Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
File: 2743eb54-0e16-4048-a058-1bc32c140fc6.roa (raw, json)
Hash identifier: VwfadUufdRcUjeVbxVh9jW2JxJuMqvb94445ZBfo7vk=
Subject key identifier: 02:E1:E5:89:82:40:D3:34:8A:17:4A:0D:DE:F3:24:35:0A:DF:E6:B6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 12CFFF033508B794D46182522B8451F1C54E4A2F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
Signing time: Tue 11 Mar 2025 14:54:13 +0000
ROA not before: Tue 11 Mar 2025 14:54:13 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:cf:ff:03:35:08:b7:94:d4:61:82:52:2b:84:51:f1:c5:4e:4a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:54:13 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:80:b2:ce:30:29:bb:7d:34:84:90:86:c5:0c:
6c:e1:4a:a1:be:dc:32:80:09:a6:d8:43:0a:46:51:
af:b1:71:29:25:09:1d:05:75:09:79:1c:c6:e4:aa:
a4:c0:3a:a4:90:53:3a:9a:06:ac:ab:3a:3e:e6:ed:
ad:2e:eb:5c:04:5b:d1:e5:df:28:b4:ff:14:d9:a0:
a4:db:91:78:f8:5b:d1:e5:86:86:74:a2:ba:76:cf:
cb:ee:86:13:cd:24:cd:da:5a:93:6a:53:5f:fb:ff:
89:4c:f8:17:bd:a3:9c:c2:4a:a8:7a:df:fd:7e:af:
d0:7f:af:4a:fa:ce:fc:2b:73:e0:2e:b0:31:49:b0:
d2:25:57:ca:79:79:1f:ca:25:59:65:4a:2c:a4:3d:
a6:21:c4:58:56:5e:66:53:67:5b:43:34:fa:04:e8:
82:c1:12:3a:89:57:5d:62:4f:c4:65:54:25:1b:2c:
0f:b5:1f:ed:0a:9b:0c:d1:ad:ac:f9:43:06:8e:89:
fe:4c:c8:f3:c2:59:a6:c5:71:20:52:42:d3:69:52:
2a:15:b1:f7:35:20:30:13:ec:21:4d:5b:53:82:34:
9c:7e:cf:52:00:84:8a:17:0d:9e:30:a4:58:e7:98:
2f:88:68:b3:36:58:0a:ae:fa:0a:33:b6:20:8b:17:
f8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E1:E5:89:82:40:D3:34:8A:17:4A:0D:DE:F3:24:35:0A:DF:E6:B6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b840::/46
Signature Algorithm: sha256WithRSAEncryption
79:ee:fc:20:98:8c:41:95:62:01:08:fd:18:a3:25:fb:18:a9:
45:91:1c:c9:c2:b7:64:18:12:1f:dd:65:20:16:06:d4:e8:19:
49:f3:f0:77:b0:67:c7:5e:38:42:03:9f:b1:e1:70:76:6f:97:
73:7e:ef:b0:2e:68:5b:1c:15:fa:b8:6c:52:02:ee:00:6b:5d:
60:4a:9e:7e:43:e2:29:5a:a2:39:ae:74:b8:4a:31:c3:e4:0b:
e5:67:ba:1e:2c:bd:35:b4:01:0b:d3:52:9a:aa:6f:c5:c7:79:
68:e3:54:19:23:80:5f:ba:43:79:e6:a9:28:5e:7f:86:98:bd:
b6:bf:ef:e8:c8:ca:b5:62:7c:ce:be:0c:e3:b4:51:78:8d:4c:
7c:9c:3f:b4:0a:18:c5:76:6b:b5:c0:94:8b:96:4a:17:0a:a2:
6d:cf:b6:a8:d4:1f:48:de:4b:0b:49:bd:0a:e2:13:27:3f:e2:
af:b9:77:9e:09:2f:55:db:ae:fd:36:5c:9f:32:c0:1c:3e:a3:
ac:d0:4c:c9:c9:18:6d:b8:29:9b:91:ef:8a:26:04:41:84:c6:
73:5c:5a:f4:6b:6a:8d:9f:fd:6f:11:a4:6c:eb:75:9a:38:03:
eb:62:a7:40:b7:00:a8:12:43:e6:de:2d:c0:3a:2f:b5:d2:19:
d2:c8:3d:8b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEs//AzUIt5TUYYJSK4RR8cVOSi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDU0MTNaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3NTZmOTI4N2UwOWQ5YTVmMTliMjdlNTBiZTI4ZTI2YTU3ZmFlYzg3ZTJi
ODgwZDk4ZTk5YjAxNThhMDM2NjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCAss4wKbt9NISQhsUMbOFKob7cMoAJpthDCkZRr7FxKSUJHQV1CXkcxuSq
pMA6pJBTOpoGrKs6PubtrS7rXARb0eXfKLT/FNmgpNuRePhb0eWGhnSiunbPy+6G
E80kzdpak2pTX/v/iUz4F72jnMJKqHrf/X6v0H+vSvrO/Ctz4C6wMUmw0iVXynl5
H8olWWVKLKQ9piHEWFZeZlNnW0M0+gTogsESOolXXWJPxGVUJRssD7Uf7QqbDNGt
rPlDBo6J/kzI88JZpsVxIFJC02lSKhWx9zUgMBPsIU1bU4I0nH7PUgCEihcNnjCk
WOeYL4hoszZYCq76CjO2IIsX+J0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQC4eWJ
gkDTNIoXSg3e8yQ1Ct/mtjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Mjc0M2ViNTQtMGUxNi00MDQ4LWEwNTgtMWJjMzJjMTQwZmM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
QDANBgkqhkiG9w0BAQsFAAOCAQEAee78IJiMQZViAQj9GKMl+xipRZEcycK3ZBgS
H91lIBYG1OgZSfPwd7Bnx144QgOfseFwdm+Xc37vsC5oWxwV+rhsUgLuAGtdYEqe
fkPiKVqiOa50uEoxw+QL5We6Hiy9NbQBC9NSmqpvxcd5aONUGSOAX7pDeeapKF5/
hpi9tr/v6MjKtWJ8zr4M47RReI1MfJw/tAoYxXZrtcCUi5ZKFwqibc+2qNQfSN5L
C0m9CuITJz/ir7l3ngkvVduu/TZcnzLAHD6jrNBMyckYbbgpm5HviiYEQYTGc1xa
9GtqjZ/9bxGkbOt1mjgD62KnQLcAqBJD5t4twDovtdIZ0sg9iw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:22 2025 by rpki-client