Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
File: 2a0347bc-2355-45ba-953f-4658b951cf4b.roa (raw, json)
Hash identifier: yXwWtjwFSXGWWZ+5RXbrAAsA6pXHwH9vyjSasSdAXAc=
Subject key identifier: 69:9F:33:9A:B7:64:94:04:98:B6:C9:A2:6C:C6:24:44:70:74:DC:34
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5A9BE82E2B896A76D313B74D50F3D00253E92BE9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
Signing time: Tue 11 Mar 2025 14:52:42 +0000
ROA not before: Tue 11 Mar 2025 14:52:42 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:78c0::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:9b:e8:2e:2b:89:6a:76:d3:13:b7:4d:50:f3:d0:02:53:e9:2b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:42 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:23:a6:54:04:8d:74:4f:07:9d:11:e4:73:
41:74:78:6b:9c:93:28:7b:62:f1:aa:f4:04:80:6a:
21:10:af:8f:71:ec:62:48:d5:39:f0:06:85:8c:76:
33:1b:60:bf:7b:30:eb:5b:c6:5a:c8:d5:7e:56:11:
82:3c:93:60:af:59:93:7f:e7:99:73:88:0f:28:d4:
7e:3c:76:5d:88:5d:75:76:95:99:70:63:c5:11:28:
86:a5:e4:6f:e5:47:ab:32:36:db:25:5d:8a:17:cd:
ca:70:ce:8d:6c:c0:16:74:b8:51:2b:6a:5a:f9:58:
72:0c:3d:31:61:1c:18:f7:6a:94:24:17:d8:9e:3a:
7d:c6:e5:5d:6b:05:40:e8:93:cc:81:d3:88:ea:5e:
ab:fe:f4:ea:5e:cc:3a:7c:6d:23:5e:6a:60:17:6c:
37:a7:f8:ee:a1:cf:d5:18:34:c5:95:4c:7f:5c:34:
c6:bc:87:6e:61:0f:d5:bc:64:ba:59:f1:03:89:94:
4b:32:3e:73:f5:3e:3d:2d:5a:00:07:71:9b:60:ab:
a5:17:da:ed:7d:41:ca:72:e2:5e:53:09:9b:ed:89:
40:7f:34:01:85:a2:b8:64:a0:95:49:e6:c7:fd:bd:
5d:1b:64:e5:92:60:d5:87:6d:f7:4c:71:da:40:53:
26:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9F:33:9A:B7:64:94:04:98:B6:C9:A2:6C:C6:24:44:70:74:DC:34
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:78c0::/46
Signature Algorithm: sha256WithRSAEncryption
2a:a5:f2:90:0e:35:1e:32:65:21:24:ca:bd:7b:e4:a0:47:7f:
5c:aa:d1:99:fd:f5:85:37:8c:60:e2:9e:7f:a0:aa:a7:33:d4:
e7:7a:9a:99:31:00:7c:55:48:e8:20:52:46:18:5c:d3:30:a4:
1e:ae:0a:c9:bf:32:d1:cc:d4:c0:c2:2a:29:b8:80:fa:7e:96:
e9:43:d0:fa:38:fd:ce:c7:6c:1e:4f:57:82:e1:44:a3:f3:a5:
3a:f4:42:df:80:6d:9d:74:65:31:7c:ea:4d:3b:e1:5b:2a:e7:
ac:ba:76:47:38:43:55:bc:7a:d7:0d:91:38:2f:64:6e:11:8c:
d0:7c:ee:b4:bb:f9:5e:b5:71:e5:1e:42:e1:a5:4e:f5:a1:99:
70:a9:22:34:80:53:ef:e7:da:fb:54:b0:3b:27:94:9a:0c:66:
16:f1:19:06:f3:5e:75:f5:fe:b0:3c:f6:62:ca:83:c6:24:f0:
9b:f0:88:82:f8:e8:e9:03:4d:a1:5c:3b:ca:97:ff:2c:23:4e:
f1:0e:f5:49:21:04:45:9a:4e:15:41:90:31:27:fd:ec:89:b6:
29:7c:3d:c7:e3:27:99:4b:e5:d2:79:d4:d2:4b:75:36:46:c0:
e9:17:69:c4:26:5b:02:88:2b:c1:e8:52:8b:5e:5a:73:32:9b:
fb:96:6b:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWpvoLiuJanbTE7dNUPPQAlPpK+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyNDJaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYmE5NWVjNWM2NzA1OWUxZGI0OWNmYjM2MjkwOGJhMzNhMmRkYTI5YWMz
ZjVmYzI1NzE2NTEwM2EwNWM1NDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+MI6ZUBI10TwedEeRzQXR4a5yTKHti8ar0BIBqIRCvj3HsYkjVOfAGhYx2
Mxtgv3sw61vGWsjVflYRgjyTYK9Zk3/nmXOIDyjUfjx2XYhddXaVmXBjxREohqXk
b+VHqzI22yVdihfNynDOjWzAFnS4UStqWvlYcgw9MWEcGPdqlCQX2J46fcblXWsF
QOiTzIHTiOpeq/706l7MOnxtI15qYBdsN6f47qHP1Rg0xZVMf1w0xryHbmEP1bxk
ulnxA4mUSzI+c/U+PS1aAAdxm2CrpRfa7X1BynLiXlMJm+2JQH80AYWiuGSglUnm
x/29XRtk5ZJg1Ydt90xx2kBTJlkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpnzOa
t2SUBJi2yaJsxiREcHTcNDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmEwMzQ3YmMtMjM1NS00NWJhLTk1M2YtNDY1OGI5NTFjZjRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
wDANBgkqhkiG9w0BAQsFAAOCAQEAKqXykA41HjJlISTKvXvkoEd/XKrRmf31hTeM
YOKef6CqpzPU53qamTEAfFVI6CBSRhhc0zCkHq4Kyb8y0czUwMIqKbiA+n6W6UPQ
+jj9zsdsHk9XguFEo/OlOvRC34BtnXRlMXzqTTvhWyrnrLp2RzhDVbx61w2ROC9k
bhGM0HzutLv5XrVx5R5C4aVO9aGZcKkiNIBT7+fa+1SwOyeUmgxmFvEZBvNedfX+
sDz2YsqDxiTwm/CIgvjo6QNNoVw7ypf/LCNO8Q71SSEERZpOFUGQMSf97Im2KXw9
x+MnmUvl0nnU0kt1NkbA6RdpxCZbAogrwehSi15aczKb+5ZrzQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:57:54 2025 by rpki-client