Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: 5kGwStaVov7MBzJk2D7tOzfF4/hIaAXzhG08ZSg2E+A=
Subject key identifier: 0F:D4:BF:FB:EB:00:DB:A1:13:A0:E8:A8:81:E3:3F:48:1F:98:2D:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0912EB81634B3E7F9FF372A9FAB31FAB9B106BB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Wed 05 Mar 2025 18:00:03 +0000
ROA not before: Wed 05 Mar 2025 18:00:03 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:12:eb:81:63:4b:3e:7f:9f:f3:72:a9:fa:b3:1f:ab:9b:10:6b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 18:00:03 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2b:29:35:64:75:ff:5a:ac:0f:a6:e6:d4:57:
74:ab:24:92:52:6e:6d:e8:fa:d1:80:e6:d6:8d:d0:
eb:34:1b:10:f9:ac:1f:44:49:3e:26:fa:b8:33:08:
e4:0c:8d:61:6f:57:08:e8:35:d2:8f:53:4f:43:37:
6f:ea:ce:4f:2f:bc:dd:8b:70:c7:b2:5e:e7:93:9f:
46:d8:6e:b1:a9:30:0a:66:a4:dd:87:d0:8a:8f:bb:
09:f9:51:ac:be:e8:c6:cf:aa:d8:25:62:30:ca:a9:
ba:a8:a7:99:e1:7b:83:a4:09:89:8c:0d:17:29:38:
ff:6a:25:93:0d:fc:6e:d1:56:26:2e:f7:2c:d7:f7:
31:bf:82:24:47:0d:84:88:b4:1c:47:69:3e:15:7d:
a0:47:16:a9:9b:00:d2:cd:0f:87:cc:04:73:96:14:
a5:60:48:e8:ce:9f:36:46:33:b3:be:d7:20:ff:c7:
34:1a:e4:85:23:f9:90:28:45:7f:8f:99:8c:ee:2f:
c0:b5:88:9f:07:f2:92:8c:7c:8a:49:9c:aa:0f:b3:
a9:f7:31:7e:c9:fa:3c:86:4b:15:80:99:2d:24:de:
71:a8:82:11:73:e9:58:f1:18:3c:9b:c7:18:e8:bc:
49:02:57:8c:d2:31:68:35:22:6d:ec:aa:fb:30:b3:
d8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D4:BF:FB:EB:00:DB:A1:13:A0:E8:A8:81:E3:3F:48:1F:98:2D:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:eb:4a:51:01:3a:3a:f4:02:6e:d1:1b:2d:5b:28:e5:f9:13:
c2:84:40:d5:b4:71:a4:f0:7b:41:a9:d3:e6:fc:c6:4c:21:b0:
95:b4:46:0e:4c:fb:ea:1c:33:fc:13:a7:b6:28:c2:ed:ad:53:
0d:d3:f2:60:45:44:4b:ec:bd:a9:b8:d0:17:c6:37:e7:0a:a4:
8d:f6:1f:34:44:00:56:6e:c5:95:b6:20:09:94:41:3f:db:5e:
c9:19:02:7b:ba:00:0a:84:fe:6d:d1:b7:69:e8:54:e5:2b:b2:
c9:eb:d1:1f:f9:18:68:f7:9b:3a:9e:4d:4f:2e:8d:67:cd:2f:
96:8d:25:3c:32:bd:ec:f9:f1:bc:2d:dd:c3:00:2d:f7:fa:f9:
96:da:3a:f5:56:c6:35:d7:d4:89:ec:ef:88:64:fa:b0:55:2e:
d1:00:41:e7:c3:50:e0:20:4d:78:d1:0a:18:77:9c:e3:58:bd:
eb:bd:63:2a:87:02:51:eb:5b:fd:90:b2:e2:31:ec:a9:22:55:
14:b5:22:78:3f:fe:d0:84:b0:86:7d:8d:28:83:4e:6b:1b:fe:
86:4c:51:27:d1:a9:1f:d8:17:37:9e:c5:e0:8f:48:15:8a:dd:
59:54:2d:bc:21:3c:18:4e:aa:6b:bd:f6:15:7a:b5:86:08:0b:
87:bf:94:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCRLrgWNLPn+f83Kp+rMfq5sQa7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxODAwMDNaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NzcyNDYwNGNmOWNhMzFjNjQ3YTYyYTVlZTQ0OTZhZTg1OGY2ZDVlMmRj
MTRkOTZlZTZkYTY1MjQ2ZjZhYzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0rKTVkdf9arA+m5tRXdKskklJubej60YDm1o3Q6zQbEPmsH0RJPib6uDMI
5AyNYW9XCOg10o9TT0M3b+rOTy+83Ytwx7Je55OfRthusakwCmak3YfQio+7CflR
rL7oxs+q2CViMMqpuqinmeF7g6QJiYwNFyk4/2olkw38btFWJi73LNf3Mb+CJEcN
hIi0HEdpPhV9oEcWqZsA0s0Ph8wEc5YUpWBI6M6fNkYzs77XIP/HNBrkhSP5kChF
f4+ZjO4vwLWInwfykox8ikmcqg+zqfcxfsn6PIZLFYCZLSTecaiCEXPpWPEYPJvH
GOi8SQJXjNIxaDUibeyq+zCz2KECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQP1L/7
6wDboROg6KiB4z9IH5gtQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQCS60pRATo69AJu0RstWyjl+RPChEDVtHGk8HtBqdPm
/MZMIbCVtEYOTPvqHDP8E6e2KMLtrVMN0/JgRURL7L2puNAXxjfnCqSN9h80RABW
bsWVtiAJlEE/217JGQJ7ugAKhP5t0bdp6FTlK7LJ69Ef+Rho95s6nk1PLo1nzS+W
jSU8Mr3s+fG8Ld3DAC33+vmW2jr1VsY119SJ7O+IZPqwVS7RAEHnw1DgIE140QoY
d5zjWL3rvWMqhwJR61v9kLLiMeypIlUUtSJ4P/7QhLCGfY0og05rG/6GTFEn0akf
2Bc3nsXgj0gVit1ZVC28ITwYTqprvfYVerWGCAuHv5QM
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:10 2025 by rpki-client