Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
File: 00d32677-2dbe-47e3-a4b3-be1e601729bd.roa (raw, json)
Hash identifier: JN8YRJ2zZKQ5yVx0fhg8t3DU13w/PzB7HqgGS8pa9bM=
Subject key identifier: 8D:1D:46:AE:6B:53:AB:F1:B8:DD:26:89:A2:82:3B:72:89:B7:A5:33
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 41A2B7403F9B8684C303F1CEEC8B58AE98E47A9D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
Signing time: Tue 11 Mar 2025 14:52:25 +0000
ROA not before: Tue 11 Mar 2025 14:52:25 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:a2:b7:40:3f:9b:86:84:c3:03:f1:ce:ec:8b:58:ae:98:e4:7a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:25 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:a2:f1:87:ce:92:41:50:9d:13:f0:01:11:
bd:df:6d:e5:f8:ef:97:bb:90:61:b2:85:7e:1b:b7:
d2:af:c6:6c:c2:28:fa:a8:15:de:e0:32:a9:99:eb:
3f:15:36:c0:cb:ae:09:be:e8:ca:f9:ad:34:05:39:
45:05:29:10:ea:7b:6e:e9:4b:cd:e1:01:3d:4f:a0:
e5:8f:7e:bf:ac:fc:27:49:31:b5:fd:d4:e2:46:85:
c5:f9:72:e4:e5:8d:66:d4:5b:0d:9c:5c:92:c1:06:
51:12:31:cb:e4:20:c8:73:1c:2c:ab:40:61:31:9e:
97:b8:2b:11:74:65:61:4c:5b:25:0c:e5:40:7f:ac:
f6:b4:27:2d:2f:a2:ee:6b:bc:7f:c2:65:d4:11:e4:
bb:49:1c:a0:40:9e:39:c2:df:d1:d3:8f:0c:2b:74:
fe:8c:e6:77:5d:e3:a8:a5:33:f5:fd:16:50:1e:d5:
16:40:7f:03:c6:3d:01:f6:db:74:7a:71:fa:93:53:
4b:64:8d:41:5c:9e:49:ef:04:29:9e:57:3e:ab:86:
2f:6b:10:97:35:eb:f9:94:a9:af:ef:54:5f:c2:bc:
6b:d4:15:14:1d:1e:24:3c:c3:92:56:19:32:f9:e0:
28:b1:19:c5:57:e9:e3:07:65:7e:4b:59:d5:6d:42:
fe:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1D:46:AE:6B:53:AB:F1:B8:DD:26:89:A2:82:3B:72:89:B7:A5:33
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9000::/36
Signature Algorithm: sha256WithRSAEncryption
32:eb:b6:b9:04:c2:16:43:fa:27:e2:e5:c1:bd:26:db:d9:4a:
9b:a7:d8:e7:af:73:7f:c1:11:94:33:65:6d:d7:fe:d7:98:3c:
99:a7:36:42:41:07:1c:d2:a2:0d:3a:24:1e:6b:db:41:c7:b3:
75:07:4f:88:62:fb:12:50:ee:60:ad:94:c6:3a:5b:c0:fa:59:
27:59:42:46:cd:6e:f4:55:a2:50:2d:45:b4:b1:68:dc:77:06:
4b:70:b7:be:40:3f:d2:8c:48:36:1a:22:3c:11:a8:82:e8:a4:
ba:f6:3f:0e:e0:5a:9b:79:f4:32:18:e3:b7:47:42:87:14:93:
e7:76:cb:2d:8a:76:3e:06:32:d9:48:98:e0:79:0a:bf:57:15:
35:05:a8:9c:31:12:3c:37:f1:fc:df:44:1d:bf:ae:2f:a8:16:
21:d3:4b:9b:43:7c:20:9a:b0:9a:2d:33:b0:a0:95:d9:76:21:
3a:02:3b:51:84:a7:04:ec:0a:89:a5:ba:80:76:98:79:bf:48:
3a:ce:98:41:ad:1d:ec:8b:e8:fd:da:02:a5:8c:0c:78:08:11:
28:6a:69:75:6d:41:f3:9e:b9:7d:1d:9d:ed:5f:67:e7:01:fc:
2f:c3:04:13:5f:cd:2b:1c:bc:d6:1a:c1:18:1e:73:7f:b9:f4:
d7:30:7e:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQaK3QD+bhoTDA/HO7ItYrpjkep0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyMjVaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2YTAxOTZhYzBmZGNhNjYyNWMzM2E1YTFhNGI1NmNkNGZiNDg3N2I0NDI5
OTRhZmE4MWI3NWViMDAwZjQwOTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL82ovGHzpJBUJ0T8AERvd9t5fjvl7uQYbKFfhu30q/GbMIo+qgV3uAyqZnr
PxU2wMuuCb7oyvmtNAU5RQUpEOp7bulLzeEBPU+g5Y9+v6z8J0kxtf3U4kaFxfly
5OWNZtRbDZxcksEGURIxy+QgyHMcLKtAYTGel7grEXRlYUxbJQzlQH+s9rQnLS+i
7mu8f8Jl1BHku0kcoECeOcLf0dOPDCt0/ozmd13jqKUz9f0WUB7VFkB/A8Y9Afbb
dHpx+pNTS2SNQVyeSe8EKZ5XPquGL2sQlzXr+ZSpr+9UX8K8a9QVFB0eJDzDklYZ
MvngKLEZxVfp4wdlfktZ1W1C/qMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSNHUau
a1Or8bjdJomigjtyibelMzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBkMzI2NzctMmRiZS00N2UzLWE0YjMtYmUxZTYwMTcyOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAy67a5BMIWQ/on4uXBvSbb2Uqbp9jnr3N/wRGU
M2Vt1/7XmDyZpzZCQQcc0qINOiQea9tBx7N1B0+IYvsSUO5grZTGOlvA+lknWUJG
zW70VaJQLUW0sWjcdwZLcLe+QD/SjEg2GiI8EaiC6KS69j8O4FqbefQyGOO3R0KH
FJPndsstinY+BjLZSJjgeQq/VxU1BaicMRI8N/H830Qdv64vqBYh00ubQ3wgmrCa
LTOwoJXZdiE6AjtRhKcE7AqJpbqAdph5v0g6zphBrR3si+j92gKljAx4CBEoaml1
bUHznrl9HZ3tX2fnAfwvwwQTX80rHLzWGsEYHnN/ufTXMH6r
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:17 2025 by rpki-client