Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: hTFZF6ol4lKjrztz51XGYfnGWFBz7OnRPyCmgejoNLU=
Subject key identifier: F4:0F:3E:B6:90:B3:48:2F:76:6E:C1:A8:17:07:C1:C9:D1:86:54:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B94069DA28EB21E4954E0F0DD71F90802540EC6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Fri 07 Mar 2025 15:10:44 +0000
ROA not before: Fri 07 Mar 2025 15:10:44 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:94:06:9d:a2:8e:b2:1e:49:54:e0:f0:dd:71:f9:08:02:54:0e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:44 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:52:73:ed:44:7e:8e:a2:1a:20:6d:89:06:22:
37:df:7f:7e:f5:55:ec:7e:e2:ef:9e:d5:21:36:a7:
4e:4d:cf:48:cf:6c:f9:52:9b:e0:28:e1:89:b6:a0:
a9:dd:1e:64:3e:46:f5:fa:99:72:4f:3f:fc:80:9a:
4b:f7:a9:4c:b7:2d:32:87:70:a7:5e:8c:80:43:f4:
33:8c:77:9a:1b:b5:34:0b:48:dc:18:43:b1:82:03:
99:43:5a:fb:d6:ec:e1:e5:5c:0a:bf:41:20:aa:7b:
34:dd:b4:0b:42:fa:be:6f:50:e9:8c:06:3b:02:3a:
a9:e0:49:b9:d7:ec:95:90:38:4b:59:cc:b3:17:6d:
df:b2:d7:63:b3:5d:bc:e9:78:87:ea:e6:24:6c:14:
fe:67:15:51:17:a9:77:2f:b6:ab:92:b5:11:e4:8b:
52:c9:19:ca:2e:e8:3d:6a:f1:cc:e5:27:8c:09:9d:
eb:20:57:c6:15:11:a2:9c:96:27:5a:cc:54:05:ca:
bc:67:12:6c:a4:0b:ae:03:46:1c:96:ab:8f:73:78:
cd:d9:b2:aa:b3:1f:1d:df:da:3c:a3:32:da:72:a7:
35:84:6f:5d:ad:12:57:e1:97:c3:cf:c2:03:c5:cd:
31:3b:da:97:a5:7f:1a:1b:3c:09:fc:a1:aa:f9:4a:
1e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0F:3E:B6:90:B3:48:2F:76:6E:C1:A8:17:07:C1:C9:D1:86:54:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
1b:71:14:5a:43:2a:f9:22:36:22:7f:08:0b:cc:00:af:e5:fc:
c4:28:bf:f7:11:0c:be:9a:4d:e8:be:a2:28:0f:9e:56:9d:91:
a2:f7:07:3b:1b:11:9f:09:f1:77:78:a5:09:5b:f2:28:c1:a2:
4d:6b:32:33:e8:5e:17:a0:45:48:75:36:39:30:48:e8:dd:52:
f1:71:45:d0:94:89:0f:93:1b:8a:7d:73:94:8d:e4:61:f5:b9:
58:c2:57:00:65:1d:c4:cd:cb:61:79:64:d9:50:c7:aa:dc:a7:
50:2b:e4:75:4f:85:51:f8:23:10:ae:5f:93:61:51:08:d0:fa:
78:2a:78:31:c3:26:45:53:ac:69:c2:ec:b4:93:13:59:64:9e:
46:21:86:79:45:8c:6c:3a:c0:e8:4b:52:b3:4f:6f:bb:76:9b:
8e:70:df:99:e4:a1:fa:43:1c:66:f7:d2:a7:ef:8f:7b:69:cd:
25:b7:62:85:04:35:2b:b5:37:54:78:50:36:a8:2e:ce:ba:9d:
4c:26:2d:31:30:12:f1:85:6a:8c:e6:7f:2d:05:a1:02:ce:f3:
e0:16:5e:b6:ca:45:53:68:04:1a:58:db:b0:45:2d:58:b2:02:
ea:18:12:d9:fb:7d:93:27:ce:03:49:05:55:42:2d:21:15:f1:
4b:50:06:b8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW5QGnaKOsh5JVODw3XH5CAJUDsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwNDRaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmYmNhMjdjOGEyN2E4YTFlZjVkYzM1MTFkMjhiNjFkM2I0Njc1M2MzNDJj
MGNkYWIyMTBjY2U0OTRlNjIzMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlSc+1Efo6iGiBtiQYiN99/fvVV7H7i757VITanTk3PSM9s+VKb4Cjhibag
qd0eZD5G9fqZck8//ICaS/epTLctModwp16MgEP0M4x3mhu1NAtI3BhDsYIDmUNa
+9bs4eVcCr9BIKp7NN20C0L6vm9Q6YwGOwI6qeBJudfslZA4S1nMsxdt37LXY7Nd
vOl4h+rmJGwU/mcVURepdy+2q5K1EeSLUskZyi7oPWrxzOUnjAmd6yBXxhURopyW
J1rMVAXKvGcSbKQLrgNGHJarj3N4zdmyqrMfHd/aPKMy2nKnNYRvXa0SV+GXw8/C
A8XNMTval6V/Ghs8CfyhqvlKHh0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT0Dz62
kLNIL3ZuwagXB8HJ0YZUaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAG3EUWkMq+SI2In8IC8wAr+X8xCi/9xEMvppN6L6i
KA+eVp2RovcHOxsRnwnxd3ilCVvyKMGiTWsyM+heF6BFSHU2OTBI6N1S8XFF0JSJ
D5Mbin1zlI3kYfW5WMJXAGUdxM3LYXlk2VDHqtynUCvkdU+FUfgjEK5fk2FRCND6
eCp4McMmRVOsacLstJMTWWSeRiGGeUWMbDrA6EtSs09vu3abjnDfmeSh+kMcZvfS
p++Pe2nNJbdihQQ1K7U3VHhQNqguzrqdTCYtMTAS8YVqjOZ/LQWhAs7z4BZetspF
U2gEGljbsEUtWLIC6hgS2ft9kyfOA0kFVUItIRXxS1AGuA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:15 2025 by rpki-client