Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
File: f60b4750-e7e3-4460-ba65-978713bb9e2a.roa (raw, json)
Hash identifier: KP82H2NDwKVIpsKjFXz9hHKSznUyuIvg7h1dAI5pUkk=
Subject key identifier: DB:95:E6:5F:BD:19:4B:AE:36:16:D6:DE:ED:B6:E2:BE:C8:8E:4E:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0173FC5A09A90B95F927844B73DBF508D5DC53C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:73:fc:5a:09:a9:0b:95:f9:27:84:4b:73:db:f5:08:d5:dc:53:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ce:2f:9e:28:85:17:9c:f7:e9:88:2d:c5:82:
fa:10:ac:8b:c0:4f:b4:08:7d:ea:08:b9:5b:ff:4f:
ee:99:d8:97:47:33:50:6b:e7:ad:12:92:76:3e:6f:
f3:62:d1:ad:ca:46:9c:c4:00:ac:ab:ea:0a:cc:10:
ea:96:7e:44:e2:bd:0c:7b:93:8c:1a:a9:86:1a:93:
43:90:49:33:b4:a7:92:da:e8:cb:d4:da:d8:38:48:
10:56:0c:68:4f:16:d5:31:e5:4a:a4:29:09:b7:6d:
68:17:e7:ef:98:5b:2b:41:25:60:6e:e2:ca:a4:82:
b4:16:a3:1d:05:1a:be:36:24:3c:7a:8a:a2:9f:e9:
60:01:7a:c6:4b:75:e7:b9:b6:58:70:f8:0a:5d:29:
55:2d:07:5b:f6:92:07:78:7f:f9:80:82:36:5e:37:
fc:31:ad:dc:77:97:d1:02:86:79:26:43:7c:50:a6:
8f:9d:50:d0:a3:10:5b:b7:54:6d:93:39:4b:09:74:
05:8f:5b:ad:02:3e:07:8b:b9:d2:08:2b:42:2e:ba:
6d:ba:43:5b:96:27:91:b2:7f:a2:40:f9:4e:7a:34:
88:03:ae:3b:51:17:01:89:f6:3d:b8:a3:c0:55:b3:
68:da:c9:da:5b:6d:98:2f:34:0a:3c:58:9f:c0:c9:
cb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:E6:5F:BD:19:4B:AE:36:16:D6:DE:ED:B6:E2:BE:C8:8E:4E:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/24
Signature Algorithm: sha256WithRSAEncryption
25:cd:c1:3d:77:81:5d:28:38:5d:77:e2:24:77:46:da:ca:28:
bd:69:7d:ba:f9:66:18:d8:34:3b:cf:f9:5e:5c:0c:f3:1e:96:
bf:26:34:40:ee:62:ef:c7:76:9d:93:06:d5:c0:1c:dc:7c:71:
fa:94:46:06:5a:09:1f:74:b6:67:2a:4e:20:56:8f:46:ce:3c:
8d:f6:6a:17:4c:93:33:a7:c3:87:c1:bc:93:4e:eb:d7:b9:ac:
e7:a3:67:b9:42:a5:3b:49:03:ae:c2:f8:29:55:8f:d0:fa:91:
91:45:a5:5e:67:ec:8e:9d:bc:0c:6a:b9:55:59:92:1a:cd:61:
fe:19:5e:87:ad:c6:fc:5a:45:07:95:56:42:ac:b7:7d:67:2a:
33:3e:e2:73:df:c6:be:f2:db:70:9a:0a:cc:65:44:04:53:a0:
e2:da:60:37:61:ed:2a:80:5c:53:89:4a:a5:a5:3f:96:84:8a:
3e:b8:94:77:83:31:ef:fd:e3:58:93:71:db:51:7f:7f:e3:9f:
11:81:f4:3e:f0:94:c8:a4:0a:34:4d:5d:b7:6a:78:59:b6:62:
39:54:2e:83:95:3a:38:d6:48:63:a7:18:ef:c5:f8:e4:eb:b4:
2e:4e:16:12:15:15:b7:30:4e:ef:80:cd:3a:a4:f2:cc:38:0a:
e2:fa:24:4c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAXP8WgmpC5X5J4RLc9v1CNXcU8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZTMzYzg0YTNkMzI0ZGE5MmY1OGExMTY0ZDM5NzI1ZjUyODhmZjE1ZWI2
ZGY0NGE5NjlhM2I2MjkxNjQ1NTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3OL54ohRec9+mILcWC+hCsi8BPtAh96gi5W/9P7pnYl0czUGvnrRKSdj5v
82LRrcpGnMQArKvqCswQ6pZ+ROK9DHuTjBqphhqTQ5BJM7Snktroy9Ta2DhIEFYM
aE8W1THlSqQpCbdtaBfn75hbK0ElYG7iyqSCtBajHQUavjYkPHqKop/pYAF6xkt1
57m2WHD4Cl0pVS0HW/aSB3h/+YCCNl43/DGt3HeX0QKGeSZDfFCmj51Q0KMQW7dU
bZM5Swl0BY9brQI+B4u50ggrQi66bbpDW5YnkbJ/okD5Tno0iAOuO1EXAYn2Pbij
wFWzaNrJ2lttmC80CjxYn8DJywsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTbleZf
vRlLrjYW1t7ttuK+yI5OmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjYwYjQ3NTAtZTdlMy00NDYwLWJhNjUtOTc4NzEzYmI5ZTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAJc3BPXeBXSg4XXfiJHdG2soovWl9uvlmGNg0O8/5
XlwM8x6WvyY0QO5i78d2nZMG1cAc3Hxx+pRGBloJH3S2ZypOIFaPRs48jfZqF0yT
M6fDh8G8k07r17ms56NnuUKlO0kDrsL4KVWP0PqRkUWlXmfsjp28DGq5VVmSGs1h
/hleh63G/FpFB5VWQqy3fWcqMz7ic9/GvvLbcJoKzGVEBFOg4tpgN2HtKoBcU4lK
paU/loSKPriUd4Mx7/3jWJNx21F/f+OfEYH0PvCUyKQKNE1dt2p4WbZiOVQug5U6
ONZIY6cY78X45Ou0Lk4WEhUVtzBO74DNOqTyzDgK4vokTA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:12:39 2025 by rpki-client