Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: Ui/NajJ+rM7jodAzKKnPEylP7NhnawhlwtHHjGTpROc=
Subject key identifier: 40:B8:96:8F:69:9E:A7:A6:03:46:31:4C:EE:0B:3C:92:87:0A:8A:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A62847BDB35720FD399A6AB3AC90380CE5E86C7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Wed 05 Mar 2025 17:52:03 +0000
ROA not before: Wed 05 Mar 2025 17:52:03 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:62:84:7b:db:35:72:0f:d3:99:a6:ab:3a:c9:03:80:ce:5e:86:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:52:03 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:7f:d0:a4:cc:e6:59:ff:70:16:55:30:20:ea:
bf:d0:d6:00:f7:d3:02:21:6e:a0:82:12:c7:fc:11:
43:63:80:95:25:95:2a:69:64:d6:e1:b8:ae:53:4b:
33:85:4f:88:65:26:28:7e:1e:4d:b0:b5:72:18:48:
b6:9f:18:3a:d0:c4:12:45:fc:e0:27:f6:05:29:29:
bc:fa:f7:38:29:78:a8:ea:fe:64:b2:6a:a0:62:c2:
93:25:23:c7:0a:aa:28:ce:83:ed:f9:2d:20:48:f7:
34:7f:ec:77:d6:8a:c1:35:00:a9:61:64:bb:e3:e7:
c9:70:8d:84:ab:02:b8:1c:62:85:31:18:66:d3:98:
4c:fc:f2:dd:c8:5c:e5:06:6a:43:67:9c:53:30:55:
9c:79:21:59:6e:61:05:86:2e:39:8c:d3:6f:b0:b0:
09:dd:a2:73:01:c4:f1:06:b9:8c:dd:2f:9a:69:c4:
d8:a4:22:ae:9a:14:fa:8b:97:59:36:31:4e:60:83:
75:b1:49:7c:47:82:2f:38:ea:6d:6c:ca:0c:a6:33:
c5:95:96:78:9b:dc:9f:4a:df:2c:af:42:d1:d2:2b:
87:e7:d8:e5:6c:98:28:e1:e3:4f:fd:de:b6:66:e4:
86:7d:28:19:dd:cb:69:38:9a:30:b0:51:70:d2:27:
5c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B8:96:8F:69:9E:A7:A6:03:46:31:4C:EE:0B:3C:92:87:0A:8A:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:1e:24:8f:b1:34:54:25:dc:7a:7c:13:b6:5d:c9:9a:e6:93:
ef:4c:75:9b:fa:5f:30:d4:bf:15:47:af:77:94:f2:a0:a9:bb:
55:4c:3c:97:97:a1:8d:06:bb:ce:8c:7b:e4:19:85:9e:7e:88:
69:ef:4e:a7:86:12:27:48:81:ab:48:f6:9e:a1:02:7f:f6:a1:
e7:9f:24:fe:58:c7:9f:13:25:e9:66:40:74:dd:d8:c2:21:1c:
0f:8a:dc:68:c5:f3:03:80:b2:75:c5:b8:c2:02:d5:f9:7a:67:
1e:70:1f:eb:6b:82:09:dd:ad:93:3d:d0:2e:08:c9:cd:aa:f0:
00:c4:89:83:4f:56:6a:63:40:6a:74:33:1b:0d:f5:41:e4:ff:
a4:15:29:0c:95:08:e4:67:86:bf:c0:b7:a7:35:82:43:51:63:
ef:de:b7:7c:4b:77:ee:55:c0:b6:eb:39:ec:ac:4a:0e:cd:df:
03:79:f3:5c:33:21:b2:68:e6:5b:38:94:03:e7:c8:03:36:7e:
28:f5:2c:f8:04:cc:09:c5:69:0e:0b:98:0d:b2:e1:2a:35:2c:
61:73:de:b5:73:df:65:e3:ec:47:d7:ab:0a:87:f4:49:33:b9:
04:95:65:8c:f0:4f:da:49:00:82:f9:17:30:d1:74:72:c6:84:
69:32:a2:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSmKEe9s1cg/TmaarOskDgM5ehscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUyMDNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMjlhYzNkZWY4MmQyNjJlMDY4YTIzZGVmNGE3NTFmMTQ2MjdkMjFiNGU0
ZGRmZTkyOTliNDhlODBmYTk0ODkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPF/0KTM5ln/cBZVMCDqv9DWAPfTAiFuoIISx/wRQ2OAlSWVKmlk1uG4rlNL
M4VPiGUmKH4eTbC1chhItp8YOtDEEkX84Cf2BSkpvPr3OCl4qOr+ZLJqoGLCkyUj
xwqqKM6D7fktIEj3NH/sd9aKwTUAqWFku+PnyXCNhKsCuBxihTEYZtOYTPzy3chc
5QZqQ2ecUzBVnHkhWW5hBYYuOYzTb7CwCd2icwHE8Qa5jN0vmmnE2KQirpoU+ouX
WTYxTmCDdbFJfEeCLzjqbWzKDKYzxZWWeJvcn0rfLK9C0dIrh+fY5WyYKOHjT/3e
tmbkhn0oGd3LaTiaMLBRcNInXMsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRAuJaP
aZ6npgNGMUzuCzyShwqKJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQB1HiSPsTRUJdx6fBO2Xcma5pPvTHWb+l8w1L8VR693
lPKgqbtVTDyXl6GNBrvOjHvkGYWefohp706nhhInSIGrSPaeoQJ/9qHnnyT+WMef
EyXpZkB03djCIRwPitxoxfMDgLJ1xbjCAtX5emcecB/ra4IJ3a2TPdAuCMnNqvAA
xImDT1ZqY0BqdDMbDfVB5P+kFSkMlQjkZ4a/wLenNYJDUWPv3rd8S3fuVcC26zns
rEoOzd8DefNcMyGyaOZbOJQD58gDNn4o9Sz4BMwJxWkOC5gNsuEqNSxhc961c99l
4+xH16sKh/RJM7kElWWM8E/aSQCC+Rcw0XRyxoRpMqKG
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:07 2025 by rpki-client