Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: U9yK95BjD2XsA8272faAjIIUXSqng0bYL50QFstPg7A=
Subject key identifier: BB:7B:3C:B2:B6:B3:99:E5:AC:3D:DE:8C:BD:9F:42:78:44:DE:03:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E0156C814F38ADF144DA19952FBB299725294CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Mon 17 Mar 2025 15:40:47 +0000
ROA not before: Mon 17 Mar 2025 15:40:47 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:01:56:c8:14:f3:8a:df:14:4d:a1:99:52:fb:b2:99:72:52:94:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:47 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c3:75:9a:e6:6d:5f:df:26:29:79:78:a9:02:
66:7b:75:72:0d:59:1a:5a:6b:60:6f:dc:65:ec:f6:
a4:d1:03:07:11:dc:1d:3f:1f:ff:91:09:e1:fd:5b:
5d:8e:a0:63:f9:83:44:4c:c1:50:14:c2:b0:ac:49:
5c:56:bf:f0:64:e5:77:13:2b:f9:d2:af:96:84:e7:
b8:1e:2e:f9:86:57:d7:e6:29:be:3f:c0:19:d6:5f:
d0:de:2d:46:f6:f9:96:5f:0b:21:89:33:b4:42:f9:
d0:64:b8:6e:bb:75:0a:9e:de:65:29:37:0c:7f:83:
38:cc:9d:1c:44:75:04:b4:b1:a1:4f:39:c9:c9:2c:
29:7c:cc:df:09:b9:e0:6a:a4:5d:c7:66:05:b8:64:
48:6a:df:a7:ae:f0:1e:10:c7:1f:70:6b:85:a6:2f:
aa:77:9d:46:b4:41:25:7c:22:31:ab:b1:d7:e9:0a:
93:94:4b:de:63:0e:d2:a2:d5:b4:45:8e:85:12:64:
81:ff:ec:35:c0:ad:1a:53:9d:21:92:79:e3:d1:99:
55:20:cc:9b:d8:ac:78:25:ec:d2:0c:70:c9:ec:23:
be:45:f7:e7:f9:03:0c:a6:48:e8:d2:6f:f1:f6:9b:
dc:c7:1b:1c:f4:5a:be:67:0c:33:7c:60:7d:74:a3:
0a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7B:3C:B2:B6:B3:99:E5:AC:3D:DE:8C:BD:9F:42:78:44:DE:03:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
af:97:3a:33:1f:6d:89:c3:c7:d8:f2:3b:29:1a:95:5e:90:ac:
04:0f:cd:81:14:67:fb:dd:2f:a1:5e:98:3d:a8:95:bb:1f:81:
bb:9e:50:81:79:3f:a9:48:33:4d:c7:7c:8a:84:d4:4f:53:74:
13:91:d3:34:f5:5f:df:12:b1:f1:b2:b6:34:c6:15:8e:23:7b:
b9:64:b5:ee:fe:35:18:05:43:6f:c7:40:9c:39:17:8e:c2:7b:
d5:a8:66:78:e1:d2:58:da:74:4a:08:a1:39:01:40:cc:2c:68:
0e:6b:df:f6:a4:bb:90:0c:ed:1e:a2:01:e2:78:d7:e8:ab:0a:
fb:29:b9:df:f2:a4:23:1f:12:85:6c:d9:6f:14:1b:5b:c4:0e:
4a:4a:e1:b0:8e:a5:af:40:56:40:8a:e5:96:0d:57:8b:18:87:
f1:2d:6c:34:0e:ed:50:6b:60:1c:90:26:22:a2:64:8b:99:aa:
a0:7f:83:4c:82:a9:71:34:57:5d:d8:92:48:65:62:0e:1e:e9:
91:88:31:48:be:21:6d:ac:f6:87:f4:cc:63:c3:8f:61:5e:62:
a5:33:6b:0a:51:97:d3:dc:86:bc:7f:19:a1:a7:11:93:96:46:
cb:dc:46:2d:8d:d8:c6:b5:b6:4b:87:5e:c1:32:77:63:df:9d:
d7:de:1a:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPgFWyBTzit8UTaGZUvuymXJSlM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwNDdaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ODg4ZTZkYTIwYjg2ZWM2MGNkODY3ZDFlODE0NDg2YjAwY2M4ZWNiMTRm
ZTBkZGIxMzhlMzUxNGIxYzc2ZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7DdZrmbV/fJil5eKkCZnt1cg1ZGlprYG/cZez2pNEDBxHcHT8f/5EJ4f1b
XY6gY/mDREzBUBTCsKxJXFa/8GTldxMr+dKvloTnuB4u+YZX1+Ypvj/AGdZf0N4t
Rvb5ll8LIYkztEL50GS4brt1Cp7eZSk3DH+DOMydHER1BLSxoU85ycksKXzM3wm5
4GqkXcdmBbhkSGrfp67wHhDHH3BrhaYvqnedRrRBJXwiMaux1+kKk5RL3mMO0qLV
tEWOhRJkgf/sNcCtGlOdIZJ549GZVSDMm9iseCXs0gxwyewjvkX35/kDDKZI6NJv
8fab3McbHPRavmcMM3xgfXSjCskCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS7ezyy
trOZ5aw93oy9n0J4RN4DGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAr5c6Mx9ticPH2PI7KRqVXpCsBA/NgRRn+90voV6Y
PaiVux+Bu55QgXk/qUgzTcd8ioTUT1N0E5HTNPVf3xKx8bK2NMYVjiN7uWS17v41
GAVDb8dAnDkXjsJ71ahmeOHSWNp0SgihOQFAzCxoDmvf9qS7kAztHqIB4njX6KsK
+ym53/KkIx8ShWzZbxQbW8QOSkrhsI6lr0BWQIrllg1XixiH8S1sNA7tUGtgHJAm
IqJki5mqoH+DTIKpcTRXXdiSSGViDh7pkYgxSL4hbaz2h/TMY8OPYV5ipTNrClGX
09yGvH8ZoacRk5ZGy9xGLY3YxrW2S4dewTJ3Y9+d194aLA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:19 2025 by rpki-client