Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
File: 0869fd21-e07d-44bc-b068-73be998c5028.roa (raw, json)
Hash identifier: uYAUyGlXt3aC2rp1lilPbs30nDUaWYpVbszzwFsIsyg=
Subject key identifier: 6A:51:4D:49:88:D3:CA:8E:68:A4:2F:0A:2A:7F:F0:53:A9:0A:FA:9C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 22E27836B103E7D0C954E5CF82C05DAB9BDBFAE0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
Signing time: Tue 11 Mar 2025 15:06:41 +0000
ROA not before: Tue 11 Mar 2025 15:06:41 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e2:78:36:b1:03:e7:d0:c9:54:e5:cf:82:c0:5d:ab:9b:db:fa:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:06:41 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:eb:bf:cf:bf:8e:b9:9c:e7:97:fa:c3:03:96:
d7:da:3d:94:99:43:93:f8:71:91:43:e1:c9:b8:2e:
a6:24:09:c7:34:62:d6:1e:2b:bf:96:19:72:75:2c:
32:c4:42:7e:d0:67:57:b7:b3:86:c0:37:db:a6:84:
bb:b1:34:a0:49:01:8a:d4:df:81:de:08:bb:94:09:
1a:8f:cc:6a:84:bb:2a:9f:2b:34:91:3a:fb:f8:e7:
1c:ca:5e:61:a5:8b:f3:61:5f:71:02:91:b2:8e:5e:
f5:4f:aa:0d:2a:8b:e1:f4:2d:15:6d:99:06:68:95:
56:d6:b0:4c:34:6d:d3:33:d6:9f:8a:8b:07:e4:3e:
89:c0:80:ec:f2:33:a6:23:ea:6e:0d:5b:34:b6:e9:
18:3d:ae:22:8e:ba:e9:ff:6c:1e:70:40:97:f3:20:
a3:89:de:e2:ab:6f:4b:25:b2:96:5a:be:8b:39:cf:
ee:ff:7b:4d:28:8e:42:f4:51:ea:3a:0b:01:b2:12:
a9:3b:a5:1c:90:8d:ae:b6:7f:b9:f2:41:83:25:b0:
dc:5a:a2:bc:a6:8a:46:5a:65:7a:d2:2f:26:47:9b:
26:5c:57:98:23:76:19:9c:ac:46:40:60:1b:38:2a:
98:5c:4d:11:2a:b1:e8:79:ca:22:be:f0:76:af:68:
b6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:51:4D:49:88:D3:CA:8E:68:A4:2F:0A:2A:7F:F0:53:A9:0A:FA:9C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f800::/40
Signature Algorithm: sha256WithRSAEncryption
1c:45:a3:cd:a0:f0:f8:1e:d1:7e:2c:0c:66:39:0d:0f:35:93:
d4:9f:ff:ef:46:ea:88:f9:26:38:1d:12:7c:09:9b:32:5c:da:
30:8a:f4:a9:c3:39:46:50:29:42:a9:71:94:4c:bd:19:cb:e0:
8d:2b:77:b2:4d:9f:2d:6a:73:9a:80:42:af:97:cc:7a:7f:1e:
2e:7f:47:87:62:47:3f:a2:de:f8:c3:9f:4f:8a:ef:92:36:a0:
66:d7:04:7f:54:31:35:12:ab:dc:5e:38:f1:56:a5:80:7b:b3:
c6:09:40:0e:94:39:c3:e1:50:a2:5a:f8:64:c1:cb:dc:e9:f8:
fc:38:15:61:01:39:ea:9d:2c:b1:7d:3c:13:36:0b:34:c9:66:
90:95:49:14:28:62:bb:81:50:20:5a:a4:03:48:14:cf:16:4a:
4b:17:99:44:0f:5d:1c:01:ae:39:bf:c4:1f:15:fc:ee:99:1a:
2a:85:55:ae:b5:bf:8a:84:21:0a:de:31:f5:93:a2:2b:37:84:
7b:1b:46:0d:55:94:f2:34:19:7e:e9:7b:78:72:80:86:20:2f:
54:d6:1f:d6:0b:e4:6d:3f:c4:40:32:89:d5:ae:76:3c:3b:cf:
91:8c:f0:63:46:2c:3b:0a:09:c9:42:58:c9:62:25:9d:2d:f3:
57:e9:3d:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIuJ4NrED59DJVOXPgsBdq5vb+uAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA2NDFaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNjhmNmMyODMyYWZkMTcxMzY3YzAzNTFjZmQ5ODNlY2NlZTQxZGM4MmE4
M2U3MThhNjgzY2IzNTViZWQ2OGQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3rv8+/jrmc55f6wwOW19o9lJlDk/hxkUPhybgupiQJxzRi1h4rv5YZcnUs
MsRCftBnV7ezhsA326aEu7E0oEkBitTfgd4Iu5QJGo/MaoS7Kp8rNJE6+/jnHMpe
YaWL82FfcQKRso5e9U+qDSqL4fQtFW2ZBmiVVtawTDRt0zPWn4qLB+Q+icCA7PIz
piPqbg1bNLbpGD2uIo666f9sHnBAl/Mgo4ne4qtvSyWyllq+iznP7v97TSiOQvRR
6joLAbISqTulHJCNrrZ/ufJBgyWw3FqivKaKRlpletIvJkebJlxXmCN2GZysRkBg
GzgqmFxNESqx6HnKIr7wdq9othECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqUU1J
iNPKjmikLwoqf/BTqQr6nDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDg2OWZkMjEtZTA3ZC00NGJjLWIwNjgtNzNiZTk5OGM1MDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4
MA0GCSqGSIb3DQEBCwUAA4IBAQAcRaPNoPD4HtF+LAxmOQ0PNZPUn//vRuqI+SY4
HRJ8CZsyXNowivSpwzlGUClCqXGUTL0Zy+CNK3eyTZ8tanOagEKvl8x6fx4uf0eH
Ykc/ot74w59Piu+SNqBm1wR/VDE1EqvcXjjxVqWAe7PGCUAOlDnD4VCiWvhkwcvc
6fj8OBVhATnqnSyxfTwTNgs0yWaQlUkUKGK7gVAgWqQDSBTPFkpLF5lED10cAa45
v8QfFfzumRoqhVWutb+KhCEK3jH1k6IrN4R7G0YNVZTyNBl+6Xt4coCGIC9U1h/W
C+RtP8RAMonVrnY8O8+RjPBjRiw7CgnJQljJYiWdLfNX6T0o
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:01 2025 by rpki-client