Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: 1cJdESMJjEgFxf7WXJIWDdjoQDQFhCmVGtbMj3sC+l0=
Subject key identifier: AC:D7:37:05:DE:F1:C9:D9:8D:36:4C:BA:39:6D:8C:24:F3:3E:9D:1C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 346C6309550B085B9DF34E20AE3322DEFC0CB0ED
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Tue 11 Mar 2025 15:07:40 +0000
ROA not before: Tue 11 Mar 2025 15:07:40 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:6c:63:09:55:0b:08:5b:9d:f3:4e:20:ae:33:22:de:fc:0c:b0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:07:40 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:c6:4e:e0:b2:03:dd:88:95:50:2e:2b:bf:
4e:c9:f7:4f:d2:c3:da:db:39:e5:42:27:d3:86:5a:
68:17:3c:a2:2e:16:9c:5b:e9:a8:ef:7c:81:66:42:
3d:78:fd:11:aa:c9:8a:bc:4a:4b:40:b6:a5:7a:ff:
fe:c2:98:6f:74:3e:82:18:8d:59:b5:62:d8:4a:7c:
f5:f7:f5:52:ed:e0:d6:a8:49:1e:19:b5:2d:4b:0b:
ec:f2:c7:b4:41:fb:75:9d:ab:c4:9a:0d:01:9d:7b:
85:d3:93:0b:31:b9:db:93:dd:2d:4d:52:f2:67:40:
86:3e:d7:9e:69:20:4c:29:1e:b9:32:69:19:4b:cf:
1f:e5:ee:de:3f:96:1a:a4:2f:01:a3:0f:e2:c7:c4:
8f:b7:3a:92:37:fb:cc:e4:02:8c:78:ed:f0:d0:ab:
6b:06:f7:55:0b:c6:47:ba:8c:a8:fe:1f:0b:94:92:
13:58:ed:72:a0:16:a1:3f:9f:0d:95:19:7b:a3:37:
4a:34:f2:aa:98:84:2f:c6:f4:ef:bf:15:f4:73:b2:
8a:71:e2:53:c8:5a:e6:7e:18:14:dc:3e:47:eb:78:
a2:e2:91:d3:93:4b:b5:33:52:d5:15:99:3a:0b:00:
16:ff:9b:40:15:d0:79:d8:fd:0d:02:7a:0f:57:f1:
60:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D7:37:05:DE:F1:C9:D9:8D:36:4C:BA:39:6D:8C:24:F3:3E:9D:1C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
40:cf:26:1d:f9:99:f3:25:90:20:db:26:5f:9e:57:97:1f:90:
f6:4f:04:37:12:a4:2b:ea:5f:f1:f1:d8:00:28:f6:24:6c:56:
eb:29:ba:73:fc:62:b9:6b:f3:25:1d:25:c8:9e:5d:82:df:0e:
5c:01:84:e7:89:3e:6d:22:d8:21:48:29:08:53:90:86:23:eb:
8c:f1:45:70:d2:65:84:27:35:05:e6:5f:90:d0:0a:ef:77:bb:
da:a9:54:52:e8:02:5e:fd:01:b9:06:ce:7a:e7:e3:5e:29:37:
6b:f7:41:cc:2e:aa:e5:ea:11:c7:71:e0:c1:66:a5:e9:25:44:
47:dd:42:eb:29:64:b7:57:7c:c2:74:d4:e8:d8:2e:2a:bb:2e:
6a:38:e7:15:28:67:fb:15:95:96:32:b3:10:cf:5e:e1:09:be:
90:6a:e7:91:2b:d4:cf:ca:67:41:4e:7e:7a:1c:fe:af:c0:76:
9e:b9:a6:1c:da:ee:7f:09:17:cc:4d:b9:c0:ab:8b:cc:2a:e5:
f0:f0:30:01:48:d4:d1:31:7c:e6:11:93:62:1a:d5:b0:a8:da:
93:82:49:40:d3:ca:b6:c5:29:7e:5a:cb:1b:4b:97:57:57:12:
2e:4e:84:ca:bf:f8:bb:7e:3f:30:61:dc:32:31:0b:b7:b0:bd:
31:d4:55:74
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUNGxjCVULCFud804grjMi3vwMsO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA3NDBaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlMTMyY2ZkYTJhM2Q5ZGNlZTVlYmFkOTM1M2JkMTczOGZhYTMzMTVkZmFj
YWVjZDBjNDVmODllOWJlMzQxNzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMbxk7gsgPdiJVQLiu/Tsn3T9LD2ts55UIn04ZaaBc8oi4WnFvpqO98gWZC
PXj9EarJirxKS0C2pXr//sKYb3Q+ghiNWbVi2Ep89ff1Uu3g1qhJHhm1LUsL7PLH
tEH7dZ2rxJoNAZ17hdOTCzG525PdLU1S8mdAhj7XnmkgTCkeuTJpGUvPH+Xu3j+W
GqQvAaMP4sfEj7c6kjf7zOQCjHjt8NCrawb3VQvGR7qMqP4fC5SSE1jtcqAWoT+f
DZUZe6M3SjTyqpiEL8b0778V9HOyinHiU8ha5n4YFNw+R+t4ouKR05NLtTNS1RWZ
OgsAFv+bQBXQedj9DQJ6D1fxYAcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSs1zcF
3vHJ2Y02TLo5bYwk8z6dHDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBAEDPJh35mfMlkCDbJl+eV5cfkPZPBDcSpCvqX/Hx
2AAo9iRsVuspunP8Yrlr8yUdJcieXYLfDlwBhOeJPm0i2CFIKQhTkIYj64zxRXDS
ZYQnNQXmX5DQCu93u9qpVFLoAl79AbkGznrn414pN2v3QcwuquXqEcdx4MFmpekl
REfdQuspZLdXfMJ01OjYLiq7Lmo45xUoZ/sVlZYysxDPXuEJvpBq55Er1M/KZ0FO
fnoc/q/Adp65phza7n8JF8xNucCri8wq5fDwMAFI1NExfOYRk2Ia1bCo2pOCSUDT
yrbFKX5ayxtLl1dXEi5OhMq/+Lt+PzBh3DIxC7ewvTHUVXQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:20 2025 by rpki-client