Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
File: 80ccbd73-b51e-4203-8083-8baaa848e6c9.roa (raw, json)
Hash identifier: Q5B5/7h6C7usMRNYsTUntV2Kj1HDFhf+cMlLd/MuV5A=
Subject key identifier: 44:7B:D6:8B:A7:75:E8:87:E9:83:B6:62:E7:87:01:01:F7:F7:CA:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24859C8EAA61CF9B5C3428AF6961D37F2F485C64
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:85:9c:8e:aa:61:cf:9b:5c:34:28:af:69:61:d3:7f:2f:48:5c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b4:a2:c4:a4:3f:fd:99:76:2a:fb:84:64:23:
7a:02:0b:6d:6b:92:e0:69:14:9e:7e:a9:bd:4c:39:
88:c8:b0:d3:ea:1d:b8:28:e5:e9:46:8f:f1:e3:a4:
61:73:6d:7b:1e:8c:1c:56:8c:f2:dc:37:79:4e:67:
83:88:3b:47:b6:38:b4:fd:36:ba:87:20:0c:36:50:
84:4f:4c:af:68:72:43:6b:d0:e5:0a:9e:a7:af:9a:
b4:f6:c1:a3:23:6d:f2:cb:6c:9e:bf:48:b5:80:28:
5d:62:c9:95:6f:38:f8:92:40:d5:4f:99:81:6d:05:
26:8b:21:46:bb:24:e7:7f:c0:6d:d1:de:89:2d:63:
40:20:ef:45:48:06:21:fe:dd:27:fd:bd:ef:ba:7e:
14:2b:3d:64:1a:97:34:60:95:05:0b:e0:f0:70:2a:
30:e7:e9:08:ba:10:54:ac:72:f8:e7:01:8f:a8:b7:
28:26:85:97:1f:6e:5a:ba:bb:08:f9:d1:46:9d:2e:
4f:aa:56:86:5d:c6:a8:26:9c:c1:b5:23:37:05:9f:
9b:6e:74:9b:df:7a:c6:ae:da:a3:9d:3b:62:6b:fd:
b5:7c:f8:9f:45:e7:78:dd:d7:a2:64:5f:bd:eb:ed:
1a:f9:3c:2d:77:37:2a:86:f6:ae:e8:2e:b3:87:27:
64:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7B:D6:8B:A7:75:E8:87:E9:83:B6:62:E7:87:01:01:F7:F7:CA:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:8f:6f:ed:ad:41:90:84:4f:16:35:bf:b0:b0:e3:71:70:3b:
82:fd:26:38:91:8e:c6:c9:74:e6:27:ed:b1:61:17:37:87:8a:
e5:a9:93:95:1c:e2:d1:29:10:ce:3b:5d:2f:a4:16:b0:23:0a:
fb:25:67:b0:09:c5:6a:41:38:50:a2:f9:73:7b:a6:15:e9:69:
7c:5d:8a:3e:c5:c8:b8:cc:ab:4f:3d:87:3e:5a:a3:8e:9f:f8:
a0:8b:cc:51:04:2a:1a:90:26:8f:78:41:b2:b1:d8:7b:11:83:
5f:71:34:c9:c0:f2:d3:e5:f1:05:cb:c6:35:77:61:24:43:b5:
34:01:7c:df:6c:38:f8:2e:f1:d0:e1:d8:78:c1:18:62:c0:67:
80:4f:60:b9:69:0d:1f:5b:66:20:4c:5f:64:1f:6d:04:cd:b9:
22:4a:8e:f4:cd:bb:a9:58:de:7f:25:4f:39:76:2f:d3:d9:6f:
a2:c0:26:a5:84:f3:d5:b5:f4:10:29:c2:3c:94:be:3e:51:b6:
5f:05:b5:99:c0:cf:2d:f8:ad:b2:1e:11:b4:d4:c1:b6:83:e3:
88:26:49:de:3f:6d:7b:dd:f6:f6:45:3d:8c:f4:0d:dd:e8:18:
ad:85:6a:fc:a9:e6:2c:39:d9:52:46:a5:6e:98:96:8f:91:39:
2c:5c:3b:29
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJIWcjqphz5tcNCivaWHTfy9IXGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNjI0OGJjZGRjOTBiOWI2MDZhYTBjZjIxYjgwOWVhYzNhODFmNTIyZjFk
Y2M4MjdiNDY2YjE2OWM1ODQzMmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANe0osSkP/2Zdir7hGQjegILbWuS4GkUnn6pvUw5iMiw0+oduCjl6UaP8eOk
YXNtex6MHFaM8tw3eU5ng4g7R7Y4tP02uocgDDZQhE9Mr2hyQ2vQ5Qqep6+atPbB
oyNt8stsnr9ItYAoXWLJlW84+JJA1U+ZgW0FJoshRrsk53/AbdHeiS1jQCDvRUgG
If7dJ/2977p+FCs9ZBqXNGCVBQvg8HAqMOfpCLoQVKxy+OcBj6i3KCaFlx9uWrq7
CPnRRp0uT6pWhl3GqCacwbUjNwWfm250m996xq7ao507Ymv9tXz4n0XneN3XomRf
vevtGvk8LXc3Kob2rugus4cnZHcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBREe9aL
p3Xoh+mDtmLnhwEB9/fK3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBjY2JkNzMtYjUxZS00MjAzLTgwODMtOGJhYWE4NDhlNmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEATY9v7a1BkIRPFjW/sLDjcXA7gv0mOJGOxsl05ift
sWEXN4eK5amTlRzi0SkQzjtdL6QWsCMK+yVnsAnFakE4UKL5c3umFelpfF2KPsXI
uMyrTz2HPlqjjp/4oIvMUQQqGpAmj3hBsrHYexGDX3E0ycDy0+XxBcvGNXdhJEO1
NAF832w4+C7x0OHYeMEYYsBngE9guWkNH1tmIExfZB9tBM25IkqO9M27qVjefyVP
OXYv09lvosAmpYTz1bX0ECnCPJS+PlG2XwW1mcDPLfitsh4RtNTBtoPjiCZJ3j9t
e9329kU9jPQN3egYrYVq/KnmLDnZUkalbpiWj5E5LFw7KQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:41 2025 by rpki-client