Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
File: 8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa (raw, json)
Hash identifier: P/ujioo5ptdz6mFBENEmcctAqgpiAHAHog301DtkTqU=
Subject key identifier: 4B:7E:76:64:49:5F:43:BB:69:86:C8:F7:F1:7B:44:CD:94:27:D4:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0581759B47D4FB910C4D5CC714641708364293E4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:81:75:9b:47:d4:fb:91:0c:4d:5c:c7:14:64:17:08:36:42:93:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d8:7f:73:45:b9:1a:28:7f:fc:ed:fc:c5:2e:
1b:59:63:02:6a:38:de:ab:04:03:8a:56:bd:94:4d:
51:ff:da:0d:a1:61:3e:55:f2:e7:15:d3:25:a9:d8:
9e:04:9e:20:70:90:59:1d:9b:68:65:56:b8:2f:5f:
1e:4a:bc:26:a7:71:91:a6:ec:5b:8d:f7:bd:41:1b:
7d:3e:ef:29:c8:09:77:8a:6c:74:fe:b4:56:53:80:
c9:d9:77:58:88:98:1e:06:f2:bc:d1:f7:bf:9c:92:
b0:82:7c:01:9a:7a:9a:25:ab:29:fb:bc:0f:18:98:
69:99:4a:f2:6b:32:58:58:a6:b6:5b:f3:b4:7e:9f:
2a:7e:e6:f2:49:0c:81:a0:c9:48:9e:b0:01:11:bd:
24:6f:2d:d9:2e:f0:34:e1:26:14:5e:0b:6d:08:7d:
00:19:37:a9:e2:31:53:fa:d0:9a:0a:42:aa:a4:13:
34:f2:a4:88:d9:a4:d1:f2:db:31:53:c7:43:0e:f0:
7f:42:04:34:4b:93:98:36:85:f6:77:e2:32:af:f9:
a7:d8:9e:3d:03:ec:76:68:f9:d8:82:69:c5:79:dd:
bc:06:f0:d4:ef:1c:95:ca:0a:a9:c6:1e:a3:02:d6:
f7:eb:34:c8:d7:33:37:63:34:52:e6:b7:e6:2d:bd:
41:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7E:76:64:49:5F:43:BB:69:86:C8:F7:F1:7B:44:CD:94:27:D4:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:43:38:ad:ab:7b:f2:e8:06:73:93:fa:31:89:76:58:e5:90:
48:68:23:e0:0a:0e:31:46:43:ab:5f:00:ee:75:17:4f:e6:34:
33:bd:d9:c3:bc:ca:33:9a:bb:25:f8:3f:57:36:3f:9a:f3:8e:
d6:07:19:73:15:9b:e6:aa:31:39:6b:be:61:22:58:b9:f1:c5:
dd:97:34:cf:9b:46:16:30:57:e0:b4:0c:13:b0:7e:cd:50:f8:
4e:2d:1d:42:04:00:aa:32:e0:88:22:90:88:6f:c2:ea:ce:1f:
c8:ad:fa:bf:97:cf:19:aa:d0:8e:41:8b:db:4f:48:28:c4:26:
a4:2e:4b:a2:9a:b6:50:63:47:ea:26:8d:c2:cd:02:39:61:da:
68:0a:82:d0:ec:5c:10:bb:51:9d:a4:34:99:99:15:9f:aa:37:
65:0d:20:2b:97:1a:09:eb:21:af:66:7d:45:4e:c7:67:12:76:
bc:3b:98:cf:e8:dd:3c:87:c0:4c:12:8d:3c:72:1c:5e:bf:38:
b1:b1:9d:98:8d:79:d6:ef:70:7d:aa:bf:4f:7c:f7:be:a5:d2:
3f:e2:fa:71:7f:a4:9f:88:b2:04:60:20:66:01:37:32:64:e4:
c5:2d:80:4e:94:c2:fd:c4:a8:7f:14:4b:4d:35:79:47:90:f5:
18:44:c5:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBYF1m0fU+5EMTVzHFGQXCDZCk+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ZWFkM2VkMWIxNWRiZGU1Y2ExNTVmMzcxZDU0YzBmNWRmNWJhMjI4MjE3
ODMzMzgyZmI2ZmYyYTZiMDE5NmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/Yf3NFuRoof/zt/MUuG1ljAmo43qsEA4pWvZRNUf/aDaFhPlXy5xXTJanY
ngSeIHCQWR2baGVWuC9fHkq8JqdxkabsW433vUEbfT7vKcgJd4psdP60VlOAydl3
WIiYHgbyvNH3v5ySsIJ8AZp6miWrKfu8DxiYaZlK8msyWFimtlvztH6fKn7m8kkM
gaDJSJ6wARG9JG8t2S7wNOEmFF4LbQh9ABk3qeIxU/rQmgpCqqQTNPKkiNmk0fLb
MVPHQw7wf0IENEuTmDaF9nfiMq/5p9iePQPsdmj52IJpxXndvAbw1O8clcoKqcYe
owLW9+s0yNczN2M0Uua35i29QVMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRLfnZk
SV9Du2mGyPfxe0TNlCfUYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGE1OTQxNzMtZDIzYi00ZTRhLTlhMWYtOTZkZWI1OWI0NWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBWQzitq3vy6AZzk/oxiXZY5ZBIaCPgCg4xRkOrXwDu
dRdP5jQzvdnDvMozmrsl+D9XNj+a847WBxlzFZvmqjE5a75hIli58cXdlzTPm0YW
MFfgtAwTsH7NUPhOLR1CBACqMuCIIpCIb8Lqzh/Irfq/l88ZqtCOQYvbT0goxCak
LkuimrZQY0fqJo3CzQI5YdpoCoLQ7FwQu1GdpDSZmRWfqjdlDSArlxoJ6yGvZn1F
TsdnEna8O5jP6N08h8BMEo08chxevzixsZ2YjXnW73B9qr9PfPe+pdI/4vpxf6Sf
iLIEYCBmATcyZOTFLYBOlML9xKh/FEtNNXlHkPUYRMVK
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:03:01 2025 by rpki-client