Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: j4ak59bfYb1lHUWqUbYXsu+3h0QNxBxAO9FYWLCXj64=
Subject key identifier: 79:7E:27:EC:FD:A0:F9:E7:7F:10:F9:9F:8B:EC:7F:CA:E4:7E:95:E8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 10FC0EFB4F651B254DFF3EB40BD3C399A835AC8F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Tue 11 Mar 2025 15:06:42 +0000
ROA not before: Tue 11 Mar 2025 15:06:42 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:fc:0e:fb:4f:65:1b:25:4d:ff:3e:b4:0b:d3:c3:99:a8:35:ac:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:06:42 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:54:e0:2d:b6:a8:3b:5c:82:7f:8e:35:4d:
e8:1c:8e:90:0b:8f:5a:ed:32:e9:a2:84:3c:42:1b:
c5:f9:da:b4:92:33:18:77:10:59:d5:e7:2a:fc:49:
3f:79:44:9c:7f:65:2a:f3:88:95:89:8d:ba:1d:c6:
ca:8d:05:39:96:ea:ab:07:71:4b:cc:4c:7e:b8:ad:
6b:7d:66:d8:37:c4:22:0d:8a:6b:2f:29:3a:ec:d5:
53:d6:71:8a:c6:45:09:10:a4:af:0e:5d:78:ef:c3:
8b:69:92:59:3a:de:25:63:5c:63:a7:9e:cd:47:ee:
e7:06:77:94:5f:76:14:7d:4a:05:0e:82:db:b3:10:
7c:2b:d5:86:4e:21:1e:d4:93:f3:9e:7b:d9:b7:6f:
3a:3f:30:82:5a:88:8d:00:d1:aa:08:b9:48:37:4b:
23:60:23:cc:aa:af:8a:11:a7:0c:79:10:c7:84:b8:
b1:d4:4d:79:71:3f:58:c5:29:99:ed:d6:14:44:6a:
f1:3c:f2:55:be:80:e0:8f:2a:16:cf:f9:06:af:ad:
90:89:67:c2:4b:9d:c9:55:40:91:6a:6b:8f:06:5d:
60:78:c5:02:02:0a:28:a7:17:53:23:67:c4:dc:d8:
ff:72:b1:51:e5:68:22:d2:8b:c8:05:3d:a3:0b:8e:
96:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7E:27:EC:FD:A0:F9:E7:7F:10:F9:9F:8B:EC:7F:CA:E4:7E:95:E8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
86:76:9b:5d:4b:01:9c:38:d5:c1:d3:60:be:15:65:0f:62:47:
c5:1e:f6:30:5c:57:e3:5d:f3:ca:58:1c:01:ad:11:99:71:40:
3d:b1:97:15:09:fa:1c:ba:55:cd:0e:a8:8c:07:cc:a4:12:5e:
8f:07:f1:36:54:cf:f6:25:b3:ee:e7:3e:c4:a9:34:9d:45:aa:
4e:64:23:da:3d:bb:b0:29:eb:16:82:d6:4c:78:2e:b3:bf:b3:
16:e7:65:b2:80:78:8d:f0:0e:f9:01:0d:d6:3d:7c:d3:83:64:
db:e9:8b:ed:d0:2a:41:01:98:cb:fb:2e:35:08:f9:3d:61:5c:
50:d4:9d:0c:b6:1d:29:b8:74:d4:ae:64:cd:4f:2f:eb:75:f1:
1a:5d:0b:55:de:1b:7b:a8:10:7b:3a:b0:f4:3e:7e:78:de:b3:
0b:77:75:36:85:2f:07:94:c6:5a:0f:b4:c0:27:ef:d7:b2:4f:
b7:5a:a1:e9:82:1c:80:41:b4:58:e8:67:db:f1:42:bf:e1:44:
d7:09:63:70:4f:13:71:73:69:67:fa:93:18:35:71:99:04:3f:
d3:13:b7:e1:a6:79:fa:38:d2:9e:72:ee:2a:54:63:c6:c4:f6:
be:95:27:26:46:b8:9a:27:32:45:90:66:43:67:6e:be:b9:f6:
60:59:f5:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEPwO+09lGyVN/z60C9PDmag1rI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA2NDJaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NGY5NDU5YmI0Y2QxMTRhYTAxYWNmZTBiYjM2NTc4NGNhMWI2ZmZhZTFj
MjVjZjc1YTlhODUwY2ViNDVlN2ExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7MVOAttqg7XIJ/jjVN6ByOkAuPWu0y6aKEPEIbxfnatJIzGHcQWdXnKvxJ
P3lEnH9lKvOIlYmNuh3Gyo0FOZbqqwdxS8xMfrita31m2DfEIg2Kay8pOuzVU9Zx
isZFCRCkrw5deO/Di2mSWTreJWNcY6eezUfu5wZ3lF92FH1KBQ6C27MQfCvVhk4h
HtST85572bdvOj8wglqIjQDRqgi5SDdLI2AjzKqvihGnDHkQx4S4sdRNeXE/WMUp
me3WFERq8TzyVb6A4I8qFs/5Bq+tkIlnwkudyVVAkWprjwZdYHjFAgIKKKcXUyNn
xNzY/3KxUeVoItKLyAU9owuOlgkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5fifs
/aD5538Q+Z+L7H/K5H6V6DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGdptdSwGcONXB02C+FWUPYkfFHvYwXFfjXfPK
WBwBrRGZcUA9sZcVCfoculXNDqiMB8ykEl6PB/E2VM/2JbPu5z7EqTSdRapOZCPa
PbuwKesWgtZMeC6zv7MW52WygHiN8A75AQ3WPXzTg2Tb6Yvt0CpBAZjL+y41CPk9
YVxQ1J0Mth0puHTUrmTNTy/rdfEaXQtV3ht7qBB7OrD0Pn543rMLd3U2hS8HlMZa
D7TAJ+/Xsk+3WqHpghyAQbRY6Gfb8UK/4UTXCWNwTxNxc2ln+pMYNXGZBD/TE7fh
pnn6ONKecu4qVGPGxPa+lScmRriaJzJFkGZDZ26+ufZgWfXN
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:23 2025 by rpki-client