Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
File: a52d8f8f-474c-4726-8c19-e59b8c69d480.roa (raw, json)
Hash identifier: oA6/QWZxsZByfIsaJ7d03ySJDdaLuIQ0Gi1eqx3OPWg=
Subject key identifier: 96:06:F3:1B:E6:E0:3E:A4:8C:19:BC:F3:D3:7E:44:5A:8A:1A:E6:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F478975F45FA0D548398702E1EC5F2636097D0C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:47:89:75:f4:5f:a0:d5:48:39:87:02:e1:ec:5f:26:36:09:7d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ff:29:0f:13:b3:e8:f6:1c:76:6c:d7:fe:82:
8a:02:ee:3c:c3:49:f3:4c:ed:93:71:a7:22:25:be:
f8:1e:03:a8:a6:a9:2f:e2:99:b1:76:2e:55:ec:99:
c8:1d:56:6b:47:56:88:14:b2:0c:96:76:1c:c9:26:
51:67:28:d0:98:bb:2c:45:50:ec:f0:22:00:2a:b6:
d9:eb:87:8b:27:f5:8c:c7:73:05:56:e4:91:c1:93:
af:59:02:7c:7d:06:12:b0:ef:1d:ab:26:97:33:f0:
05:7d:37:b0:6e:b8:6b:db:19:d9:77:d3:11:b5:63:
6f:2f:ea:be:bd:66:f1:44:f6:13:de:a1:14:e9:f6:
37:14:32:e4:5e:d3:7b:a5:85:43:04:fe:d6:06:1a:
eb:dc:f1:53:f0:80:46:16:ed:6f:27:79:19:06:0e:
b4:52:54:90:aa:ea:ba:73:10:bd:08:d2:c0:98:dd:
c4:41:9e:cf:59:5b:c6:ce:69:f2:6e:5b:d0:e0:9c:
20:48:1c:c6:25:75:fe:c8:d5:1d:dc:39:0b:e2:11:
a5:aa:ac:8e:a7:97:db:3f:9e:7d:66:05:90:79:92:
d0:c0:0e:0b:22:9e:ad:c9:b2:65:99:45:69:57:d0:
64:b1:44:98:ed:5c:e3:2e:14:9e:83:ab:f4:ce:aa:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:06:F3:1B:E6:E0:3E:A4:8C:19:BC:F3:D3:7E:44:5A:8A:1A:E6:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:f3:c0:56:e5:96:66:80:94:17:c7:54:75:33:fa:5d:1a:7e:
bf:02:39:f8:77:c0:11:8f:15:4e:42:c4:66:ee:fc:e3:25:6b:
18:b9:78:1c:bc:23:0f:4a:8f:db:a2:bc:51:70:ac:47:36:c3:
63:49:a5:05:a5:d7:45:b8:59:16:aa:ce:4e:a4:54:ae:b0:16:
cd:7f:f9:de:e7:5c:d5:ee:bb:37:46:dc:9b:8b:12:2c:df:ec:
64:7a:75:6a:28:f5:0b:2d:bc:f2:ed:48:b2:49:d0:49:fb:37:
82:78:65:c4:fb:c7:6b:47:b3:7c:23:16:a8:38:6a:16:81:09:
de:11:00:7f:93:88:4e:55:22:de:22:47:05:04:d9:6d:9e:92:
d7:81:20:25:83:29:de:24:e3:7d:e0:eb:0f:ab:20:d7:bf:5d:
9d:93:35:b0:8f:43:36:df:7c:c5:e0:71:2f:60:03:d4:f9:05:
09:2b:5c:b0:19:d2:0e:26:93:d8:13:ba:5c:15:79:e0:51:64:
c6:54:a1:9d:cf:16:35:94:5c:97:91:c5:15:02:90:04:20:25:
57:d7:2b:96:6b:11:d0:7f:1b:fd:7e:a7:99:36:57:26:19:d1:
e6:d3:0c:f6:ac:1e:05:0a:00:a6:70:ce:89:40:8c:b9:c4:fb:
bc:83:30:e9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL0eJdfRfoNVIOYcC4exfJjYJfQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2M2Q2MTg1NWQ1MTllYjM3YTc5MjExNmJlZWYxZWVhMzVlMzQyYzM0YTQy
MTM3YjU2OWYyMjUxNjBhNmU3NzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANT/KQ8Ts+j2HHZs1/6CigLuPMNJ80ztk3GnIiW++B4DqKapL+KZsXYuVeyZ
yB1Wa0dWiBSyDJZ2HMkmUWco0Ji7LEVQ7PAiACq22euHiyf1jMdzBVbkkcGTr1kC
fH0GErDvHasmlzPwBX03sG64a9sZ2XfTEbVjby/qvr1m8UT2E96hFOn2NxQy5F7T
e6WFQwT+1gYa69zxU/CARhbtbyd5GQYOtFJUkKrqunMQvQjSwJjdxEGez1lbxs5p
8m5b0OCcIEgcxiV1/sjVHdw5C+IRpaqsjqeX2z+efWYFkHmS0MAOCyKercmyZZlF
aVfQZLFEmO1c4y4UnoOr9M6qKiECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWBvMb
5uA+pIwZvPPTfkRaihrmejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTUyZDhmOGYtNDc0Yy00NzI2LThjMTktZTU5YjhjNjlkNDgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQBx88BW5ZZmgJQXx1R1M/pdGn6/Ajn4d8ARjxVOQsRm
7vzjJWsYuXgcvCMPSo/borxRcKxHNsNjSaUFpddFuFkWqs5OpFSusBbNf/ne51zV
7rs3RtybixIs3+xkenVqKPULLbzy7UiySdBJ+zeCeGXE+8drR7N8IxaoOGoWgQne
EQB/k4hOVSLeIkcFBNltnpLXgSAlgyneJON94OsPqyDXv12dkzWwj0M233zF4HEv
YAPU+QUJK1ywGdIOJpPYE7pcFXngUWTGVKGdzxY1lFyXkcUVApAEICVX1yuWaxHQ
fxv9fqeZNlcmGdHm0wz2rB4FCgCmcM6JQIy5xPu8gzDp
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:08 2025 by rpki-client