Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
File: 015f4a0b-cf81-407c-9b60-8f76998937f0.roa (raw, json)
Hash identifier: C+rXX8aiVo32DNgysSTBDsv0k2nmAeADMz79YyIG8TI=
Subject key identifier: 41:5E:14:B7:FE:E8:A4:A7:DC:B3:E0:FB:0B:11:0A:A1:00:7F:AF:7D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 40EF5C8846908B636C5F554EB30C718875CEC685
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
Signing time: Tue 11 Mar 2025 15:06:41 +0000
ROA not before: Tue 11 Mar 2025 15:06:41 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ef:5c:88:46:90:8b:63:6c:5f:55:4e:b3:0c:71:88:75:ce:c6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:06:41 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:d2:44:9f:e6:83:35:11:7a:ee:73:66:46:
0c:1a:73:5b:2b:9b:12:ba:f0:75:4d:48:5e:d2:a0:
4a:33:c5:4b:05:ed:40:79:0e:29:40:ae:5d:db:17:
d3:44:cd:f7:ae:9d:3e:92:a6:76:85:30:9f:64:a2:
26:c6:97:93:5e:9e:4d:2c:85:f8:e6:f9:80:22:b5:
9f:dc:c0:11:e4:2f:fc:e7:1a:4b:84:e4:69:0c:15:
73:64:1b:ea:d3:14:33:9b:92:ea:f7:ce:90:8c:1e:
28:f9:f7:80:da:e8:47:63:0d:cd:c1:dd:f0:f4:ee:
fa:5d:2e:8e:af:2b:f8:4c:bc:64:eb:58:5c:49:6b:
68:cd:c6:22:7d:c1:e1:41:36:ec:47:0b:24:c7:cb:
33:d6:ce:eb:0a:c7:52:ed:ce:c0:d6:4d:e6:41:04:
e3:10:4e:61:ce:c3:2b:a6:c4:4d:f1:5d:98:1c:7a:
42:64:7f:cd:63:31:50:6a:83:3a:98:8b:79:b4:5b:
63:0a:1b:39:40:bb:96:17:48:27:1d:df:4e:65:8d:
d0:65:16:1c:14:5d:18:43:29:93:8b:cd:c0:c8:07:
ee:bc:f1:76:79:f0:ab:95:df:b6:65:6c:fd:f3:e2:
d3:20:1b:1d:94:9e:b7:49:dd:cb:b9:c0:ba:f4:9a:
cc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5E:14:B7:FE:E8:A4:A7:DC:B3:E0:FB:0B:11:0A:A1:00:7F:AF:7D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/015f4a0b-cf81-407c-9b60-8f76998937f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b800::/40
Signature Algorithm: sha256WithRSAEncryption
39:b6:95:69:64:be:15:ea:72:f1:7d:2a:fb:40:c2:91:34:80:
bf:f6:1c:37:66:90:66:ea:36:ae:64:37:1f:be:a4:9f:16:c5:
e7:45:23:5d:42:a1:b1:a7:d5:e0:b6:f0:1d:c6:40:7d:a3:a6:
bf:86:bd:4b:3e:6d:aa:40:c6:35:0f:03:49:f0:4c:ef:1a:84:
6b:02:bf:01:73:75:93:c9:49:5f:ba:41:a9:2c:c8:ba:ab:f0:
a3:e6:57:71:57:19:9a:ba:43:bb:7f:55:5c:89:de:ae:a4:2d:
85:74:a3:3b:20:f7:f3:cf:2d:61:66:d3:ce:7d:e7:cd:3e:27:
6c:28:01:e9:92:d6:2e:73:d1:87:64:4d:6d:d9:f9:ce:eb:88:
17:ac:ff:69:d7:47:40:78:4c:64:b0:59:d6:85:51:4a:84:97:
b5:3c:4f:3f:6b:e9:44:51:32:5d:e5:fe:d0:32:7e:61:5c:74:
62:92:b5:cd:33:cd:83:21:11:bf:00:e2:88:51:b5:08:bf:56:
86:0a:ed:17:81:48:ef:7b:93:a7:a7:09:75:f0:ea:96:57:d6:
52:55:24:6d:0a:c4:f0:fd:3c:a9:16:79:10:c7:7c:8b:ac:a9:
2b:68:3f:73:50:81:d6:68:06:9b:11:14:5a:6f:c3:69:6e:5d:
d7:e4:73:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQO9ciEaQi2NsX1VOswxxiHXOxoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA2NDFaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NjY5YjNlM2YzODEyMzNlM2M0MDkwZTM5NDU5ZjRjODlhODBiNGQ5NTQ4
OWViMmYzY2E2MTZmODlhMjZjOTExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkR0kSf5oM1EXruc2ZGDBpzWyubErrwdU1IXtKgSjPFSwXtQHkOKUCuXdsX
00TN966dPpKmdoUwn2SiJsaXk16eTSyF+Ob5gCK1n9zAEeQv/OcaS4TkaQwVc2Qb
6tMUM5uS6vfOkIweKPn3gNroR2MNzcHd8PTu+l0ujq8r+Ey8ZOtYXElraM3GIn3B
4UE27EcLJMfLM9bO6wrHUu3OwNZN5kEE4xBOYc7DK6bETfFdmBx6QmR/zWMxUGqD
OpiLebRbYwobOUC7lhdIJx3fTmWN0GUWHBRdGEMpk4vNwMgH7rzxdnnwq5XftmVs
/fPi0yAbHZSet0ndy7nAuvSazCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBXhS3
/uikp9yz4PsLEQqhAH+vfTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDE1ZjRhMGItY2Y4MS00MDdjLTliNjAtOGY3Njk5ODkzN2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8e4
MA0GCSqGSIb3DQEBCwUAA4IBAQA5tpVpZL4V6nLxfSr7QMKRNIC/9hw3ZpBm6jau
ZDcfvqSfFsXnRSNdQqGxp9XgtvAdxkB9o6a/hr1LPm2qQMY1DwNJ8EzvGoRrAr8B
c3WTyUlfukGpLMi6q/Cj5ldxVxmaukO7f1Vcid6upC2FdKM7IPfzzy1hZtPOfefN
PidsKAHpktYuc9GHZE1t2fnO64gXrP9p10dAeExksFnWhVFKhJe1PE8/a+lEUTJd
5f7QMn5hXHRikrXNM82DIRG/AOKIUbUIv1aGCu0XgUjve5Onpwl18OqWV9ZSVSRt
CsTw/TypFnkQx3yLrKkraD9zUIHWaAabERRab8Npbl3X5HNp
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:09 2025 by rpki-client