Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
File: b1171dc0-a8bf-436d-9808-e316391b2b94.roa (raw, json)
Hash identifier: uJ7a20l3+unH0m95eLLck3sT3JRNPwfdhJ2ZO3l7ic8=
Subject key identifier: 8A:7B:12:25:0E:8F:E2:00:71:AE:77:83:A5:99:3E:35:17:0E:29:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4FDAC1C8055A66D3665549E9C15ACEAC035E09AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:da:c1:c8:05:5a:66:d3:66:55:49:e9:c1:5a:ce:ac:03:5e:09:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f5:b3:f0:31:b7:dc:b3:d3:1f:67:8a:22:4f:
86:ff:ed:8b:14:1d:a7:9e:a1:c9:e7:61:ac:78:3d:
8c:a6:ae:61:65:4a:4f:48:ef:f9:d7:02:c9:f4:14:
90:c8:15:b4:a3:f7:60:dd:87:de:87:d3:da:81:67:
26:17:7a:9e:cc:33:2f:f8:0b:fe:ce:c6:51:f7:bf:
43:61:db:23:14:a8:33:4c:54:d9:e0:c5:fb:08:3c:
1e:7d:6f:53:c6:f2:f6:6e:a0:18:36:dc:e3:a8:53:
38:79:9b:e6:5d:c6:a3:ed:78:3a:f0:84:dc:b2:6a:
81:e8:b2:b3:72:f0:9d:9d:1f:bd:20:0e:bd:ec:25:
0c:73:11:7b:a8:be:b6:48:1e:e5:bf:3d:ba:21:09:
3e:ef:e0:89:9a:1f:a4:73:2b:9f:95:0e:ee:7b:8b:
8d:28:18:65:30:60:8b:d5:44:58:1f:f5:a8:30:92:
d1:37:77:a0:e6:79:c4:e0:a0:87:12:4e:68:3a:bc:
49:88:90:ac:c8:5e:b7:2f:7d:bd:b0:cb:ee:4a:d4:
b0:32:b6:1d:4f:c9:fb:e2:5f:a4:5f:9c:29:5e:cf:
1f:ff:89:89:39:a4:7a:1c:7a:0c:79:7a:71:17:b5:
40:c9:03:7f:39:0b:ab:d2:bf:32:34:54:29:e8:07:
9c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7B:12:25:0E:8F:E2:00:71:AE:77:83:A5:99:3E:35:17:0E:29:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:d5:7a:36:a8:5c:d6:86:99:97:d0:f4:a1:28:a9:60:6c:ea:
60:96:9f:fa:31:43:a3:54:27:4c:70:7b:05:54:5d:0d:02:c4:
ff:22:e9:67:0b:fb:12:9a:15:9a:5a:f0:67:b5:c5:2b:6a:56:
05:07:80:14:91:ae:45:27:98:ce:aa:81:5b:f7:18:3b:21:ea:
f5:a3:e3:62:7c:e9:63:c6:5e:2f:ab:9f:ce:34:e7:b1:07:35:
61:39:ee:fb:ac:f4:fc:ae:a1:8c:d8:88:4f:04:72:ec:88:56:
9f:34:aa:d9:1a:a5:8f:30:39:9a:e2:e4:9a:cb:62:d6:50:26:
a9:44:50:24:b7:4a:57:ab:d5:92:fd:c3:68:ac:71:22:f0:bb:
88:52:aa:fa:1f:b9:9c:e1:c6:2e:0a:4a:43:0e:25:79:82:5c:
75:77:f3:d0:af:90:74:84:58:38:7c:93:2e:8d:30:ee:81:d2:
04:7c:07:8f:97:90:35:e1:d2:0f:0b:46:5f:9f:f0:79:7b:b5:
12:77:4b:6f:59:44:a6:72:72:da:98:64:77:bc:7c:6e:f9:b5:
27:1e:7a:3f:95:d8:94:45:4d:3d:0b:61:58:00:59:5b:98:55:
4a:83:15:5e:92:ca:bc:07:63:6f:a5:dc:85:ee:d9:96:fb:63:
39:3a:c9:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT9rByAVaZtNmVUnpwVrOrANeCa8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwMThmYjZhNWNkODY1YmEzNGZiM2UxNWVjYTYwNjZhODIxYzNlNGYwNjA3
ZTdhYWVhNzY1YTk3OTAwYmM3ZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKH1s/Axt9yz0x9niiJPhv/tixQdp56hyedhrHg9jKauYWVKT0jv+dcCyfQU
kMgVtKP3YN2H3ofT2oFnJhd6nswzL/gL/s7GUfe/Q2HbIxSoM0xU2eDF+wg8Hn1v
U8by9m6gGDbc46hTOHmb5l3Go+14OvCE3LJqgeiys3LwnZ0fvSAOvewlDHMRe6i+
tkge5b89uiEJPu/giZofpHMrn5UO7nuLjSgYZTBgi9VEWB/1qDCS0Td3oOZ5xOCg
hxJOaDq8SYiQrMhety99vbDL7krUsDK2HU/J++JfpF+cKV7PH/+JiTmkehx6DHl6
cRe1QMkDfzkLq9K/MjRUKegHnDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKexIl
Do/iAHGud4OlmT41Fw4prTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjExNzFkYzAtYThiZi00MzZkLTk4MDgtZTMxNjM5MWIyYjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQDL1Xo2qFzWhpmX0PShKKlgbOpglp/6MUOjVCdMcHsF
VF0NAsT/IulnC/sSmhWaWvBntcUralYFB4AUka5FJ5jOqoFb9xg7Ier1o+NifOlj
xl4vq5/ONOexBzVhOe77rPT8rqGM2IhPBHLsiFafNKrZGqWPMDma4uSay2LWUCap
RFAkt0pXq9WS/cNorHEi8LuIUqr6H7mc4cYuCkpDDiV5glx1d/PQr5B0hFg4fJMu
jTDugdIEfAePl5A14dIPC0Zfn/B5e7USd0tvWUSmcnLamGR3vHxu+bUnHno/ldiU
RU09C2FYAFlbmFVKgxVeksq8B2NvpdyF7tmW+2M5OsmG
-----END CERTIFICATE-----
Generated at Wed Apr 9 08:28:15 2025 by rpki-client