Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
File: 79f828d9-a8c6-4d05-b291-d1f3154636f8.roa (raw, json)
Hash identifier: CiQE+LgqfUC3BCTM2Z/U9L9T4MaaIgVvw+5xMpGbh6w=
Subject key identifier: 49:2D:5F:40:D3:AF:F4:2B:B6:F9:D0:91:C7:A0:ED:74:40:EF:F7:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A863F50F252569F88EB27F579EBB29E116213B1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:86:3f:50:f2:52:56:9f:88:eb:27:f5:79:eb:b2:9e:11:62:13:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:43:cf:e8:34:24:fb:8b:41:ab:c1:ac:a3:30:
ee:46:fd:93:39:ce:3a:14:64:2f:34:e5:82:61:e8:
8c:0d:b9:65:d0:fd:a3:cf:db:c3:77:ac:8f:c6:1c:
2b:b9:ad:65:9e:45:b9:b6:68:a5:f2:b9:7a:cd:50:
ec:52:6d:69:fb:0b:c2:db:e7:f6:05:68:ed:1c:e8:
51:83:0a:31:42:dc:40:d0:f0:dd:7b:02:bf:f6:dc:
6f:ea:16:c2:44:75:d6:d1:1e:13:db:94:2b:7e:b2:
01:db:07:ff:a1:06:12:5a:05:b3:b6:68:6a:55:22:
40:45:17:03:90:87:f8:58:27:f0:f1:9f:a1:88:3c:
2b:76:5f:d9:46:b8:1b:e7:8c:54:d1:58:fd:f6:3f:
1e:99:13:a8:71:79:c2:d8:c4:39:cc:a4:37:5a:c7:
27:84:62:9b:79:a0:f7:7d:10:43:6c:71:a5:5e:cd:
63:bb:8e:e0:21:87:2a:d7:de:72:68:47:27:de:51:
47:fa:5a:f7:71:0d:b5:83:4e:05:fd:a7:61:45:8c:
45:8f:f5:55:16:ce:c4:40:be:76:d7:f8:6d:d1:20:
eb:54:c4:9d:6b:0a:c7:d9:19:4b:a1:d0:5b:56:fd:
6b:95:ab:54:27:f3:22:f0:38:45:04:96:9f:1a:64:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2D:5F:40:D3:AF:F4:2B:B6:F9:D0:91:C7:A0:ED:74:40:EF:F7:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:1e:25:b2:7b:32:d8:bc:e8:fe:5a:cb:f7:fd:40:5b:cb:57:
ae:ea:9b:ea:9e:58:a7:50:ff:ec:25:9a:99:c9:ff:d9:2b:c6:
19:11:e7:a8:39:a0:e1:6f:c3:68:9a:69:e6:2d:d4:ce:1f:7d:
30:a7:45:fa:f1:a8:47:05:6b:21:f1:f1:8d:59:96:45:fe:2d:
3c:25:a8:47:b0:8f:33:d7:57:40:d2:48:91:a6:3a:38:5e:d9:
3c:8a:67:73:7b:ec:7a:02:c6:c5:b9:99:fe:d1:f3:74:6b:dd:
dd:d7:59:ea:b9:60:9e:c9:0e:fb:a1:ff:f1:43:72:f0:77:74:
e9:7e:45:29:ac:a8:24:1b:28:7e:e4:12:38:15:de:e4:2a:f6:
5e:0a:be:66:1c:3e:7a:e4:e6:4f:38:0b:2b:14:f3:7e:1e:4b:
40:ac:56:4f:3a:01:44:e0:20:d7:a7:a6:c5:ef:9b:cf:6f:0e:
a7:4b:13:be:bd:39:37:de:05:2f:f9:78:0b:1f:7a:85:cb:95:
01:d9:9c:d3:52:a5:98:f7:5c:9d:e5:8c:7d:f2:08:97:c0:7a:
9d:5a:af:d9:cb:6e:bc:0c:16:d8:0d:d1:b8:21:c7:bd:58:9a:
30:ac:90:19:2e:7d:10:c8:e8:ba:07:80:c8:53:76:24:b4:3f:
60:7a:1f:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSoY/UPJSVp+I6yf1eeuynhFiE7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxOTM4YWQ5ZmY0MzAzOWUxNDI4ZmI5NTIzNTY0ZmJmOGZjYmRiNWZmZDVk
NDIyMzM5YjQyNWRjNTIyYjhkZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVDz+g0JPuLQavBrKMw7kb9kznOOhRkLzTlgmHojA25ZdD9o8/bw3esj8Yc
K7mtZZ5FubZopfK5es1Q7FJtafsLwtvn9gVo7RzoUYMKMULcQNDw3XsCv/bcb+oW
wkR11tEeE9uUK36yAdsH/6EGEloFs7ZoalUiQEUXA5CH+Fgn8PGfoYg8K3Zf2Ua4
G+eMVNFY/fY/HpkTqHF5wtjEOcykN1rHJ4Rim3mg930QQ2xxpV7NY7uO4CGHKtfe
cmhHJ95RR/pa93ENtYNOBf2nYUWMRY/1VRbOxEC+dtf4bdEg61TEnWsKx9kZS6HQ
W1b9a5WrVCfzIvA4RQSWnxpkUgMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRJLV9A
06/0K7b50JHHoO10QO/3gDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlmODI4ZDktYThjNi00ZDA1LWIyOTEtZDFmMzE1NDYzNmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQAwHiWyezLYvOj+Wsv3/UBby1eu6pvqnlinUP/sJZqZ
yf/ZK8YZEeeoOaDhb8NommnmLdTOH30wp0X68ahHBWsh8fGNWZZF/i08JahHsI8z
11dA0kiRpjo4Xtk8imdze+x6AsbFuZn+0fN0a93d11nquWCeyQ77of/xQ3Lwd3Tp
fkUprKgkGyh+5BI4Fd7kKvZeCr5mHD565OZPOAsrFPN+HktArFZPOgFE4CDXp6bF
75vPbw6nSxO+vTk33gUv+XgLH3qFy5UB2ZzTUqWY91yd5Yx98giXwHqdWq/Zy268
DBbYDdG4Ice9WJowrJAZLn0QyOi6B4DIU3YktD9geh8j
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:00:37 2025 by rpki-client