Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
File: 8e43baaa-efa7-4143-a595-a0519a0318ec.roa (raw, json)
Hash identifier: GtLeRjTXrGEXq+nlY9/sNySqBUm1MjZOsGJmerQYqg0=
Subject key identifier: 76:6D:F2:DB:19:14:79:8C:3F:A6:63:85:19:7E:FE:52:B8:31:0D:65
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 046E5F12F17C4B2C1164EE9BF5B7121EA0D3D9DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:6e:5f:12:f1:7c:4b:2c:11:64:ee:9b:f5:b7:12:1e:a0:d3:d9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:de:28:95:7d:d0:5b:a2:94:3a:a5:b2:b8:92:
a1:37:ff:35:86:18:88:b4:2b:d0:af:b5:f7:5f:7b:
08:a9:18:b9:f5:03:ac:08:30:d2:f9:17:62:67:cc:
41:b3:18:a8:33:0c:51:d0:8a:e8:35:00:f3:0d:fa:
19:50:ed:2d:21:a7:31:a0:ed:39:46:c6:db:a9:1c:
c8:d0:64:f7:57:77:49:d8:56:27:ea:89:08:36:8d:
e4:76:7d:28:91:54:5f:43:1d:50:fb:96:62:04:ed:
83:e7:05:bd:5b:5e:71:90:20:72:a2:1e:3e:3a:42:
38:b3:49:bf:bb:58:88:31:55:27:c4:0b:d7:8b:3f:
29:97:6d:34:f8:2c:8a:80:fc:04:dc:6b:fa:75:bb:
40:4f:d5:f7:95:31:2c:3e:9e:93:68:29:ca:0a:05:
8b:31:d1:25:6d:75:8a:b2:1b:8c:ed:a3:a2:a8:69:
82:a7:9d:49:36:2e:7b:5e:a8:58:44:31:d8:76:a7:
54:44:d5:73:a9:f0:8d:3a:99:39:3f:9e:86:5a:4e:
b6:9d:ab:56:a5:44:f7:5d:f6:84:14:a7:67:9e:63:
a9:ea:7d:f2:12:da:d0:90:81:8d:14:03:5a:ae:71:
bd:27:41:13:cd:ff:c5:58:f3:d3:37:70:1c:d8:52:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6D:F2:DB:19:14:79:8C:3F:A6:63:85:19:7E:FE:52:B8:31:0D:65
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:6e:78:e5:21:46:bf:de:6f:42:1c:25:df:77:45:65:92:9e:
0f:f2:58:2f:96:fd:e9:05:d0:14:ac:bd:83:6c:d7:12:54:88:
93:d0:98:73:3d:3e:2a:ab:42:47:49:f6:a6:13:1e:53:73:38:
33:bc:9f:95:11:a7:72:46:49:92:8b:1f:be:ad:16:26:e0:01:
21:5a:f3:ad:3e:ea:43:9d:be:79:58:1e:22:92:2f:2d:08:cf:
d2:eb:14:e7:ce:8b:03:e8:f0:2e:26:3a:86:bb:7c:d7:8c:00:
20:3b:cb:3e:85:ce:5e:86:99:15:19:31:a3:0e:7e:a8:7f:4b:
7b:3a:dd:9c:b6:cb:03:19:3a:36:96:f8:fe:8f:33:d5:54:93:
88:22:13:3c:f7:ad:1c:52:c6:27:bb:65:83:69:33:6e:dc:76:
9f:7f:72:a4:3d:76:5e:b1:fc:7b:bc:d0:de:8c:5f:b1:f3:06:
59:ed:e8:43:84:fe:35:c6:fe:3a:97:6a:42:42:ee:11:c0:2a:
eb:c4:c4:c4:da:f8:9e:9a:36:19:d6:1c:8a:be:41:e4:89:7c:
37:54:97:6a:a3:ac:75:e0:d6:3b:b6:6e:12:04:f0:a3:fe:b5:
4f:a3:11:48:0a:db:7e:33:4d:e3:4d:6d:c4:c1:4b:83:aa:aa:
cf:0a:9a:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBG5fEvF8SywRZO6b9bcSHqDT2d0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMTg5ZTJjYTE2Yzk4MWI1MDQ1NTkyMWEwMTE1NTY2YjllODYwOWRjYWU1
ZjYxMWE4MjMxOGI1YTk3OTIxODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7eKJV90FuilDqlsriSoTf/NYYYiLQr0K+19197CKkYufUDrAgw0vkXYmfM
QbMYqDMMUdCK6DUA8w36GVDtLSGnMaDtOUbG26kcyNBk91d3SdhWJ+qJCDaN5HZ9
KJFUX0MdUPuWYgTtg+cFvVtecZAgcqIePjpCOLNJv7tYiDFVJ8QL14s/KZdtNPgs
ioD8BNxr+nW7QE/V95UxLD6ek2gpygoFizHRJW11irIbjO2joqhpgqedSTYue16o
WEQx2HanVETVc6nwjTqZOT+ehlpOtp2rVqVE9132hBSnZ55jqep98hLa0JCBjRQD
Wq5xvSdBE83/xVjz0zdwHNhSXz0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR2bfLb
GRR5jD+mY4UZfv5SuDENZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0M2JhYWEtZWZhNy00MTQzLWE1OTUtYTA1MTlhMDMxOGVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAC2545SFGv95vQhwl33dFZZKeD/JYL5b96QXQFKy9
g2zXElSIk9CYcz0+KqtCR0n2phMeU3M4M7yflRGnckZJkosfvq0WJuABIVrzrT7q
Q52+eVgeIpIvLQjP0usU586LA+jwLiY6hrt814wAIDvLPoXOXoaZFRkxow5+qH9L
ezrdnLbLAxk6Npb4/o8z1VSTiCITPPetHFLGJ7tlg2kzbtx2n39ypD12XrH8e7zQ
3oxfsfMGWe3oQ4T+Ncb+OpdqQkLuEcAq68TExNr4npo2GdYcir5B5Il8N1SXaqOs
deDWO7ZuEgTwo/61T6MRSArbfjNN401txMFLg6qqzwqagA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:44:24 2025 by rpki-client