Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: RYmNBdvaNl8/MhRDVkVyFUMeredeWAKnOhag+iChYHQ=
Subject key identifier: 72:F6:69:D3:8D:02:90:00:C8:A8:E7:2F:1F:AA:B8:93:13:3E:EA:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6004C603223E3E1D9044F8A95B29E5EDA4A72B57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Wed 05 Mar 2025 17:51:23 +0000
ROA not before: Wed 05 Mar 2025 17:51:23 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:04:c6:03:22:3e:3e:1d:90:44:f8:a9:5b:29:e5:ed:a4:a7:2b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:23 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5c:f4:f8:fb:f9:24:9e:b3:e9:93:44:47:c0:
e7:ce:19:18:db:d2:4b:f2:68:c4:fe:1e:45:fe:7a:
66:87:d6:48:27:99:66:b4:ef:32:7c:59:fc:a3:57:
fb:52:5b:d0:08:33:b4:62:c1:90:ae:80:9b:b0:99:
61:d6:45:5f:8f:78:c8:53:42:d5:3f:1c:b0:c7:9f:
83:76:16:f7:44:dc:1b:21:65:a9:cb:25:a6:e6:8b:
04:64:9c:8b:a0:c0:cd:c2:13:22:79:34:5c:cd:fd:
68:6c:23:d5:ed:eb:84:46:e9:cb:49:34:0a:17:cf:
8b:26:0d:9f:c2:82:08:aa:c2:89:55:57:d0:73:73:
81:9b:6a:da:db:d0:a9:de:c5:41:af:d0:8e:78:f9:
f5:3c:d5:19:cb:8f:49:d3:cd:ea:2a:ac:bc:b2:9f:
35:16:3a:b8:5a:c7:76:54:49:87:f4:ee:d3:c9:e6:
89:4b:c1:5e:63:f1:1b:cd:bb:bd:ec:a5:41:ab:17:
8f:0d:be:e0:a4:49:00:05:f8:de:44:2f:0c:67:a5:
4e:99:61:18:ef:e6:4d:0c:18:21:4c:9d:ba:60:03:
31:bc:6d:ba:b4:9c:1c:a9:54:1b:95:33:06:e7:46:
0b:73:8b:8f:1c:69:df:f7:50:9d:aa:2d:23:46:f0:
d9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F6:69:D3:8D:02:90:00:C8:A8:E7:2F:1F:AA:B8:93:13:3E:EA:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:4f:84:02:a1:6a:ed:7c:83:71:16:c8:ef:8e:1c:5c:23:c2:
da:00:6f:3a:ec:2e:f1:42:58:65:ca:f7:fd:f5:93:bd:be:60:
66:b7:9e:9a:ab:a4:bc:dc:8e:d3:3c:48:d9:80:5d:b5:2a:56:
19:4e:81:7e:fb:83:39:86:0b:fc:da:dc:a3:0e:e5:7f:50:b5:
d5:66:d1:53:ee:58:ae:17:e9:7a:73:cb:42:b3:a0:85:44:ac:
25:3c:06:f0:e7:6f:db:38:63:25:5a:84:1b:f7:12:07:e9:c0:
35:14:71:e4:81:de:18:8e:fb:64:da:40:10:30:86:df:67:a0:
b4:54:6c:cf:9d:08:e5:2c:99:e1:bb:be:49:2c:16:11:80:4f:
27:f4:78:92:78:ab:4a:e3:c4:30:52:1c:76:c3:02:8f:79:72:
41:88:3c:78:fe:87:83:ad:24:cc:3f:ed:12:5a:7d:4c:16:de:
9d:7c:96:1c:68:41:ff:c3:5d:24:4d:08:e4:31:a4:c6:04:2f:
b6:54:aa:26:c6:84:7f:9a:09:bd:1e:6f:eb:e3:75:2e:45:0f:
5f:8a:55:46:95:95:65:8f:ad:c3:21:60:94:dd:34:e5:02:0e:
96:09:3b:7d:c9:98:70:b2:e4:0f:d9:5d:09:3e:4f:39:d3:fa:
6a:9c:46:a4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYATGAyI+Ph2QRPipWynl7aSnK1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMjNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZTBkZjcwNGJlMGJlNjY5YjNjZmI3MzdhOGUxODJlMmRmZDg2MDM0N2Fh
ZjZjZjA5MGQyZWMzZjM1MDA1OWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdc9Pj7+SSes+mTREfA584ZGNvSS/JoxP4eRf56ZofWSCeZZrTvMnxZ/KNX
+1Jb0AgztGLBkK6Am7CZYdZFX494yFNC1T8csMefg3YW90TcGyFlqcslpuaLBGSc
i6DAzcITInk0XM39aGwj1e3rhEbpy0k0ChfPiyYNn8KCCKrCiVVX0HNzgZtq2tvQ
qd7FQa/Qjnj59TzVGcuPSdPN6iqsvLKfNRY6uFrHdlRJh/Tu08nmiUvBXmPxG827
veylQasXjw2+4KRJAAX43kQvDGelTplhGO/mTQwYIUydumADMbxturScHKlUG5Uz
BudGC3OLjxxp3/dQnaotI0bw2WMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRy9mnT
jQKQAMio5y8fqriTEz7qHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQCeT4QCoWrtfINxFsjvjhxcI8LaAG867C7xQlhlyvf9
9ZO9vmBmt56aq6S83I7TPEjZgF21KlYZToF++4M5hgv82tyjDuV/ULXVZtFT7liu
F+l6c8tCs6CFRKwlPAbw52/bOGMlWoQb9xIH6cA1FHHkgd4Yjvtk2kAQMIbfZ6C0
VGzPnQjlLJnhu75JLBYRgE8n9HiSeKtK48QwUhx2wwKPeXJBiDx4/oeDrSTMP+0S
Wn1MFt6dfJYcaEH/w10kTQjkMaTGBC+2VKomxoR/mgm9Hm/r43UuRQ9filVGlZVl
j63DIWCU3TTlAg6WCTt9yZhwsuQP2V0JPk850/pqnEak
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:17 2025 by rpki-client