Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
File: ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa (raw, json)
Hash identifier: mxcGAq7XS+e5cEFotZbor7JXFXQ0T0z2Ahi9Wv01LgY=
Subject key identifier: 3F:97:DA:E1:63:45:BD:E4:2E:D8:5A:6B:37:FB:FA:E8:CE:3C:51:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 126BAF245CAC0B12555F2D2752CE51B639251995
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:6b:af:24:5c:ac:0b:12:55:5f:2d:27:52:ce:51:b6:39:25:19:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d0:4a:8f:c7:b6:10:aa:99:06:9d:93:ca:57:
7d:a6:2a:7f:9a:ad:0d:a8:2d:0b:e9:53:ec:9a:fc:
1d:0f:71:df:d2:b3:d1:3a:cc:6a:52:02:82:80:05:
bb:70:66:0c:04:aa:bd:0c:3f:2b:3e:6a:17:8a:53:
bd:26:0a:2c:6c:bf:29:eb:2a:e3:7f:d0:03:26:13:
0a:67:95:fe:78:87:8b:6c:c3:40:32:c6:dc:c8:60:
b4:ff:6d:3d:95:c9:54:d8:18:b0:d0:59:83:ab:14:
16:91:d1:5e:ce:b1:ab:b4:4f:fc:a3:19:e7:07:e1:
3c:d9:22:68:37:aa:31:d9:40:f4:61:af:35:e0:bd:
4f:1a:77:9d:eb:e6:c2:83:96:2e:80:3a:cf:71:e2:
32:70:1a:cf:c6:e5:2f:1a:5a:9f:a9:0e:bc:e7:d0:
fa:7a:ba:14:00:c7:9a:ac:fd:0f:e2:dd:8d:01:7e:
7b:2f:21:02:67:fa:af:19:37:9c:51:6a:28:19:da:
19:b8:89:3e:fe:9b:06:08:49:35:31:4b:c8:7c:fd:
b5:ee:a4:55:af:54:73:cc:6f:41:9a:00:8c:ec:99:
eb:2a:a4:85:26:c4:ed:7b:d2:2b:90:1e:f2:b0:fd:
84:7f:ad:75:3e:73:b8:99:bd:49:2d:b4:0a:6b:22:
ad:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:97:DA:E1:63:45:BD:E4:2E:D8:5A:6B:37:FB:FA:E8:CE:3C:51:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
0b:0e:8b:0a:29:d5:57:18:b6:8f:94:4e:6f:66:57:38:1b:67:
7a:6b:34:3b:d7:a9:e1:cd:30:64:42:af:d4:bf:73:9b:71:e1:
3e:ea:b2:e8:39:4c:60:62:12:0f:42:8a:76:8b:0a:d7:b5:3e:
cd:c0:42:96:9a:09:f4:d0:ca:f8:99:e0:ac:c1:0b:70:29:87:
b5:04:1d:60:18:47:02:ac:1b:4f:86:0a:8f:93:7f:4a:3f:bd:
21:73:2f:d9:3b:16:6e:34:54:cd:6d:0e:34:28:f2:a6:cd:b0:
ce:87:14:fa:1a:aa:be:40:91:53:6a:d8:40:0f:3a:c6:6b:b6:
82:3c:ef:ea:c2:9c:e9:1d:ff:94:09:c8:d7:70:e8:64:a1:d8:
18:a4:69:60:55:2c:b9:76:3c:a8:2f:02:42:ee:ac:d9:87:bc:
67:ca:74:17:16:3e:1f:fe:2f:e2:65:b8:47:12:bd:5a:28:c3:
da:7f:a9:bc:3a:21:ff:9e:8b:65:c6:f2:69:f0:c3:ec:46:fb:
28:19:3c:d8:de:1a:fb:f9:f4:c9:e0:fc:53:45:a6:5a:63:2a:
10:b5:22:be:74:7c:4a:9b:6e:58:fc:e2:7a:35:b8:d8:d4:92:
30:d5:57:7c:ef:ba:13:30:b0:0c:d2:60:3a:ad:38:11:ee:56:
d2:66:c4:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEmuvJFysCxJVXy0nUs5RtjklGZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4ODUyMGMyZjg4NWNjNGI1M2NkYjM1MDU5YjQxZGJhNTM2ZjkwNmEzMzZk
OTY2YmQ0MTAxNTg2YjY5MjZlOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjQSo/HthCqmQadk8pXfaYqf5qtDagtC+lT7Jr8HQ9x39Kz0TrMalICgoAF
u3BmDASqvQw/Kz5qF4pTvSYKLGy/Kesq43/QAyYTCmeV/niHi2zDQDLG3MhgtP9t
PZXJVNgYsNBZg6sUFpHRXs6xq7RP/KMZ5wfhPNkiaDeqMdlA9GGvNeC9Txp3nevm
woOWLoA6z3HiMnAaz8blLxpan6kOvOfQ+nq6FADHmqz9D+LdjQF+ey8hAmf6rxk3
nFFqKBnaGbiJPv6bBghJNTFLyHz9te6kVa9Uc8xvQZoAjOyZ6yqkhSbE7XvSK5Ae
8rD9hH+tdT5zuJm9SS20CmsirWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ/l9rh
Y0W95C7YWms3+/rozjxRTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWU4YjNhNWMtZWIxNC00Zjc2LTkyYjktYTliNDNhN2I4YWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQALDosKKdVXGLaPlE5vZlc4G2d6azQ716nhzTBkQq/U
v3ObceE+6rLoOUxgYhIPQop2iwrXtT7NwEKWmgn00Mr4meCswQtwKYe1BB1gGEcC
rBtPhgqPk39KP70hcy/ZOxZuNFTNbQ40KPKmzbDOhxT6Gqq+QJFTathADzrGa7aC
PO/qwpzpHf+UCcjXcOhkodgYpGlgVSy5djyoLwJC7qzZh7xnynQXFj4f/i/iZbhH
Er1aKMPaf6m8OiH/notlxvJp8MPsRvsoGTzY3hr7+fTJ4PxTRaZaYyoQtSK+dHxK
m25Y/OJ6NbjY1JIw1Vd877oTMLAM0mA6rTgR7lbSZsR/
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:33:18 2025 by rpki-client