Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
File: bd71a746-3cc9-4570-bf5d-cc70358205b8.roa (raw, json)
Hash identifier: 2M5stvgdTI0OL8LU6Ts/i8MMFwoFL4L2yu1Fc7I9M8E=
Subject key identifier: A1:A0:84:6F:80:91:FA:42:BB:43:BB:08:27:9B:E6:3D:01:8B:B9:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4101ACD466C87B439D842993C153FDDDF8CF5EAF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:01:ac:d4:66:c8:7b:43:9d:84:29:93:c1:53:fd:dd:f8:cf:5e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:f0:9d:d7:a5:1a:ca:99:fa:53:47:bf:e1:
96:63:01:fd:da:48:eb:d7:c1:37:da:79:77:15:d0:
e2:d8:46:8a:75:0a:2d:a3:dd:42:8a:c6:30:52:07:
60:99:d6:8e:05:aa:a4:90:32:c1:9b:37:f8:76:6c:
c7:8d:81:02:5b:d7:25:30:75:ed:f8:94:5a:5c:aa:
47:3a:af:98:6a:60:1a:c4:7c:d1:c5:83:e9:23:ab:
b6:78:05:0f:61:77:c6:b2:37:c2:a0:f6:a7:b4:a3:
b8:1f:73:7f:2d:7e:24:49:2e:eb:9b:b4:28:e0:79:
29:e7:fa:7a:7c:4a:96:8a:2d:94:03:30:51:f6:84:
48:32:ad:18:e5:60:98:2e:c4:f7:aa:5b:3c:db:fc:
47:ce:75:3b:8d:d5:67:8e:36:78:e9:ea:62:fa:95:
ad:d2:03:d9:0b:1e:cb:62:19:d2:00:fc:61:ea:ab:
04:61:db:b1:4e:9f:24:06:9c:17:85:ee:36:55:dd:
52:32:f1:4a:3a:07:2f:95:f4:17:b2:68:9b:ba:aa:
a3:ff:4e:a0:78:ae:e2:bc:26:00:b3:b2:e4:e6:e0:
43:30:0a:fb:44:ef:70:c9:c2:4e:32:7a:ef:ca:6d:
a3:77:8f:e0:49:d5:17:91:02:37:22:88:c1:09:1f:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A0:84:6F:80:91:FA:42:BB:43:BB:08:27:9B:E6:3D:01:8B:B9:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:43:4f:b6:68:41:ca:3b:7a:b3:07:52:a4:86:55:f0:0e:16:
68:86:f5:03:4c:c8:60:ea:d1:98:f4:fb:01:99:24:e2:0a:2d:
21:b6:bc:d0:78:a4:fb:fc:73:b7:3c:8e:e1:c0:3a:34:07:7a:
c0:67:98:23:3b:fd:24:44:25:3e:c5:19:5d:dd:b9:d1:fe:35:
a0:3d:bc:50:2c:cc:0e:a3:cd:05:ea:11:7e:e6:6d:65:17:4e:
4a:3b:6d:6b:5e:69:88:0e:7e:a8:af:7f:91:51:8c:fe:c2:98:
aa:03:5d:c7:c3:57:8c:1f:84:8f:c0:cb:73:67:f4:f3:30:b1:
27:6b:17:f9:bb:04:74:75:68:b3:1a:0a:77:77:33:a4:40:94:
d9:c8:5a:6b:78:6a:5a:3e:44:c9:8f:59:a1:8b:c9:73:5f:3f:
71:65:e5:08:ba:3c:43:e0:c4:09:c5:67:d1:2b:24:49:63:69:
a3:9d:e5:29:34:2d:1b:4a:e8:93:ac:a9:b2:18:6a:28:df:75:
7c:d3:a4:d3:0a:07:71:9f:b5:62:34:7f:7d:0a:3e:c9:d0:e8:
eb:57:14:5e:e5:4b:39:01:7a:22:20:80:2d:f6:5f:fd:ef:57:
bc:59:26:57:07:ac:cf:3e:7a:24:8f:db:f4:47:45:8d:3e:f3:
4c:82:23:d7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQQGs1GbIe0OdhCmTwVP93fjPXq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZTQ3MGU3YmY0MDFiMmI2ZTY5YTIxODdjZTc4YmZlNTBmYTMxNzJmOTA3
NmEyZTFmYThjMWFmYjZkODA2MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgW8J3XpRrKmfpTR7/hlmMB/dpI69fBN9p5dxXQ4thGinUKLaPdQorGMFIH
YJnWjgWqpJAywZs3+HZsx42BAlvXJTB17fiUWlyqRzqvmGpgGsR80cWD6SOrtngF
D2F3xrI3wqD2p7SjuB9zfy1+JEku65u0KOB5Kef6enxKlootlAMwUfaESDKtGOVg
mC7E96pbPNv8R851O43VZ442eOnqYvqVrdID2Qsey2IZ0gD8YeqrBGHbsU6fJAac
F4XuNlXdUjLxSjoHL5X0F7Jom7qqo/9OoHiu4rwmALOy5ObgQzAK+0TvcMnCTjJ6
78pto3eP4EnVF5ECNyKIwQkfbfkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBShoIRv
gJH6QrtDuwgnm+Y9AYu5OjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmQ3MWE3NDYtM2NjOS00NTcwLWJmNWQtY2M3MDM1ODIwNWI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAW0NPtmhByjt6swdSpIZV8A4WaIb1A0zIYOrRmPT7
AZkk4gotIba80Hik+/xztzyO4cA6NAd6wGeYIzv9JEQlPsUZXd250f41oD28UCzM
DqPNBeoRfuZtZRdOSjtta15piA5+qK9/kVGM/sKYqgNdx8NXjB+Ej8DLc2f08zCx
J2sX+bsEdHVosxoKd3czpECU2chaa3hqWj5EyY9ZoYvJc18/cWXlCLo8Q+DECcVn
0SskSWNpo53lKTQtG0rok6ypshhqKN91fNOk0woHcZ+1YjR/fQo+ydDo61cUXuVL
OQF6IiCALfZf/e9XvFkmVweszz56JI/b9EdFjT7zTIIj1w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:40:00 2025 by rpki-client