Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
File: 7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa (raw, json)
Hash identifier: 6MIGVjEIXNNtK6bSiMFAYbg3t8EMfFzkwzrwrL0JIlA=
Subject key identifier: 65:4F:4B:93:B1:CB:53:F3:CE:2B:ED:EA:5F:9F:F7:32:9A:F5:BB:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27F3F4AA03876C31E590A02C8777BE875E1B70BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:f3:f4:aa:03:87:6c:31:e5:90:a0:2c:87:77:be:87:5e:1b:70:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:84:d4:f6:d6:a0:33:64:78:36:d1:3a:44:6d:
b2:72:eb:5c:18:a2:8b:19:48:77:8c:b9:45:8c:cb:
90:f1:50:5c:d1:04:65:16:1b:1c:13:89:c7:9d:44:
ec:c0:8b:14:31:91:6a:14:86:04:ea:0c:e2:bc:3a:
30:60:1c:e2:be:f7:f1:09:35:d2:99:3f:b9:6f:f9:
c0:62:bf:f8:ae:e5:1d:c9:53:b5:c2:d1:6b:a6:55:
99:fc:37:f2:42:27:53:67:84:e0:14:92:d2:33:aa:
c7:61:32:cf:fa:44:10:c4:89:2b:ce:bc:2c:2f:aa:
75:ad:43:5b:43:0c:99:23:5c:69:8a:57:e5:65:22:
4a:fa:43:e3:6a:d9:6c:ba:e3:dd:70:99:8b:15:d8:
e5:fe:4f:7d:b1:84:d8:31:4b:ee:56:d6:be:d9:c7:
d3:06:28:e4:a3:aa:f7:88:85:b1:a3:b1:db:c1:9a:
00:ae:a8:06:a9:99:68:c5:53:3f:ae:11:9b:53:24:
a0:39:c5:9d:2a:3a:4d:b2:0c:20:43:05:47:b7:92:
aa:fa:33:8a:15:fa:fb:73:8d:a3:e7:7e:74:15:87:
39:99:57:1d:ed:9b:4f:5b:55:f4:f6:ad:a8:a5:36:
0c:7a:70:5e:49:2f:15:24:44:01:f2:27:f1:e2:51:
e7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4F:4B:93:B1:CB:53:F3:CE:2B:ED:EA:5F:9F:F7:32:9A:F5:BB:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
5f:4d:fe:b1:9e:6d:79:dd:8b:02:c0:46:4f:0d:7d:94:56:b4:
e4:70:07:78:43:2e:99:c1:9e:f5:57:21:53:e0:38:ba:49:89:
8e:45:da:5e:13:3a:dd:f5:ea:ab:4c:36:1b:46:c1:3e:12:e9:
80:a1:02:cf:5d:bf:28:54:5f:5c:9b:80:ec:9b:9f:d9:02:a7:
e7:f7:18:a5:03:38:56:2a:27:1e:a4:aa:a6:95:99:54:f4:f4:
b7:63:74:09:bd:76:5b:53:e4:5c:a6:84:9b:95:75:95:91:d4:
cd:13:df:d4:2a:3a:a2:c5:d4:3f:1b:98:46:62:29:86:f4:7f:
17:46:85:8c:76:7c:bf:d7:5a:9d:e4:d0:8b:9e:0f:29:7f:67:
28:3c:f9:b9:32:cd:01:f3:6c:02:f8:c5:53:1c:f9:35:e3:7d:
57:50:8e:d2:04:66:32:df:7e:8a:ec:9e:3a:67:80:93:ac:f1:
78:6e:2d:32:db:6b:2e:10:48:01:05:a6:59:05:aa:78:27:7b:
0c:67:64:89:cf:a0:4a:c3:fd:f7:77:28:b6:aa:b0:6a:d5:fe:
ea:11:d1:5c:3a:be:03:07:f1:29:a7:6c:b4:39:75:e5:6c:9b:
8b:64:43:24:49:c2:d2:88:fe:1f:e9:48:47:32:ec:90:0e:04:
63:00:ab:c3
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUJ/P0qgOHbDHlkKAsh3e+h14bcL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMDQzNjQ3NWQwMGNiMjAzNjUwMDM2MTM4NjU2ZGY2MGJiZDVkMjdiMjE1
NmI1YTQ4NmE0NTE5YWQ1M2JlNjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeE1PbWoDNkeDbROkRtsnLrXBiiixlId4y5RYzLkPFQXNEEZRYbHBOJx51E
7MCLFDGRahSGBOoM4rw6MGAc4r738Qk10pk/uW/5wGK/+K7lHclTtcLRa6ZVmfw3
8kInU2eE4BSS0jOqx2Eyz/pEEMSJK868LC+qda1DW0MMmSNcaYpX5WUiSvpD42rZ
bLrj3XCZixXY5f5PfbGE2DFL7lbWvtnH0wYo5KOq94iFsaOx28GaAK6oBqmZaMVT
P64Rm1MkoDnFnSo6TbIMIEMFR7eSqvozihX6+3ONo+d+dBWHOZlXHe2bT1tV9Pat
qKU2DHpwXkkvFSREAfIn8eJR518CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRlT0uT
sctT884r7epfn/cymvW7DTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U2M2IyNzgtYTZlOC00ZjM1LWIzN2QtZTJmZTMzYmIzNDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAF9N/rGebXndiwLARk8NfZRWtORwB3hDLpnBnvVX
IVPgOLpJiY5F2l4TOt316qtMNhtGwT4S6YChAs9dvyhUX1ybgOybn9kCp+f3GKUD
OFYqJx6kqqaVmVT09LdjdAm9dltT5FymhJuVdZWR1M0T39QqOqLF1D8bmEZiKYb0
fxdGhYx2fL/XWp3k0IueDyl/Zyg8+bkyzQHzbAL4xVMc+TXjfVdQjtIEZjLffors
njpngJOs8XhuLTLbay4QSAEFplkFqngnewxnZInPoErD/fd3KLaqsGrV/uoR0Vw6
vgMH8SmnbLQ5deVsm4tkQyRJwtKI/h/pSEcy7JAOBGMAq8M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:37:40 2025 by rpki-client