Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: DM5TL+r2kDJVRJZL3fC8J8JulzhQ4sNF+3yECZbojiU=
Subject key identifier: DE:CC:44:79:52:4D:87:EF:AB:3A:91:1E:34:40:98:58:00:6F:D2:FE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6854F0E07BE307F694BD7BA8097AFA2E31795EAB
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Tue 11 Mar 2025 15:07:40 +0000
ROA not before: Tue 11 Mar 2025 15:07:40 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:54:f0:e0:7b:e3:07:f6:94:bd:7b:a8:09:7a:fa:2e:31:79:5e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:07:40 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:91:46:76:d9:78:0f:f9:5f:a4:19:de:b3:89:
3c:bc:0e:25:40:36:e7:be:ce:2f:5d:32:dc:9c:36:
63:78:73:8b:ad:92:52:db:91:cc:4b:03:ea:e3:08:
6c:97:2f:8a:80:d0:a0:a8:28:81:9f:b5:e4:82:94:
c3:0f:f8:22:cf:b1:de:82:81:ec:49:12:6c:e9:38:
86:98:d3:b1:84:84:d8:bd:f4:5d:37:de:a5:40:4b:
7c:bc:fa:82:da:ff:13:bf:59:5d:b9:38:1c:5f:15:
9a:fb:26:ce:0a:2a:42:e2:15:4e:b0:4c:e4:2f:c7:
78:2c:6d:6c:22:15:83:3d:9c:56:02:13:8f:ea:5d:
a7:8a:13:80:ef:4e:42:0e:04:9e:2d:67:2d:ae:cc:
14:6c:9e:f1:59:33:99:a1:43:eb:8e:29:87:01:10:
56:19:18:59:45:8a:25:c1:ed:4c:a8:c2:3b:bb:1e:
1e:79:74:bc:ae:08:d4:45:0e:62:4a:64:a0:56:b9:
f5:19:14:70:c5:6f:b0:cf:42:fd:12:f5:12:3c:e7:
a5:f7:b2:b9:33:e8:37:03:8a:ce:f1:6e:85:25:2a:
5a:ac:aa:7b:1a:14:e3:cc:c6:28:f4:7e:df:31:ac:
f7:fc:02:a2:6a:f9:a8:ee:6c:14:64:56:ff:2a:5f:
e8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CC:44:79:52:4D:87:EF:AB:3A:91:1E:34:40:98:58:00:6F:D2:FE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:a8:35:16:f6:e1:68:bf:83:cd:1c:0d:33:3a:80:06:54:33:
39:58:b3:70:cd:b2:2e:3f:9d:0d:b6:5c:b2:8f:f0:51:cf:ee:
4c:6e:c9:b6:cb:de:62:78:1d:5a:49:c5:f6:f4:fe:d2:69:fe:
9c:20:a9:1b:b3:b5:e1:d4:5e:ec:b7:46:2c:88:8c:46:8b:95:
da:df:c7:c0:f6:d2:02:dc:13:2e:bb:cb:20:b4:6b:c5:af:df:
f4:e3:af:2d:37:1d:f7:03:65:0c:ee:ac:30:a4:de:de:04:b6:
33:30:c1:cf:1e:4c:af:fd:74:1c:cc:0e:e7:3c:14:d2:55:a4:
a5:c8:db:05:ca:5a:6b:6e:1f:d9:31:ad:54:8c:91:24:26:4d:
2b:05:64:8a:fc:a5:2d:ca:8e:2a:14:f0:9d:4f:cf:d9:80:a7:
26:a6:6c:be:c3:9b:9e:35:c0:0b:64:cc:0d:83:e9:ab:83:5e:
49:de:ae:85:5b:57:05:2e:b5:6d:b3:a9:c6:2d:d6:7f:11:c2:
48:90:c6:03:cd:91:7a:be:23:46:ee:77:12:d0:a2:ff:2f:d4:
a1:d9:8a:61:05:8f:d7:25:75:06:95:f2:90:18:b0:94:a6:b0:
a6:46:86:ab:b4:f2:5e:ab:4f:4f:15:d7:7a:e4:b0:da:1b:99:
5e:c9:69:a2
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUaFTw4HvjB/aUvXuoCXr6LjF5XqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA3NDBaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhOTA2NWY2MzhkM2ZiNTFhYjU4OTM2YWQ3N2I1MTZmYjllYTg5ODJjY2Iy
MDI2M2ZkZTUwMTBkY2I4ZDQ1NzMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWRRnbZeA/5X6QZ3rOJPLwOJUA2577OL10y3Jw2Y3hzi62SUtuRzEsD6uMI
bJcvioDQoKgogZ+15IKUww/4Is+x3oKB7EkSbOk4hpjTsYSE2L30XTfepUBLfLz6
gtr/E79ZXbk4HF8VmvsmzgoqQuIVTrBM5C/HeCxtbCIVgz2cVgITj+pdp4oTgO9O
Qg4Eni1nLa7MFGye8VkzmaFD644phwEQVhkYWUWKJcHtTKjCO7seHnl0vK4I1EUO
YkpkoFa59RkUcMVvsM9C/RL1EjznpfeyuTPoNwOKzvFuhSUqWqyqexoU48zGKPR+
3zGs9/wComr5qO5sFGRW/ypf6PECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTezER5
Uk2H76s6kR40QJhYAG/S/jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAAyoNRb24Wi/g80cDTM6gAZUMzlYs3DNsi4/nQ22
XLKP8FHP7kxuybbL3mJ4HVpJxfb0/tJp/pwgqRuzteHUXuy3RiyIjEaLldrfx8D2
0gLcEy67yyC0a8Wv3/Tjry03HfcDZQzurDCk3t4EtjMwwc8eTK/9dBzMDuc8FNJV
pKXI2wXKWmtuH9kxrVSMkSQmTSsFZIr8pS3KjioU8J1Pz9mApyambL7Dm541wAtk
zA2D6auDXkneroVbVwUutW2zqcYt1n8RwkiQxgPNkXq+I0budxLQov8v1KHZimEF
j9cldQaV8pAYsJSmsKZGhqu08l6rT08V13rksNobmV7JaaI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:02 2025 by rpki-client