Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: vdTL20wOj7WS161n95XibECQNiCOrB3ewcnRF6EsEIs=
Subject key identifier: 0E:23:8B:95:A8:F3:4B:EE:2B:6D:F6:15:4B:0F:08:37:75:CB:E6:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FDBBA48292F1360494EA39A005252976C53E623
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Wed 05 Mar 2025 17:51:32 +0000
ROA not before: Wed 05 Mar 2025 17:51:32 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:db:ba:48:29:2f:13:60:49:4e:a3:9a:00:52:52:97:6c:53:e6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:32 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f6:f2:96:8b:ae:03:f6:36:37:fb:a7:cb:5d:
4d:20:7d:63:44:75:41:e1:90:4c:9b:a8:49:7b:5b:
08:3e:e9:42:c4:76:ca:3e:9e:94:a6:23:46:3a:fe:
6d:3a:e2:74:8b:b0:c8:46:f2:b3:5d:1a:8a:6c:9f:
f1:0c:3e:0e:2d:88:ad:72:5e:6a:4b:f2:e6:51:48:
03:93:a2:c8:b9:ba:31:c2:5e:50:37:88:2c:a8:a5:
2b:97:3e:c1:69:52:bc:9b:b0:7a:62:0f:f8:d5:d1:
40:51:1d:ea:58:76:0e:e6:75:80:0c:24:98:19:75:
33:34:34:9b:f3:53:12:85:00:56:0a:eb:48:cd:09:
4f:ed:4e:ca:98:71:14:73:38:f0:e9:b9:01:cc:f7:
bd:57:58:09:df:6b:1a:37:1e:27:7b:1d:b2:e8:35:
37:f9:16:0a:b2:1e:94:f1:0b:9d:18:21:f5:d7:35:
28:d8:b9:87:3f:f5:0a:b5:68:7b:40:17:f0:da:c5:
a2:20:75:75:2b:59:82:08:7b:6d:fb:db:f8:07:34:
4f:bb:7b:ae:a4:b1:eb:1c:11:da:36:07:ed:e6:95:
a8:fa:cb:b1:76:30:bf:5e:69:87:71:80:47:1c:41:
75:88:f2:a9:7a:88:4b:9c:40:02:f2:65:80:b6:cd:
89:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:23:8B:95:A8:F3:4B:EE:2B:6D:F6:15:4B:0F:08:37:75:CB:E6:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:fb:82:d8:51:e4:5f:68:e7:05:6c:5c:2a:5b:11:48:ee:44:
3e:6d:df:79:07:a1:21:cf:a1:b8:4e:ac:9d:98:30:11:a6:9e:
f4:41:24:3d:fe:be:d9:a9:c7:70:e0:29:fe:07:2e:db:e9:7a:
24:1f:85:5a:67:ff:3e:1f:57:39:89:7b:a7:7d:7b:bd:a5:a7:
2b:53:17:26:ed:15:fa:5b:df:94:7d:ed:c9:f4:9b:de:2b:ee:
19:46:4d:1a:52:ae:58:e2:d2:47:c6:ac:9f:97:d4:9f:b2:d5:
0f:fe:13:04:f2:6f:6f:7b:8a:34:b7:d9:55:f1:be:69:58:e7:
72:f0:29:12:11:69:38:3f:08:0b:cb:ec:32:27:5d:1f:99:a7:
b8:c3:48:87:6e:b4:2b:bf:3b:06:2e:5c:7b:86:f1:73:69:ee:
b6:5d:63:2d:b5:db:ba:8f:09:ff:0d:c4:68:dd:66:ee:4e:e4:
e8:08:69:f0:33:41:8c:83:04:a0:83:84:3f:1c:50:b1:fc:ee:
00:d3:95:24:4f:fa:1d:31:2d:57:de:0d:07:11:52:c0:3c:b2:
92:f5:41:84:9f:14:ea:73:db:5c:bb:e9:a6:c4:5b:7d:89:a3:
95:25:62:f6:e9:b1:b1:1c:99:d4:97:d9:90:8d:fb:74:a6:c4:
98:99:7e:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH9u6SCkvE2BJTqOaAFJSl2xT5iMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMzJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5N2NmOTUyMGJkMjQ4ZDViMTljZmZkOGJkYzYyMTQ1OThmNTU0Y2FiNDVm
Yjg3NmJjNGIxMTc4MzdhMTQ3YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALv28paLrgP2Njf7p8tdTSB9Y0R1QeGQTJuoSXtbCD7pQsR2yj6elKYjRjr+
bTridIuwyEbys10aimyf8Qw+Di2IrXJeakvy5lFIA5OiyLm6McJeUDeILKilK5c+
wWlSvJuwemIP+NXRQFEd6lh2DuZ1gAwkmBl1MzQ0m/NTEoUAVgrrSM0JT+1Oyphx
FHM48Om5Acz3vVdYCd9rGjceJ3sdsug1N/kWCrIelPELnRgh9dc1KNi5hz/1CrVo
e0AX8NrFoiB1dStZggh7bfvb+Ac0T7t7rqSx6xwR2jYH7eaVqPrLsXYwv15ph3GA
RxxBdYjyqXqIS5xAAvJlgLbNiaECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQOI4uV
qPNL7itt9hVLDwg3dcvmxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCR+4LYUeRfaOcFbFwqWxFI7kQ+bd95B6Ehz6G4Tqyd
mDARpp70QSQ9/r7Zqcdw4Cn+By7b6XokH4VaZ/8+H1c5iXunfXu9pacrUxcm7RX6
W9+Ufe3J9JveK+4ZRk0aUq5Y4tJHxqyfl9SfstUP/hME8m9ve4o0t9lV8b5pWOdy
8CkSEWk4PwgLy+wyJ10fmae4w0iHbrQrvzsGLlx7hvFzae62XWMttdu6jwn/DcRo
3WbuTuToCGnwM0GMgwSgg4Q/HFCx/O4A05UkT/odMS1X3g0HEVLAPLKS9UGEnxTq
c9tcu+mmxFt9iaOVJWL26bGxHJnUl9mQjft0psSYmX7o
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:00 2025 by rpki-client