Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
File: ba49e847-161e-4e06-ade5-750cb58ef3e5.roa (raw, json)
Hash identifier: TL5Uy0B9lkz34+i3sB+uwqN9k6K82P/zcOWpzfUaIqk=
Subject key identifier: 63:BD:CD:64:50:96:BC:40:47:EF:BA:8E:F1:1B:26:E6:79:68:A8:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55068AB15C9AE2D9CAF018E9B02830FB5DAF8397
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:06:8a:b1:5c:9a:e2:d9:ca:f0:18:e9:b0:28:30:fb:5d:af:83:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:61:9b:a1:91:b8:65:04:8a:aa:e6:03:c7:c3:
0a:b9:3d:31:ec:ad:1c:7c:42:65:16:f1:f5:f1:ca:
05:70:0c:8b:ea:2b:df:a4:09:0d:6a:cd:1e:86:a9:
ef:5c:c7:98:98:00:76:94:76:a2:78:cc:c6:f3:b3:
88:35:62:02:74:57:3e:07:e6:a0:29:15:c1:fa:84:
6f:8e:b3:15:4b:6f:c5:2a:77:90:11:a4:89:eb:fe:
0c:b6:75:ce:34:ce:2a:7a:ec:59:50:86:80:aa:72:
8d:2d:85:40:b6:9a:3e:46:fd:44:10:9e:b6:b5:7a:
e6:83:ee:f2:a7:04:c6:04:ab:a4:2b:49:a3:f3:71:
0c:98:73:dd:4b:5e:5c:0d:fa:d5:e5:bd:97:02:52:
3b:22:9d:42:86:ab:75:2d:88:b1:aa:48:f4:d6:78:
5b:fb:88:b9:fb:4b:1a:96:00:32:83:0a:93:03:7d:
e0:bb:d8:b9:59:8c:79:0e:3a:85:4b:20:ef:b6:80:
21:7e:13:52:58:48:db:16:8e:a5:7d:c1:0c:0b:80:
31:a5:1d:51:70:91:9f:2b:df:a8:52:a3:1f:9a:d9:
b5:dd:ae:57:71:a7:86:ed:ca:d8:c9:b5:fc:c5:63:
f3:1f:f6:2b:73:d9:2f:c0:e0:c1:b1:81:20:8a:d4:
08:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BD:CD:64:50:96:BC:40:47:EF:BA:8E:F1:1B:26:E6:79:68:A8:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
87:c9:e6:2c:77:17:1d:82:e4:a0:39:9d:f1:20:ab:d6:18:4f:
96:84:c6:fe:b5:78:4d:59:b9:53:96:9f:eb:25:f8:2c:c3:39:
66:39:47:54:37:ac:5f:d4:60:e7:2e:4b:ce:2f:ef:8a:95:c8:
6d:03:ca:80:df:19:5c:bf:eb:14:23:e2:43:7d:8b:65:b4:44:
2a:03:a6:99:77:95:ba:4c:92:f1:7f:b5:70:00:9d:84:f0:ea:
8f:43:dc:43:77:d3:3d:47:44:a4:7c:42:20:07:e8:ef:d0:8d:
a7:c6:5d:32:86:8e:3b:ba:7a:a1:d7:6c:29:d5:0c:57:22:26:
08:6e:c4:77:f5:c7:76:29:9b:1f:28:0d:0f:55:9f:93:4f:fd:
88:5c:ec:78:2f:e2:7a:cb:e8:db:62:19:3d:ef:47:df:05:53:
37:0a:c1:31:16:63:d5:13:a9:36:97:0c:62:60:6b:4a:45:7d:
92:b8:1a:7d:79:27:a5:b4:63:e0:05:95:90:bb:c9:70:e3:b6:
65:1d:35:ff:44:f1:a9:33:8d:8e:1c:ab:77:26:4a:fe:03:32:
51:bb:50:bb:8a:e1:71:31:ff:d3:40:e8:2b:a8:ba:b0:c2:8c:
d2:04:9e:27:40:17:48:8f:02:75:43:a4:9b:5f:ed:e3:92:ea:
f3:51:33:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVQaKsVya4tnK8BjpsCgw+12vg5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1YmVkMDY3YjlkNjA3ZWFkMzg2YmMzZDkzY2UwMTY3MGJiMmY3ZWJiZGJl
ZjkyMTA3NGFkOTY5Y2VhMzJlZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJphm6GRuGUEiqrmA8fDCrk9MeytHHxCZRbx9fHKBXAMi+or36QJDWrNHoap
71zHmJgAdpR2onjMxvOziDViAnRXPgfmoCkVwfqEb46zFUtvxSp3kBGkiev+DLZ1
zjTOKnrsWVCGgKpyjS2FQLaaPkb9RBCetrV65oPu8qcExgSrpCtJo/NxDJhz3Ute
XA361eW9lwJSOyKdQoardS2IsapI9NZ4W/uIuftLGpYAMoMKkwN94LvYuVmMeQ46
hUsg77aAIX4TUlhI2xaOpX3BDAuAMaUdUXCRnyvfqFKjH5rZtd2uV3Gnhu3K2Mm1
/MVj8x/2K3PZL8DgwbGBIIrUCLMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRjvc1k
UJa8QEfvuo7xGybmeWio0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmE0OWU4NDctMTYxZS00ZTA2LWFkZTUtNzUwY2I1OGVmM2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAh8nmLHcXHYLkoDmd8SCr1hhPloTG/rV4TVm5U5af
6yX4LMM5ZjlHVDesX9Rg5y5Lzi/vipXIbQPKgN8ZXL/rFCPiQ32LZbREKgOmmXeV
ukyS8X+1cACdhPDqj0PcQ3fTPUdEpHxCIAfo79CNp8ZdMoaOO7p6oddsKdUMVyIm
CG7Ed/XHdimbHygND1Wfk0/9iFzseC/iesvo22IZPe9H3wVTNwrBMRZj1ROpNpcM
YmBrSkV9krgafXknpbRj4AWVkLvJcOO2ZR01/0TxqTONjhyrdyZK/gMyUbtQu4rh
cTH/00DoK6i6sMKM0gSeJ0AXSI8CdUOkm1/t45Lq81EzwQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:49 2025 by rpki-client