Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
File: e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa (raw, json)
Hash identifier: fPhLXlbwUM0rZgMKsCWUZ8Whbeb0j937J7Y6f0yOgTk=
Subject key identifier: 86:F3:C9:AB:8A:97:7A:BD:17:69:4A:E0:90:4A:7F:18:32:50:E5:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CA0C946198158111539ABDEF8316FC33F0880BF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
Signing time: Fri 06 Dec 2024 00:00:00 +0000
ROA not before: Fri 06 Dec 2024 00:00:00 +0000
ROA not after: Fri 10 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1040::/42 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:a0:c9:46:19:81:58:11:15:39:ab:de:f8:31:6f:c3:3f:08:80:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 6 00:00:00 2024 GMT
Not After : Jan 10 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:31:e2:a5:41:7c:b7:ad:aa:30:e5:52:cc:f4:
0d:2d:a7:1c:c1:11:c3:1e:4f:d6:90:7d:2d:1c:70:
da:be:3d:d3:9a:e6:63:b2:76:a8:e2:b7:6b:85:5a:
7e:41:8f:4b:82:d8:52:c5:85:84:a5:5b:9b:68:81:
b1:aa:fc:56:e1:6c:bb:bb:36:10:48:c4:95:21:2a:
cd:49:bf:bb:08:72:ca:65:be:f4:bb:5b:23:24:d1:
b2:42:a7:5a:4c:a4:6f:c9:72:83:18:80:a6:c0:1e:
47:29:36:7f:bc:01:90:0a:76:d7:0a:6c:aa:73:58:
ba:b9:ca:e1:d3:e5:41:a3:ac:9b:7d:ad:fd:c3:f0:
83:95:44:0f:b1:c6:53:53:55:16:33:15:02:3e:9a:
f1:93:43:f6:b0:3a:26:ed:83:fa:c4:8d:22:ac:56:
20:84:5d:1b:bd:a8:99:f1:0a:59:3c:fb:b7:10:95:
9c:97:79:9b:23:54:2f:4c:6a:16:fd:a5:71:9b:f2:
2b:94:ea:a0:62:a1:1a:f6:b7:4c:22:b9:cd:0c:e9:
41:fd:4e:b3:7e:4f:f8:45:ff:18:5d:58:fc:2b:08:
6d:e5:2a:4e:1d:4d:0c:3b:ee:87:0e:b5:fb:f6:06:
78:32:d0:98:0a:5b:c7:f4:ec:f7:8f:8f:d1:a9:76:
6b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F3:C9:AB:8A:97:7A:BD:17:69:4A:E0:90:4A:7F:18:32:50:E5:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1040::/42
Signature Algorithm: sha256WithRSAEncryption
d2:76:fa:d6:2c:a4:b4:bd:0e:5b:c2:e3:7a:66:b1:24:b7:ec:
2b:6d:63:85:5f:3f:b7:87:e6:d0:bc:8d:9c:c5:09:e7:b2:e0:
52:50:ba:fb:45:9b:7b:9d:a6:3d:45:a6:12:9d:04:0e:75:59:
94:61:73:04:7b:77:93:f9:58:1a:74:87:ef:73:f6:81:01:2c:
b0:0b:34:b0:ef:ba:1f:5e:17:2a:e3:5e:6c:9d:de:c3:6d:0c:
8a:3e:ff:5e:6b:ef:3d:01:e1:38:27:eb:65:b3:46:a2:e0:67:
b0:cb:fb:f9:56:7a:c8:a0:0c:72:c2:c0:96:d1:97:fb:08:3c:
73:8b:8c:05:fe:86:a3:1d:c6:ad:ad:86:e2:52:da:81:15:e5:
0d:67:41:85:1a:76:a1:26:ad:09:ea:b5:f5:1e:87:2b:37:e8:
24:0b:88:36:36:8c:58:aa:a1:f8:39:bc:86:93:d7:9e:05:5f:
a2:e1:c6:eb:41:d2:b5:47:2a:d0:85:65:3c:40:d7:27:26:33:
85:b4:d9:c7:32:09:11:e7:49:58:d9:27:c6:3b:73:d2:ed:86:
1b:12:c3:96:cb:7e:17:df:39:8d:e5:94:af:1b:01:a7:93:6c:
7d:dc:7a:11:cd:a3:41:49:8f:8a:b4:76:0b:5f:a9:72:87:bb:
da:2b:dd:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbKDJRhmBWBEVOave+DFvwz8IgL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDYwMDAwMDBaFw0yNTAxMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NWQ4OWU0MTI3M2FhYzZjNTdjZDQ4YTZjN2E5MTllNDkwNjhjZGNkODZh
NmRhYmYxYTg5MjkzNGJjMjAyMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcx4qVBfLetqjDlUsz0DS2nHMERwx5P1pB9LRxw2r4905rmY7J2qOK3a4Va
fkGPS4LYUsWFhKVbm2iBsar8VuFsu7s2EEjElSEqzUm/uwhyymW+9LtbIyTRskKn
Wkykb8lygxiApsAeRyk2f7wBkAp21wpsqnNYurnK4dPlQaOsm32t/cPwg5VED7HG
U1NVFjMVAj6a8ZND9rA6Ju2D+sSNIqxWIIRdG72omfEKWTz7txCVnJd5myNUL0xq
Fv2lcZvyK5TqoGKhGva3TCK5zQzpQf1Os35P+EX/GF1Y/CsIbeUqTh1NDDvuhw61
+/YGeDLQmApbx/Ts94+P0al2axkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSG88mr
ipd6vRdpSuCQSn8YMlDlazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTBkZjQyY2MtMWM3MC00ZTViLTkzZGEtM2Y2NmNlZjkzYTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioBBXgQ
QDANBgkqhkiG9w0BAQsFAAOCAQEA0nb61iyktL0OW8LjemaxJLfsK21jhV8/t4fm
0LyNnMUJ57LgUlC6+0Wbe52mPUWmEp0EDnVZlGFzBHt3k/lYGnSH73P2gQEssAs0
sO+6H14XKuNebJ3ew20Mij7/XmvvPQHhOCfrZbNGouBnsMv7+VZ6yKAMcsLAltGX
+wg8c4uMBf6Gox3Gra2G4lLagRXlDWdBhRp2oSatCeq19R6HKzfoJAuINjaMWKqh
+Dm8hpPXngVfouHG60HStUcq0IVlPEDXJyYzhbTZxzIJEedJWNknxjtz0u2GGxLD
lst+F985jeWUrxsBp5Nsfdx6Ec2jQUmPirR2C1+pcoe72ivdVQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:16 2025 by rpki-client