Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
File: ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa (raw, json)
Hash identifier: aa8OkbyrnDF3YqV90mFOxYypWR5Ydln37iWwXeSPU6Y=
Subject key identifier: CF:F4:85:31:8D:52:4F:21:BA:2A:9F:91:D0:7D:29:A5:D3:5D:76:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25DB7FE1DE420C5215300395643DD87501A2850D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:db:7f:e1:de:42:0c:52:15:30:03:95:64:3d:d8:75:01:a2:85:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:1f:7c:a4:f1:03:11:bc:1a:8e:eb:02:d8:42:
76:9f:16:07:4d:47:64:12:1b:ae:0e:b3:07:aa:e8:
60:72:c8:01:b9:c2:b8:bd:fc:b2:fa:e6:55:56:fb:
a7:21:ab:ad:bc:08:4c:50:4d:be:e0:e8:00:0d:06:
61:15:1f:d0:18:d8:76:3c:28:5d:e4:e2:db:fe:34:
68:6e:9f:cc:40:35:72:26:6f:f5:d7:b9:8b:90:31:
fa:b1:b6:fc:e4:07:a0:f2:07:57:36:a1:86:46:5c:
3f:77:b4:5b:85:89:86:90:f4:34:21:ad:5e:3d:76:
f0:40:17:ff:bb:4e:f6:c9:92:66:72:d9:2e:3c:8b:
49:78:41:3b:ed:39:86:02:52:be:08:62:30:98:49:
98:f9:a3:a6:4b:0e:28:6d:f8:ad:ca:77:3c:49:50:
7d:73:3c:4c:62:b0:61:e7:a3:a8:c0:e6:50:48:19:
ea:a9:e6:7f:e1:3b:f1:83:c3:dd:74:23:97:1f:ba:
8b:1c:25:e6:b2:2d:94:23:f8:12:56:68:3d:02:cd:
77:ca:8a:53:9a:85:17:62:1b:16:00:2a:20:8a:98:
3a:f4:ec:e0:c0:58:7d:82:27:a3:f1:96:be:11:7b:
98:5b:ed:36:38:4e:75:67:fb:38:4a:16:7b:78:4e:
d1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F4:85:31:8D:52:4F:21:BA:2A:9F:91:D0:7D:29:A5:D3:5D:76:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:44:d9:4a:7d:c7:dd:de:6a:95:11:af:d4:61:91:98:40:bc:
01:fc:e2:ee:51:94:7b:f3:04:43:39:7d:2a:60:34:90:35:95:
a8:6f:8b:00:9a:85:fa:ce:84:fd:dd:f8:94:76:3b:28:12:a7:
f6:36:28:2c:50:55:cf:9b:67:cf:f6:e7:57:f0:d0:0b:39:f3:
81:b1:4b:7d:7c:cb:88:8e:c9:39:6c:f9:85:b8:38:25:99:3d:
68:aa:3b:a3:a7:a4:70:41:91:3f:4b:4c:ff:0e:65:0f:61:47:
9d:87:64:63:07:22:ee:dd:b7:5e:e0:41:f0:3d:6b:6f:e0:d3:
9e:07:bb:01:f4:66:61:0f:36:9c:68:7d:e2:dc:ad:4c:80:80:
90:3d:87:6a:4b:8b:89:5a:0f:c3:61:f5:09:4b:43:89:e6:06:
53:23:13:27:f3:f6:34:25:a4:bb:96:cb:8a:70:a2:58:82:34:
a3:00:74:67:bc:be:54:bd:7a:30:bc:63:15:62:8b:3d:32:a8:
3c:14:e2:e5:49:3b:6d:3e:52:73:f8:ee:50:88:31:88:77:f5:
0d:8a:5c:86:00:78:95:c2:8b:d3:c2:59:58:0a:8e:7a:38:2c:
fd:c2:83:8b:fa:fd:b4:93:36:bc:ee:36:22:74:3a:31:69:59:
fc:e0:6e:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJdt/4d5CDFIVMAOVZD3YdQGihQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MjY4OThmYTYzMWM0NjEyMWRkMTg4ZGZlYjIzZWJjNDA5ZGY0N2UxZDUw
Yjg0NjYwMjU4ZTAxMDRlMDFhOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4ffKTxAxG8Go7rAthCdp8WB01HZBIbrg6zB6roYHLIAbnCuL38svrmVVb7
pyGrrbwITFBNvuDoAA0GYRUf0BjYdjwoXeTi2/40aG6fzEA1ciZv9de5i5Ax+rG2
/OQHoPIHVzahhkZcP3e0W4WJhpD0NCGtXj128EAX/7tO9smSZnLZLjyLSXhBO+05
hgJSvghiMJhJmPmjpksOKG34rcp3PElQfXM8TGKwYeejqMDmUEgZ6qnmf+E78YPD
3XQjlx+6ixwl5rItlCP4ElZoPQLNd8qKU5qFF2IbFgAqIIqYOvTs4MBYfYIno/GW
vhF7mFvtNjhOdWf7OEoWe3hO0WECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTP9IUx
jVJPIboqn5HQfSml0112OzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYxYTAzMmMtNmI0YS00ZjRiLWFjMGUtODk2MjQwNThiMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBmRNlKfcfd3mqVEa/UYZGYQLwB/OLuUZR78wRDOX0q
YDSQNZWob4sAmoX6zoT93fiUdjsoEqf2NigsUFXPm2fP9udX8NALOfOBsUt9fMuI
jsk5bPmFuDglmT1oqjujp6RwQZE/S0z/DmUPYUedh2RjByLu3bde4EHwPWtv4NOe
B7sB9GZhDzacaH3i3K1MgICQPYdqS4uJWg/DYfUJS0OJ5gZTIxMn8/Y0JaS7lsuK
cKJYgjSjAHRnvL5UvXowvGMVYos9Mqg8FOLlSTttPlJz+O5QiDGId/UNilyGAHiV
wovTwllYCo56OCz9woOL+v20kza87jYidDoxaVn84G5s
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:39 2025 by rpki-client