Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a273d8f1-d41a-494f-91c3-0ac75410919e.roa
File: a273d8f1-d41a-494f-91c3-0ac75410919e.roa (raw, json)
Hash identifier: lEcLfmVVvorilrVP1s8tie8DKOyVlEoBy9CzopQGR9k=
Subject key identifier: 68:79:96:71:0C:34:30:95:A0:15:A3:F3:E5:34:C9:E7:BF:D4:AB:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39BD07EBC6F42A27041E21D12D6D28A39566034B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a273d8f1-d41a-494f-91c3-0ac75410919e.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:bd:07:eb:c6:f4:2a:27:04:1e:21:d1:2d:6d:28:a3:95:66:03:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b1:d2:2f:c9:93:d9:94:4f:44:71:40:d1:0d:
41:3b:e5:10:6d:0b:0a:89:0b:3b:3f:88:bb:4b:06:
3e:fc:f6:bb:0b:fe:0a:60:f3:e2:21:ff:5a:b7:9f:
7b:23:60:87:47:91:65:0a:54:1b:49:48:7f:3e:b3:
2a:f1:bf:be:42:7d:9d:66:90:22:96:03:f3:7f:50:
be:93:5a:db:12:95:0a:ee:07:6a:71:e4:c1:b3:1a:
e0:d1:0a:25:e0:bd:4d:67:e2:03:55:dd:9e:19:30:
61:cc:e8:05:cc:72:07:20:b1:ce:7c:f7:4e:dd:06:
ec:b2:2f:88:c7:a4:39:99:5d:5c:52:85:79:58:d0:
3a:b1:4c:6f:22:7f:c6:22:cf:09:cb:ed:20:61:71:
53:df:72:93:ec:2a:33:27:d3:26:b8:03:85:05:4d:
cf:35:75:f3:ba:83:9e:95:79:5a:b2:6c:1a:44:fd:
2a:1d:b5:53:df:41:90:48:1d:6c:c3:74:db:2d:c8:
a6:9f:87:32:5e:1d:75:e6:ee:9c:8e:f9:c4:a4:48:
43:ca:5e:0c:f4:9c:3e:ea:c4:f9:ab:29:e1:9f:0c:
fc:9b:9e:88:eb:15:e0:00:25:7a:15:01:9d:b8:d2:
6d:69:75:da:ba:9d:d8:b0:81:4a:fa:10:7f:2d:5d:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:79:96:71:0C:34:30:95:A0:15:A3:F3:E5:34:C9:E7:BF:D4:AB:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a273d8f1-d41a-494f-91c3-0ac75410919e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
56:8e:69:70:40:a5:ee:45:92:27:14:76:69:6f:3e:1e:95:c0:
e7:af:fb:d8:53:48:66:80:3f:7d:1d:15:a9:fb:fa:89:3f:73:
a0:e4:20:6b:64:ba:c1:2b:ec:25:d9:f1:eb:46:59:40:38:de:
45:13:64:09:41:6c:d8:2d:6a:03:f3:d6:37:0c:5b:f8:1b:72:
56:58:e9:e8:f2:bd:a4:28:cc:c2:a4:ae:f4:f1:dd:82:ce:1c:
6e:3e:73:6f:28:16:42:34:0d:77:0d:f1:5c:d0:de:62:ef:59:
de:9b:de:a3:45:8d:bb:d0:83:c8:b6:63:91:59:da:81:2d:22:
a9:16:75:ac:92:b6:b8:56:fb:45:4f:03:34:09:d3:94:b7:01:
08:f8:2d:91:2e:36:1e:e7:a0:aa:eb:23:5d:1b:33:e2:23:d2:
7f:2d:ee:39:2c:b4:d6:cb:d8:89:6c:11:5f:b6:82:25:f7:d3:
ac:92:90:91:d9:91:ae:0b:31:c0:00:a1:c6:ac:3e:00:99:08:
12:7a:90:81:50:db:ff:0c:dc:07:79:71:53:cd:bd:5b:f7:8c:
f7:81:29:d2:a9:37:e3:1a:05:42:bb:70:5c:ab:d3:e4:37:18:
58:1f:a5:f8:59:a4:a5:97:b4:37:2d:70:4f:f8:05:3a:46:d3:
76:39:55:f7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOb0H68b0KicEHiHRLW0oo5VmA0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhNjJmMDM4OTI3MzE0ZTEzMGVkNjM3MjM4OWI5YzRkYjEwMTc1NGM1Yjc0
YzQwNGI3ODg3NDRiYjY3YTI3MTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmx0i/Jk9mUT0RxQNENQTvlEG0LCokLOz+Iu0sGPvz2uwv+CmDz4iH/Wref
eyNgh0eRZQpUG0lIfz6zKvG/vkJ9nWaQIpYD839QvpNa2xKVCu4HanHkwbMa4NEK
JeC9TWfiA1XdnhkwYczoBcxyByCxznz3Tt0G7LIviMekOZldXFKFeVjQOrFMbyJ/
xiLPCcvtIGFxU99yk+wqMyfTJrgDhQVNzzV187qDnpV5WrJsGkT9Kh21U99BkEgd
bMN02y3Ipp+HMl4ddebunI75xKRIQ8peDPScPurE+asp4Z8M/JueiOsV4AAlehUB
nbjSbWl12rqd2LCBSvoQfy1dPGMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRoeZZx
DDQwlaAVo/PlNMnnv9SrlzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTI3M2Q4ZjEtZDQxYS00OTRmLTkxYzMtMGFjNzU0MTA5MTllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAVo5pcECl7kWSJxR2aW8+HpXA56/72FNIZoA/fR0V
qfv6iT9zoOQga2S6wSvsJdnx60ZZQDjeRRNkCUFs2C1qA/PWNwxb+BtyVljp6PK9
pCjMwqSu9PHdgs4cbj5zbygWQjQNdw3xXNDeYu9Z3pveo0WNu9CDyLZjkVnagS0i
qRZ1rJK2uFb7RU8DNAnTlLcBCPgtkS42HuegqusjXRsz4iPSfy3uOSy01svYiWwR
X7aCJffTrJKQkdmRrgsxwAChxqw+AJkIEnqQgVDb/wzcB3lxU829W/eM94Ep0qk3
4xoFQrtwXKvT5DcYWB+l+FmkpZe0Ny1wT/gFOkbTdjlV9w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:57 2025 by rpki-client