Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: 2aKVNHcnb3avjfgaBhmNnHkEYvpaqDiXsj9D3y05neU=
Subject key identifier: 2D:63:3A:CE:90:41:A6:0A:57:CE:0A:40:79:10:D1:D3:71:60:9E:39
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6A1BBE6C0C730822F075FE532E4B024A45E887A0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Tue 11 Mar 2025 14:54:22 +0000
ROA not before: Tue 11 Mar 2025 14:54:22 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:1b:be:6c:0c:73:08:22:f0:75:fe:53:2e:4b:02:4a:45:e8:87:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:54:22 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:be:a6:9f:ca:3f:f0:f7:a6:53:aa:1d:2d:20:
d8:ad:bf:89:8e:66:09:11:fa:9e:66:d2:c7:98:b0:
a9:70:11:fe:70:8f:35:88:df:82:04:8b:73:93:14:
eb:09:7a:b2:7c:ed:a7:9c:63:a6:e6:7b:a0:dc:01:
34:23:f9:85:03:ae:4c:2c:00:ab:1e:9e:a7:1c:10:
08:64:fe:fd:71:d4:21:b7:b6:4d:02:bc:35:98:d3:
40:41:76:d0:30:84:d4:7a:c5:95:0a:3f:33:2f:8d:
e2:c3:0b:87:01:89:3d:3e:6f:de:c6:7c:92:23:96:
fb:a7:50:8e:3a:30:51:f7:e5:8f:26:e4:e6:9d:db:
0e:47:93:b3:68:ba:af:f1:35:eb:a7:f2:04:13:b5:
a7:ea:fe:8a:f5:a5:b7:6a:22:54:a8:3e:1c:70:25:
6f:07:37:dd:bb:ae:e7:8e:9c:0d:5f:2a:fe:2a:59:
44:c4:75:ce:55:c9:21:d9:34:eb:42:09:10:b5:3b:
4d:57:96:93:04:1c:be:01:75:c2:33:6c:a7:d4:2d:
d4:7f:09:a4:b1:d1:6b:c8:67:36:14:ad:d9:ba:9d:
4c:0e:58:da:d1:d7:79:17:32:a5:3d:2d:8c:c1:3a:
9f:f3:3a:51:67:c4:bf:a8:9f:d9:61:d2:c7:16:89:
3a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:63:3A:CE:90:41:A6:0A:57:CE:0A:40:79:10:D1:D3:71:60:9E:39
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
34:46:21:40:c9:12:47:27:4a:08:4a:43:89:ef:e1:8e:d4:30:
c1:31:03:0e:79:7e:4d:ec:7c:9d:62:16:f1:7b:94:fc:e0:db:
dd:78:39:70:e0:58:9d:c7:ef:a0:2e:7f:03:6d:1a:b7:97:6d:
b7:60:1b:78:59:5c:2c:ca:c3:78:29:c6:e4:eb:eb:db:11:de:
4e:aa:80:70:13:c9:c0:f2:12:8c:b6:f4:25:6b:d4:6b:50:6e:
1f:55:17:42:33:22:57:1d:ff:49:8f:09:67:b9:b0:92:41:21:
f0:36:a9:73:2a:a6:d0:2f:af:18:11:cf:e2:47:ea:b2:7e:f1:
dd:9f:63:a8:2d:34:61:c9:bc:b8:6e:95:5b:fe:15:d9:8d:88:
00:ce:60:a0:f1:89:f4:ed:e4:6e:db:73:7d:ed:31:e1:35:26:
21:d0:63:94:49:73:cc:08:2d:bc:8d:ad:35:39:6f:16:1f:52:
67:ad:fd:cf:40:a4:32:17:f0:f3:59:89:f8:3a:2d:06:3b:dc:
a7:96:4b:b6:14:be:8b:0b:4c:62:e6:4c:65:53:fa:aa:fb:22:
e5:96:70:f3:ee:7d:0b:d9:d9:74:93:8a:b6:fa:95:36:9c:14:
df:dd:16:09:e6:b3:90:71:16:5b:26:4d:2f:6e:2e:af:97:67:
a6:02:0e:8e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUahu+bAxzCCLwdf5TLksCSkXoh6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDU0MjJaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNTNjZmQ3NzUwMDkzZjkxNWMwYjc4ODQ5ZTY5OWVlYmI5ZmU2YjFlODhi
OGQ2OWVkMzA5M2E0ZjcxN2Y0OTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKq+pp/KP/D3plOqHS0g2K2/iY5mCRH6nmbSx5iwqXAR/nCPNYjfggSLc5MU
6wl6snztp5xjpuZ7oNwBNCP5hQOuTCwAqx6epxwQCGT+/XHUIbe2TQK8NZjTQEF2
0DCE1HrFlQo/My+N4sMLhwGJPT5v3sZ8kiOW+6dQjjowUffljybk5p3bDkeTs2i6
r/E166fyBBO1p+r+ivWlt2oiVKg+HHAlbwc33buu546cDV8q/ipZRMR1zlXJIdk0
60IJELU7TVeWkwQcvgF1wjNsp9Qt1H8JpLHRa8hnNhSt2bqdTA5Y2tHXeRcypT0t
jME6n/M6UWfEv6if2WHSxxaJOhMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQtYzrO
kEGmClfOCkB5ENHTcWCeOTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEANEYhQMkSRydKCEpDie/hjtQwwTEDDnl+Tex8
nWIW8XuU/ODb3Xg5cOBYncfvoC5/A20at5dtt2AbeFlcLMrDeCnG5Ovr2xHeTqqA
cBPJwPISjLb0JWvUa1BuH1UXQjMiVx3/SY8JZ7mwkkEh8Dapcyqm0C+vGBHP4kfq
sn7x3Z9jqC00Ycm8uG6VW/4V2Y2IAM5goPGJ9O3kbttzfe0x4TUmIdBjlElzzAgt
vI2tNTlvFh9SZ639z0CkMhfw81mJ+DotBjvcp5ZLthS+iwtMYuZMZVP6qvsi5ZZw
8+59C9nZdJOKtvqVNpwU390WCeazkHEWWyZNL24ur5dnpgIOjg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:25 2025 by rpki-client