Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: geDLvY/7dkBkaLqW6Sgq5jjwQBiUnCt8RiJFFW8+M6c=
Subject key identifier: CD:2D:07:2B:E5:13:63:F1:A0:B8:83:D5:C8:5A:DE:D4:12:74:20:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64154AEA6FD8C7BD0466BD9F722EE9F9D32CAC76
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Wed 05 Mar 2025 17:51:33 +0000
ROA not before: Wed 05 Mar 2025 17:51:33 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:15:4a:ea:6f:d8:c7:bd:04:66:bd:9f:72:2e:e9:f9:d3:2c:ac:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:33 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6b:91:0f:c4:e8:dc:41:ed:f4:b3:fc:fc:5e:
7c:ef:9f:26:5b:28:26:0f:3b:6c:28:a6:eb:3f:d0:
60:88:84:8a:1f:60:c6:9a:8c:ed:79:10:35:19:f2:
fc:1d:4b:f9:75:7a:c5:40:ab:bf:d7:f5:e2:38:5c:
9a:2d:c2:31:c0:56:20:1b:d3:37:16:d3:0d:7d:b7:
d6:97:18:97:d1:90:00:fb:d3:f9:62:d7:9c:67:bd:
a9:17:b7:90:c7:35:29:51:f7:3a:e3:53:d7:ca:b3:
62:be:9c:49:d6:65:9f:7c:b8:ab:ee:15:f6:46:56:
07:3e:44:96:20:5c:9d:2d:88:d4:36:78:10:e6:81:
14:5c:4e:4d:60:61:ff:5a:1b:d7:e0:21:10:6f:5c:
32:4b:de:ea:50:a4:a0:b9:88:85:d8:17:1b:61:b9:
e8:49:bd:a1:df:05:6f:47:cc:0f:fe:39:46:0c:a4:
45:e3:9f:d4:f3:9f:16:c1:2c:1d:b3:14:e2:0c:f9:
8b:8d:47:e5:27:d6:52:5e:0d:78:46:07:92:ce:9d:
6c:23:99:8f:8d:99:3d:2f:9b:7c:61:60:e3:e2:e4:
bb:74:25:19:84:81:73:f6:65:8f:a8:c5:15:2e:dc:
9a:05:39:e3:9f:01:6a:74:ae:b2:fe:51:1f:6e:72:
06:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:07:2B:E5:13:63:F1:A0:B8:83:D5:C8:5A:DE:D4:12:74:20:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:73:16:8a:63:9c:5f:43:86:c6:5d:58:55:1e:81:5e:98:64:
5c:f3:00:7e:cb:4b:3f:93:41:db:d9:af:55:a7:69:c3:8b:a2:
58:b0:32:f0:3b:34:99:31:38:13:e4:f8:69:e8:2c:57:1a:00:
31:be:80:8f:15:06:72:bd:f4:74:f2:3d:42:e4:2c:79:25:b7:
b8:25:b9:0b:97:09:06:8c:e0:fe:e5:e9:ed:21:09:da:88:eb:
a1:71:1b:9c:24:77:fd:40:47:5c:df:9e:bb:13:6e:44:d3:f6:
39:7e:49:12:62:f3:92:36:93:f8:79:86:49:a2:ff:a3:65:ef:
13:c1:b3:ee:b6:c8:7c:08:82:36:ac:9a:9d:4c:24:c0:d1:83:
5c:0e:dc:20:6f:3c:30:cb:f9:4a:01:62:05:59:4f:fa:36:a7:
93:ff:e2:95:17:2e:28:2e:ec:26:b1:cc:38:54:72:e0:1d:02:
5a:cc:8c:49:5f:92:a1:99:b7:34:5e:e1:c4:7f:59:96:50:2b:
43:f7:65:8c:89:b6:d1:b0:aa:20:1a:a8:2a:3e:a8:e0:cf:17:
a4:a0:0b:00:c7:91:e3:c9:56:29:fb:36:9f:8c:da:e4:c8:c6:
6f:23:d3:a7:9b:ca:b6:1d:a1:21:cb:d8:ea:72:45:ab:eb:c6:
56:ff:3b:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZBVK6m/Yx70EZr2fci7p+dMsrHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMzNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4ZDVlZTNjZDZiMGNjNjFiZTBkYmYzNjQxNGZiZjg0MmIyYTg3NTI0OTdk
Mzg4NjViZTA2NTZhZTgyYzAzNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJrkQ/E6NxB7fSz/PxefO+fJlsoJg87bCim6z/QYIiEih9gxpqM7XkQNRny
/B1L+XV6xUCrv9f14jhcmi3CMcBWIBvTNxbTDX231pcYl9GQAPvT+WLXnGe9qRe3
kMc1KVH3OuNT18qzYr6cSdZln3y4q+4V9kZWBz5EliBcnS2I1DZ4EOaBFFxOTWBh
/1ob1+AhEG9cMkve6lCkoLmIhdgXG2G56Em9od8Fb0fMD/45RgykReOf1POfFsEs
HbMU4gz5i41H5SfWUl4NeEYHks6dbCOZj42ZPS+bfGFg4+Lku3QlGYSBc/Zlj6jF
FS7cmgU5458BanSusv5RH25yBkUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNLQcr
5RNj8aC4g9XIWt7UEnQg3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQCqcxaKY5xfQ4bGXVhVHoFemGRc8wB+y0s/k0Hb2a9V
p2nDi6JYsDLwOzSZMTgT5Php6CxXGgAxvoCPFQZyvfR08j1C5Cx5Jbe4JbkLlwkG
jOD+5entIQnaiOuhcRucJHf9QEdc3567E25E0/Y5fkkSYvOSNpP4eYZJov+jZe8T
wbPutsh8CII2rJqdTCTA0YNcDtwgbzwwy/lKAWIFWU/6NqeT/+KVFy4oLuwmscw4
VHLgHQJazIxJX5Khmbc0XuHEf1mWUCtD92WMibbRsKogGqgqPqjgzxekoAsAx5Hj
yVYp+zafjNrkyMZvI9Onm8q2HaEhy9jqckWr68ZW/zvv
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:45:08 2025 by rpki-client