Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
File: c0680170-a405-45c9-bf7f-03cb2e587884.roa (raw, json)
Hash identifier: tiU1dKPJJNQtD8D+NJE1Bg6WB1pNUm6HTwTdZML1HRU=
Subject key identifier: 83:33:17:A5:EC:FE:B5:64:82:DA:39:E6:8E:C2:D9:9C:AE:F1:85:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D1C74DE435B85C75C59A5A81447AF88DB720405
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:1c:74:de:43:5b:85:c7:5c:59:a5:a8:14:47:af:88:db:72:04:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:a6:0a:c2:e8:a5:23:c0:48:af:a7:54:44:
21:eb:8b:3f:a7:c4:a4:54:db:e9:00:2b:62:60:4e:
3c:4c:3f:7f:ad:96:29:48:3d:be:c6:51:e0:e2:b6:
b1:81:48:ab:45:fd:bf:74:54:36:5c:6a:0b:df:4c:
30:a2:7d:ec:01:ae:e4:0a:5b:59:fd:10:18:78:07:
e2:82:10:09:e3:6c:f9:9f:33:62:8a:4d:25:a5:87:
44:d6:8a:04:dd:49:83:4e:ab:86:ec:f7:86:91:64:
b5:5a:70:b8:3c:99:e4:c7:1e:13:9b:9d:fe:63:e2:
74:f9:ac:18:40:57:08:12:72:7d:23:c9:ee:59:c2:
b4:61:69:1f:2a:95:81:8f:46:e6:33:5a:4a:d0:2c:
8c:4c:09:27:00:15:cd:41:3a:6f:4d:34:f3:f3:53:
e8:c8:88:a6:60:4b:d3:27:21:68:b3:3d:7b:5d:1f:
b7:5f:f3:f2:b9:00:d9:61:2e:52:50:02:b2:65:6b:
dd:e0:9d:7d:6f:52:e6:29:9a:5f:9c:16:2e:1c:9a:
89:d8:fc:78:d4:1f:d6:b1:67:f7:6b:6d:d5:44:72:
d4:cd:5b:8d:64:f1:be:c1:c9:8f:62:bd:f9:48:4c:
5e:8e:09:c4:0c:6c:df:1c:b4:16:9c:94:33:aa:62:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:33:17:A5:EC:FE:B5:64:82:DA:39:E6:8E:C2:D9:9C:AE:F1:85:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:d3:5d:15:c3:70:a6:2e:f7:cc:be:c9:eb:a6:0b:2d:0d:25:
90:f2:ae:e4:4d:13:a1:c5:06:4f:e3:20:9d:89:4a:d8:22:27:
17:ce:d3:0f:f1:1e:73:e7:e8:69:74:7c:ff:3c:d6:f1:85:25:
5c:d4:b0:28:ef:8a:79:c0:ce:bb:33:ba:99:58:20:b3:e7:c1:
6a:16:ba:42:6e:dd:61:7d:40:37:73:0c:b5:39:af:50:f3:6d:
7d:3e:f6:c2:cb:43:97:21:37:ec:7f:80:dc:21:39:06:b9:e8:
00:28:d7:35:17:d2:ca:e8:cd:1b:ed:57:97:2b:aa:ef:49:46:
dc:ae:3e:0c:66:2a:86:f4:44:8c:7b:4c:72:c3:fd:20:a9:1e:
c9:4b:1c:00:6e:42:07:59:d7:3f:3c:71:fd:d8:18:c5:93:a5:
e5:d7:db:62:a5:ff:b7:2e:51:d4:2d:84:cf:94:43:33:de:c9:
3f:73:91:8b:c1:d2:ad:2d:3e:c7:9d:b9:9a:1c:da:1f:7f:6b:
af:6e:db:57:e3:29:9b:66:ca:98:01:f4:d2:22:b9:8f:fb:b8:
51:7d:e1:e5:a5:83:68:13:79:80:86:2c:f4:b2:b0:d5:78:e7:
84:2f:d0:21:aa:78:36:fe:ad:6b:29:3f:28:91:cc:76:a6:d2:
f3:ef:af:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPRx03kNbhcdcWaWoFEeviNtyBAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMmMxYWE3ZjExZWQzN2FlMjU3NmUyNTVjYWJkMTBjM2M5ZWE3Y2I1OWFl
YTVjMWQxYjI1NDFmNjNlNzkwOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl2pgrC6KUjwEivp1REIeuLP6fEpFTb6QArYmBOPEw/f62WKUg9vsZR4OK2
sYFIq0X9v3RUNlxqC99MMKJ97AGu5ApbWf0QGHgH4oIQCeNs+Z8zYopNJaWHRNaK
BN1Jg06rhuz3hpFktVpwuDyZ5MceE5ud/mPidPmsGEBXCBJyfSPJ7lnCtGFpHyqV
gY9G5jNaStAsjEwJJwAVzUE6b0008/NT6MiIpmBL0ychaLM9e10ft1/z8rkA2WEu
UlACsmVr3eCdfW9S5imaX5wWLhyaidj8eNQf1rFn92tt1URy1M1bjWTxvsHJj2K9
+UhMXo4JxAxs3xy0FpyUM6piZOkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDMxel
7P61ZILaOeaOwtmcrvGFlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA2ODAxNzAtYTQwNS00NWM5LWJmN2YtMDNjYjJlNTg3ODg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQAX010Vw3CmLvfMvsnrpgstDSWQ8q7kTROhxQZP4yCd
iUrYIicXztMP8R5z5+hpdHz/PNbxhSVc1LAo74p5wM67M7qZWCCz58FqFrpCbt1h
fUA3cwy1Oa9Q8219PvbCy0OXITfsf4DcITkGuegAKNc1F9LK6M0b7VeXK6rvSUbc
rj4MZiqG9ESMe0xyw/0gqR7JSxwAbkIHWdc/PHH92BjFk6Xl19tipf+3LlHULYTP
lEMz3sk/c5GLwdKtLT7HnbmaHNoff2uvbttX4ymbZsqYAfTSIrmP+7hRfeHlpYNo
E3mAhiz0srDVeOeEL9Ahqng2/q1rKT8okcx2ptLz769n
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:13 2025 by rpki-client