Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: iI28FQMb28X5y8SfKPfxYY/eYcu41rv590VL4qsWhvs=
Subject key identifier: FD:E1:48:23:49:9C:56:E6:3E:7B:BD:22:11:9D:01:67:73:BC:54:00
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1F961D4AF2F3A3ED5C4C19AED3AFFA37A43372D9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Tue 11 Mar 2025 15:06:39 +0000
ROA not before: Tue 11 Mar 2025 15:06:39 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:96:1d:4a:f2:f3:a3:ed:5c:4c:19:ae:d3:af:fa:37:a4:33:72:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:06:39 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9d:65:be:08:bc:88:41:54:f2:b6:ee:13:51:
46:e9:33:12:b6:0b:c4:11:70:66:dd:78:33:c8:12:
3b:f3:d4:e4:eb:7f:45:cf:09:a4:e5:20:19:d4:34:
4a:fb:7b:af:00:15:f2:26:96:ee:f8:7b:93:2a:c2:
9a:0a:9b:71:3c:53:f5:37:e9:ca:0a:f1:6c:75:10:
d4:d0:e3:de:9d:6a:14:3a:fe:83:8e:5a:71:0d:c2:
6d:4f:bb:3a:39:7d:53:e2:c5:81:c2:2c:36:2d:93:
49:df:40:75:e1:c6:6c:ee:eb:e9:38:a3:ee:d0:28:
6e:16:fe:97:f6:b8:25:26:5a:06:c4:7b:29:68:82:
88:00:7e:99:a0:11:8e:4d:97:10:39:73:8e:6d:8b:
f0:5b:63:e2:63:53:28:6e:35:d4:c0:c6:30:5d:62:
40:e3:32:e0:8f:f6:08:98:a8:61:b7:bc:0d:d1:b6:
a8:4b:7e:36:bc:5c:91:2c:d0:5b:4e:58:89:e0:bb:
43:ff:24:68:8b:b4:ca:9e:93:b8:73:d3:3e:27:5f:
32:c0:f5:5c:43:cf:3b:83:7f:8d:cb:50:19:f8:d1:
a6:19:10:16:88:1a:67:2b:15:85:67:d9:98:1b:8a:
af:13:97:85:aa:81:d4:88:52:55:71:89:9e:4d:9d:
df:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E1:48:23:49:9C:56:E6:3E:7B:BD:22:11:9D:01:67:73:BC:54:00
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
77:07:b4:8c:65:b9:41:04:1f:6f:37:15:a7:06:b2:d5:eb:9b:
46:7f:13:36:f6:dc:a0:89:36:1e:04:00:c6:dd:18:1a:50:9a:
2f:d0:a9:7a:02:6a:b7:bc:96:2a:80:5b:ff:fa:ed:5c:36:e1:
a0:a5:8a:99:06:34:a3:c3:7c:5a:81:3f:98:5a:91:bf:68:68:
5b:28:09:61:a7:de:55:42:a2:81:17:d4:d8:19:a1:4a:7e:0b:
79:7b:4e:cb:19:d6:87:83:ed:01:94:1f:e6:fd:52:54:ec:62:
ba:01:ce:b0:72:2d:b9:07:1a:fe:ee:b5:2c:07:6c:74:7b:05:
10:94:2c:00:cf:7f:6e:92:8f:0d:ec:79:17:b5:6e:ee:e9:18:
68:12:f5:58:2c:16:e0:48:d5:04:92:4b:6f:e2:18:c4:39:7d:
e5:51:77:e9:a3:7c:97:7f:30:c1:0c:96:99:1c:b4:41:61:c1:
dc:36:f3:7a:76:37:30:ac:a6:62:42:20:d2:9a:cd:f9:77:54:
2c:b0:9e:1f:1f:07:d8:81:b6:ff:d2:24:6e:d3:41:e5:f9:01:
96:13:d4:39:67:a1:31:68:13:4c:b2:26:d8:8c:16:ab:f9:10:
2f:df:68:f1:d9:d5:1b:df:33:3a:b9:02:3b:4e:78:d4:8f:7b:
a4:47:6c:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH5YdSvLzo+1cTBmu06/6N6QzctkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA2MzlaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwODBhMWVhMmMzNzY1NjBhMGZmNGZmZTkyNmVjMzM2MTMwNmQ3NjA5Yjcy
YmJjODA2NzlmOTM1NmRjYmJjMmIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKudZb4IvIhBVPK27hNRRukzErYLxBFwZt14M8gSO/PU5Ot/Rc8JpOUgGdQ0
Svt7rwAV8iaW7vh7kyrCmgqbcTxT9TfpygrxbHUQ1NDj3p1qFDr+g45acQ3CbU+7
Ojl9U+LFgcIsNi2TSd9AdeHGbO7r6Tij7tAobhb+l/a4JSZaBsR7KWiCiAB+maAR
jk2XEDlzjm2L8Ftj4mNTKG411MDGMF1iQOMy4I/2CJioYbe8DdG2qEt+NrxckSzQ
W05YieC7Q/8kaIu0yp6TuHPTPidfMsD1XEPPO4N/jctQGfjRphkQFogaZysVhWfZ
mBuKrxOXhaqB1IhSVXGJnk2d39MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT94Ugj
SZxW5j57vSIRnQFnc7xUADAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQB3B7SMZblBBB9vNxWnBrLV65tGfxM29tygiTYe
BADG3RgaUJov0Kl6Amq3vJYqgFv/+u1cNuGgpYqZBjSjw3xagT+YWpG/aGhbKAlh
p95VQqKBF9TYGaFKfgt5e07LGdaHg+0BlB/m/VJU7GK6Ac6wci25Bxr+7rUsB2x0
ewUQlCwAz39uko8N7HkXtW7u6RhoEvVYLBbgSNUEkktv4hjEOX3lUXfpo3yXfzDB
DJaZHLRBYcHcNvN6djcwrKZiQiDSms35d1QssJ4fHwfYgbb/0iRu00Hl+QGWE9Q5
Z6ExaBNMsibYjBar+RAv32jx2dUb3zM6uQI7TnjUj3ukR2yh
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:17:37 2025 by rpki-client