Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: LLbzJQ2IkeizPmWw+xeq1C9JCzdYBe+QYKzfoh9nOK8=
Subject key identifier: 3E:28:C7:7E:86:C7:F8:DE:8D:08:A0:15:93:21:98:F1:58:6F:32:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 145D68EE484D14F42012A50C5E6C8FC712556533
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Mon 17 Mar 2025 15:40:50 +0000
ROA not before: Mon 17 Mar 2025 15:40:50 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:5d:68:ee:48:4d:14:f4:20:12:a5:0c:5e:6c:8f:c7:12:55:65:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:50 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ca:47:dd:71:f3:15:df:37:08:84:b1:06:4a:
6f:19:6c:c2:f0:01:b0:8a:b1:ed:52:63:4c:28:e6:
61:99:db:b3:92:3d:63:0d:29:20:95:9e:89:53:5f:
ea:60:c4:8e:5c:b3:0f:56:f0:29:e1:b3:a2:c9:bc:
ea:7e:c2:3e:4a:05:b1:cc:bc:6a:5a:5f:e1:65:60:
38:f7:0a:95:30:5e:9d:e0:1a:e2:f1:3a:8f:41:6c:
bb:35:c2:cb:7b:a8:35:f0:4d:e0:3e:d3:17:b8:f0:
44:ab:2c:21:26:dc:62:73:d4:42:6b:6f:95:c7:e4:
73:0a:0f:64:b7:f3:75:dd:11:9e:52:0f:1b:c3:d2:
b9:97:bb:2f:46:46:ee:a6:df:6d:e3:fb:16:bb:23:
79:d2:5f:0c:1b:71:c0:d0:9d:43:09:c7:a7:5a:0e:
97:1a:78:e1:2b:c2:c3:9a:09:37:58:e1:03:ff:d2:
74:e0:cb:b5:eb:26:4c:c1:b4:36:fd:ab:97:e7:74:
f9:9d:ff:b1:bf:95:8d:44:23:5e:e2:8f:9a:8e:15:
52:d0:db:73:ad:46:ec:a6:ec:c9:8b:c4:a5:59:8d:
1f:3d:98:52:05:b2:cd:d5:c0:ae:ba:4f:e2:1f:cb:
91:ca:82:0c:69:f5:1a:e3:c6:b9:76:5a:76:43:4b:
87:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:28:C7:7E:86:C7:F8:DE:8D:08:A0:15:93:21:98:F1:58:6F:32:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
b8:ad:40:39:3e:1e:09:26:99:25:11:34:ad:87:e2:06:2d:8a:
e1:92:26:ce:ee:b3:8a:d2:93:3e:aa:a1:dc:d1:ed:04:8b:4e:
b4:7b:77:7f:da:c3:ae:2e:72:0a:1e:13:df:0c:78:a5:24:bd:
11:e1:00:83:aa:e5:6a:c9:68:56:8e:41:40:25:e9:82:b9:9f:
41:cf:0a:82:5f:89:0a:35:c6:55:9f:93:96:d4:db:c5:c2:e9:
bf:31:7e:f6:23:67:f4:1b:85:3f:1d:ab:c5:c7:fd:6d:2e:5a:
5a:6e:1b:5b:ce:cc:11:19:b2:d6:3d:b7:6b:77:2b:6d:03:ff:
f1:f9:c6:5d:1c:17:2e:d2:5f:27:fe:9c:78:c6:73:ba:38:df:
d1:11:e4:a3:46:a6:53:4f:de:a0:b3:20:6e:2a:b7:5a:a0:95:
2a:38:db:7d:90:5f:8d:09:3e:73:46:61:72:86:32:e9:57:5f:
3a:12:61:49:e9:3a:2c:61:8d:80:2b:84:d5:4b:7d:20:7a:79:
a3:46:74:51:6f:a1:76:a4:68:34:69:c4:f4:2a:44:82:10:e1:
a3:ee:48:45:fc:72:c1:90:fa:1f:6c:75:17:c6:c2:99:f6:9b:
78:e7:4c:7c:98:62:f5:bd:27:36:25:35:70:08:4e:66:a2:34:
54:a6:1e:95
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUFF1o7khNFPQgEqUMXmyPxxJVZTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwNTBaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwNzlhM2I3N2ViNjlhZGMzNjlhNmU1NmM4MDliM2Y4MGY2OThjMWZmM2Yw
ODgxZWZkMTdiN2RmNWM5YjUxMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrKR91x8xXfNwiEsQZKbxlswvABsIqx7VJjTCjmYZnbs5I9Yw0pIJWeiVNf
6mDEjlyzD1bwKeGzosm86n7CPkoFscy8alpf4WVgOPcKlTBeneAa4vE6j0FsuzXC
y3uoNfBN4D7TF7jwRKssISbcYnPUQmtvlcfkcwoPZLfzdd0RnlIPG8PSuZe7L0ZG
7qbfbeP7FrsjedJfDBtxwNCdQwnHp1oOlxp44SvCw5oJN1jhA//SdODLtesmTMG0
Nv2rl+d0+Z3/sb+VjUQjXuKPmo4VUtDbc61G7KbsyYvEpVmNHz2YUgWyzdXArrpP
4h/LkcqCDGn1GuPGuXZadkNLh/8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ+KMd+
hsf43o0IoBWTIZjxWG8yMTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBALitQDk+HgkmmSURNK2H4gYtiuGSJs7us4rSkz6q
odzR7QSLTrR7d3/aw64ucgoeE98MeKUkvRHhAIOq5WrJaFaOQUAl6YK5n0HPCoJf
iQo1xlWfk5bU28XC6b8xfvYjZ/QbhT8dq8XH/W0uWlpuG1vOzBEZstY9t2t3K20D
//H5xl0cFy7SXyf+nHjGc7o439ER5KNGplNP3qCzIG4qt1qglSo4232QX40JPnNG
YXKGMulXXzoSYUnpOixhjYArhNVLfSB6eaNGdFFvoXakaDRpxPQqRIIQ4aPuSEX8
csGQ+h9sdRfGwpn2m3jnTHyYYvW9JzYlNXAITmaiNFSmHpU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:15:09 2025 by rpki-client