Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
File: 9d2253ee-c082-458b-b16d-cb41103c4262.roa (raw, json)
Hash identifier: Ql1YHudm0tJCvS171IZ+FcQckplLltEDKJ+FEjSlwxA=
Subject key identifier: 2F:2F:D0:C7:BA:98:23:0F:9F:CA:9D:96:15:E2:BD:61:A6:58:02:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 452B3CBA50CBA62B5C02185B8834B1CBB074172F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:2b:3c:ba:50:cb:a6:2b:5c:02:18:5b:88:34:b1:cb:b0:74:17:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:21:19:63:16:c8:f9:62:a3:0f:ee:39:1f:88:
0b:94:12:28:44:79:ca:1c:d1:64:c9:20:ca:7d:67:
64:c7:8c:ff:f2:3e:1b:47:9e:07:6b:9b:96:5c:fb:
5e:a3:ee:ea:88:2f:ca:18:ab:04:0a:20:10:60:75:
11:95:7c:31:bb:34:67:99:a2:66:5f:13:c3:d2:aa:
69:93:de:bd:fa:22:70:29:6a:0a:58:2e:74:c1:58:
45:6b:cd:c6:fc:c2:92:55:66:b8:7b:86:b3:14:fd:
ae:db:0f:80:56:d4:6a:1d:56:96:30:c2:9b:a1:0b:
0f:71:38:18:01:a5:3d:1e:d7:7e:d1:13:34:ef:15:
a3:39:46:cb:84:f1:4b:cf:23:fe:f4:16:e5:dd:68:
4e:7a:62:d8:7e:44:40:75:60:31:51:59:03:c6:36:
72:52:ab:cf:95:7b:34:55:d0:c3:b8:e5:21:c5:00:
fe:e0:a0:14:da:32:b1:b0:2d:73:e0:b7:a5:24:11:
94:47:3a:1d:60:9d:39:69:75:9a:c3:31:74:50:ba:
0d:f8:91:18:3c:bc:2f:05:ae:30:56:b3:07:db:58:
86:39:56:d4:c7:ba:f2:65:2f:ef:db:ee:40:a5:b3:
22:9e:7a:fb:c5:4b:16:e1:7e:ab:b7:13:a1:f1:22:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2F:D0:C7:BA:98:23:0F:9F:CA:9D:96:15:E2:BD:61:A6:58:02:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
d7:df:96:18:82:2f:d9:84:c6:cc:c6:ae:06:04:e5:d8:b0:eb:
13:7b:a1:f8:43:90:e5:5a:17:13:7d:10:4d:c1:13:bf:2b:61:
17:95:7e:c1:eb:06:cb:4d:4d:6f:78:c9:4a:59:9f:14:5f:30:
a0:b7:52:83:5a:78:6f:ff:8b:6a:e9:26:70:1d:f8:f7:a0:31:
41:15:d9:2e:8f:12:48:50:f5:c5:4c:8a:84:39:e4:f9:de:63:
81:19:82:f1:99:1b:af:79:2e:b5:f1:1b:f1:2e:a9:8f:14:05:
7a:c2:79:03:0c:16:86:b1:3c:67:4e:e8:0a:ce:4d:2f:e8:e0:
fc:e2:23:14:e3:ce:25:dd:49:b0:58:f1:e7:57:73:e2:66:12:
4c:fa:40:d3:ea:10:8f:13:62:a4:1a:0b:38:9e:30:a6:d7:65:
a7:fa:53:59:ec:09:2e:c1:ca:30:09:05:94:fe:8f:c2:f1:c3:
e7:87:a9:43:bb:89:a7:27:07:85:b0:6d:57:f0:60:1f:0b:6f:
55:4b:49:4b:cb:c6:34:2d:c2:c1:fd:9f:b9:8d:07:43:1f:fd:
06:73:5a:49:57:be:8f:97:29:9a:cf:7d:04:ca:a7:82:24:92:
6c:b7:39:40:e1:97:03:88:df:f2:51:1a:9f:f6:80:a2:b3:bc:
45:46:d9:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURSs8ulDLpitcAhhbiDSxy7B0Fy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZGQ2MzZmZTI4ZDZmMjkxYTM3ZDg4ZGIwNGE1ZWUxYjRhODY4NTQyOGI5
ZjNiODI5YzczZjEwYTQxMmI0NWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4hGWMWyPliow/uOR+IC5QSKER5yhzRZMkgyn1nZMeM//I+G0eeB2ubllz7
XqPu6ogvyhirBAogEGB1EZV8Mbs0Z5miZl8Tw9KqaZPevfoicClqClgudMFYRWvN
xvzCklVmuHuGsxT9rtsPgFbUah1WljDCm6ELD3E4GAGlPR7XftETNO8VozlGy4Tx
S88j/vQW5d1oTnpi2H5EQHVgMVFZA8Y2clKrz5V7NFXQw7jlIcUA/uCgFNoysbAt
c+C3pSQRlEc6HWCdOWl1msMxdFC6DfiRGDy8LwWuMFazB9tYhjlW1Me68mUv79vu
QKWzIp56+8VLFuF+q7cTofEiQNkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvL9DH
upgjD5/KnZYV4r1hplgC4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWQyMjUzZWUtYzA4Mi00NThiLWIxNmQtY2I0MTEwM2M0MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQDX35YYgi/ZhMbMxq4GBOXYsOsTe6H4Q5DlWhcT
fRBNwRO/K2EXlX7B6wbLTU1veMlKWZ8UXzCgt1KDWnhv/4tq6SZwHfj3oDFBFdku
jxJIUPXFTIqEOeT53mOBGYLxmRuveS618RvxLqmPFAV6wnkDDBaGsTxnTugKzk0v
6OD84iMU484l3UmwWPHnV3PiZhJM+kDT6hCPE2KkGgs4njCm12Wn+lNZ7Akuwcow
CQWU/o/C8cPnh6lDu4mnJweFsG1X8GAfC29VS0lLy8Y0LcLB/Z+5jQdDH/0Gc1pJ
V76Plymaz30EyqeCJJJstzlA4ZcDiN/yURqf9oCis7xFRtkA
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:41:09 2025 by rpki-client