoC2xUnOkwyavaiRTvGVd7A8kVJFCjb8jl
bm4gFTBhApnTUjSUexU6qINWUaM3PRg+oT1FYcygy/9YwuSeDZi20mrCHOXtoUoG
XgX5zD+tlCImyjnBE+nWWskWirx6Wp4q58cBEU7OpR8TEDGoKAcpeTNFYe1u6thn
Xw1iReP8YlErN96t409/54aFXoz9uNiq08QDOpQQ/yCPrcrPYnAf0cvEFq9ziymv
MAu7faAjjOTOhm06kKqyHtQCfsIN+BVGQHsmm/d7MxN9rrMFyMQBsYJM/OFx6qlk
Gvbr4pxSwpXiJWzqC/pm8ijBqYECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRva+vH
Pi7loKAikPEV7Fuyd3/1GzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzNlZTI0NzItN2NhZi00N2I1LWIyZmYtMTVhYjZmNTQxMjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQDA/ut1hhODQyAym0mDYef8wdRWgojKABQ6WuTwjwYA
y0a/OQEr/rmymEZcVHm16h62yyiPxnrtvT82Lpjs9RDaV05mhwzSKg+q99sxhOt3
yF/PZSLGU0KJe65H03ErGBe0edmZuDuN/XMUQihol4GaWgcE/MNWVthp0UfR8Vhi
B94XCYoK9fycY69kqgESC5OPwmDPeM0+Z+Lefj64fQKJI+C4+oMPtXFTv9M9IIUa
qtGztVeMqRIJ+QMKrQdY1aAgCR6AuZhjOYrZAo4/BBNgRu7o/6uRA0omsNVHGOfK
skaJANMxugLgAbSKZyB+K5JlCYd1GUzIpr3d7EofG+LI
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:31:49 2025 by rpki-client