Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa
File: d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa (raw, json)
Hash identifier: yXMKjujdJn0hbCiMWgjdyQSHCy4j7JHbX9R4RylOJK0=
Subject key identifier: 23:5D:D8:AD:50:A8:9A:E7:84:1B:9F:32:66:58:2F:C6:7C:E6:51:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 604BF62DA5932C21649C82AD38E14DFC2369CBF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:4b:f6:2d:a5:93:2c:21:64:9c:82:ad:38:e1:4d:fc:23:69:cb:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ca:6a:a7:86:15:1d:9b:89:9a:a5:d1:55:da:
a5:09:19:4c:34:e5:6d:43:91:02:1b:e7:c9:ed:2b:
25:c0:f8:c9:27:6f:d4:69:8a:57:20:a5:9e:22:c8:
0f:ba:80:ed:5a:a4:c5:07:1b:43:13:82:c5:3a:17:
9a:4d:79:01:44:95:75:6f:74:3f:ef:7b:5c:6f:16:
2e:2a:33:35:76:85:4e:22:54:21:d8:f0:fd:eb:b0:
84:d8:67:82:46:62:50:f2:6c:2c:42:2d:89:3d:2a:
9f:47:77:6c:e1:54:4c:e3:63:10:0c:23:c1:2c:6b:
c1:d7:99:b2:20:37:61:e6:9b:10:03:1d:a9:40:89:
a7:7a:37:92:5d:39:d5:48:fa:77:dd:d5:07:da:4e:
78:a9:14:ca:1f:80:a3:ed:04:9d:4a:f8:2c:95:b7:
cf:dc:e6:2e:58:ae:43:e1:e6:53:70:6b:3b:c9:5b:
c4:41:29:3a:55:7f:20:b6:92:4a:17:21:e3:f4:08:
d8:5a:9e:58:4c:3b:95:c7:f7:75:48:40:e0:0f:3d:
a3:0d:aa:b2:6f:5c:ba:4f:a6:a5:9b:42:fa:8d:1f:
67:f2:40:86:ee:2b:35:f9:5d:bc:9f:49:17:44:1f:
6f:5d:aa:2d:48:c0:84:cf:68:41:12:bc:6d:2f:4b:
3b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5D:D8:AD:50:A8:9A:E7:84:1B:9F:32:66:58:2F:C6:7C:E6:51:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:93:56:c1:e1:23:70:50:1a:db:4b:9a:62:ee:fc:b4:a5:df:
47:5c:a8:bd:06:8b:b2:cd:92:04:79:b8:32:99:23:99:64:85:
c0:d3:2b:a9:bd:18:73:4b:43:15:54:1e:bf:06:b0:43:e4:fe:
22:42:6c:a8:2c:69:89:51:61:70:65:c2:c8:82:1b:bb:1d:d1:
d5:a4:ff:a0:f1:9d:00:5b:04:b8:45:0a:b3:58:41:1e:21:f3:
01:6b:c2:bb:b9:96:7b:7f:9f:af:00:4f:8c:d2:60:84:e0:06:
a8:03:e9:6e:39:c4:1b:f0:3a:f5:2f:cb:63:a4:cb:90:7c:67:
e7:ba:12:b5:73:fb:cb:01:3b:4a:c8:c5:a3:4d:2a:3f:2c:40:
d8:72:9f:66:dd:e9:fb:89:e3:98:c3:ec:e2:f9:f2:45:95:5b:
6c:08:ec:4b:e2:06:c8:c2:f5:59:38:ab:04:d3:8f:39:f4:21:
02:6b:56:4a:2f:82:28:43:7e:ae:45:46:3d:f9:8a:5a:43:a0:
f5:84:96:5a:de:4c:d1:d0:53:01:4f:a6:62:cf:96:2e:fd:ab:
a6:bb:79:64:5e:8b:7b:67:23:97:0a:3d:de:94:93:1d:62:4b:
cc:34:42:c8:13:c2:55:be:5c:0e:46:9f:53:04:24:c5:0f:a5:
3c:8d:c5:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYEv2LaWTLCFknIKtOOFN/CNpy/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5N2I5NGJkMWFkMWQwNmMyNGYyODQ4ZjYxM2NkMWIzYmY1MjA4ZjE0ZmFk
NmY2MDlhZGQ3YThmOWU0NDhkNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLKaqeGFR2biZql0VXapQkZTDTlbUORAhvnye0rJcD4ySdv1GmKVyClniLI
D7qA7VqkxQcbQxOCxToXmk15AUSVdW90P+97XG8WLiozNXaFTiJUIdjw/euwhNhn
gkZiUPJsLEItiT0qn0d3bOFUTONjEAwjwSxrwdeZsiA3YeabEAMdqUCJp3o3kl05
1Uj6d93VB9pOeKkUyh+Ao+0EnUr4LJW3z9zmLliuQ+HmU3BrO8lbxEEpOlV/ILaS
Shch4/QI2FqeWEw7lcf3dUhA4A89ow2qsm9cuk+mpZtC+o0fZ/JAhu4rNfldvJ9J
F0Qfb12qLUjAhM9oQRK8bS9LO18CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjXdit
UKia54QbnzJmWC/GfOZRSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEwNDFhMWMtYjFmYy00N2E5LThmZjYtYmQzNzYxOTM4MWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQBak1bB4SNwUBrbS5pi7vy0pd9HXKi9BouyzZIEebgy
mSOZZIXA0yupvRhzS0MVVB6/BrBD5P4iQmyoLGmJUWFwZcLIghu7HdHVpP+g8Z0A
WwS4RQqzWEEeIfMBa8K7uZZ7f5+vAE+M0mCE4AaoA+luOcQb8Dr1L8tjpMuQfGfn
uhK1c/vLATtKyMWjTSo/LEDYcp9m3en7ieOYw+zi+fJFlVtsCOxL4gbIwvVZOKsE
04859CECa1ZKL4IoQ36uRUY9+YpaQ6D1hJZa3kzR0FMBT6Ziz5Yu/aumu3lkXot7
ZyOXCj3elJMdYkvMNELIE8JVvlwORp9TBCTFD6U8jcUn
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:39 2025 by rpki-client