Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: UtenS7Qq0vK/QJB57rC53k7ns6FFXX6NCPs7oYPDphY=
Subject key identifier: CA:45:BE:AF:BE:E8:38:B9:8E:08:2A:63:55:1F:BA:CC:F9:96:1C:2F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3BC95D45AD94B6F260873EBA60DCA3A5E4EF44B6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Tue 11 Mar 2025 15:06:36 +0000
ROA not before: Tue 11 Mar 2025 15:06:36 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:c9:5d:45:ad:94:b6:f2:60:87:3e:ba:60:dc:a3:a5:e4:ef:44:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 15:06:36 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:97:c1:94:a7:e7:27:67:4c:72:aa:b3:1b:e6:
ec:bc:44:dd:65:93:a2:79:1c:64:e3:29:7f:a1:e6:
aa:bc:c4:be:85:fa:97:29:a0:9f:dd:61:df:ca:7a:
61:57:10:ea:79:2b:af:7a:4c:47:20:79:40:88:cf:
b5:ab:54:ad:ad:9c:ea:05:5d:ee:ab:ff:55:f9:69:
28:02:10:7c:ef:6b:07:30:80:55:3a:df:93:ec:d8:
9e:78:74:76:d0:6d:3a:80:b5:b3:c2:0d:60:e6:b6:
86:f1:61:81:30:8e:4d:5e:49:06:96:6c:8d:ea:69:
3b:b2:40:4e:77:a8:30:e4:86:62:d8:50:04:45:c6:
ab:d5:43:1f:a1:af:b5:14:b4:51:62:b0:c3:70:71:
fe:d6:5a:13:bb:5d:6c:c9:b7:bb:05:64:f6:6d:e9:
42:81:7d:13:49:ec:e2:35:2c:30:3f:49:fa:9e:47:
52:1b:6c:c9:50:76:8c:df:d8:99:87:29:18:b8:15:
87:2d:32:09:8a:80:f1:7f:73:27:43:c7:91:23:81:
95:a3:a8:90:21:55:78:fe:63:9b:f6:fc:3b:a5:39:
7d:c8:b4:24:4b:e5:ad:93:d7:e1:a4:93:96:67:08:
3e:97:37:03:dd:b3:c3:e8:3d:71:b3:f7:c6:b4:b2:
4a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:45:BE:AF:BE:E8:38:B9:8E:08:2A:63:55:1F:BA:CC:F9:96:1C:2F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
1e:d1:e6:2a:51:cf:1d:2f:99:b6:28:97:f6:a6:bf:e3:31:eb:
ca:6a:08:17:92:5a:7e:10:b8:92:11:b3:cb:98:ec:32:76:44:
d4:e7:99:e8:1e:90:9b:9f:28:24:b0:ac:45:8c:d9:00:fd:f5:
47:11:52:31:57:24:10:a9:ab:79:45:ed:bc:c9:8a:c3:e6:20:
41:e7:a2:ee:fb:9b:63:d5:aa:d1:28:7f:2e:32:2e:ac:bd:2f:
ab:3f:b9:66:1a:5c:f5:f1:a9:0d:74:1c:bd:24:a5:fc:08:94:
7a:d6:c2:0d:b8:df:37:18:cd:c8:78:73:88:a4:90:c7:eb:41:
03:be:7b:1f:b6:46:97:88:03:97:c0:29:75:c8:4e:1d:37:c8:
e6:f2:1b:51:c6:cf:49:5e:f8:3d:05:04:3e:e5:d6:02:a0:0d:
fd:61:9a:5d:b9:01:63:99:fd:9c:6b:94:d5:fe:8a:b0:66:ae:
61:97:2a:2c:70:f2:31:c8:1f:2f:53:3c:98:1d:bb:dd:bc:4d:
7f:0e:f9:c6:74:4f:4a:51:e1:7c:08:96:73:f5:fa:68:ab:6d:
49:6b:5d:be:de:91:fd:d4:da:ad:10:41:e7:9f:6a:81:d6:4c:
37:47:06:e1:64:f4:b5:df:14:40:6c:5a:b8:8f:84:04:5e:56:
4e:8d:58:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO8ldRa2UtvJghz66YNyjpeTvRLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNTA2MzZaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZDVjOTRhNGRkOWQ0MWE1MjZjNmEyYTM3MDVhYjNjYjdmODc0MDFlZjA4
Y2I2OTRkZDQwMjdiOWE0ZDZjYmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGXwZSn5ydnTHKqsxvm7LxE3WWTonkcZOMpf6HmqrzEvoX6lymgn91h38p6
YVcQ6nkrr3pMRyB5QIjPtatUra2c6gVd7qv/VflpKAIQfO9rBzCAVTrfk+zYnnh0
dtBtOoC1s8INYOa2hvFhgTCOTV5JBpZsjeppO7JATneoMOSGYthQBEXGq9VDH6Gv
tRS0UWKww3Bx/tZaE7tdbMm3uwVk9m3pQoF9E0ns4jUsMD9J+p5HUhtsyVB2jN/Y
mYcpGLgVhy0yCYqA8X9zJ0PHkSOBlaOokCFVeP5jm/b8O6U5fci0JEvlrZPX4aST
lmcIPpc3A92zw+g9cbP3xrSySu0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKRb6v
vug4uY4IKmNVH7rM+ZYcLzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQAe0eYqUc8dL5m2KJf2pr/jMevKaggXklp+ELiS
EbPLmOwydkTU55noHpCbnygksKxFjNkA/fVHEVIxVyQQqat5Re28yYrD5iBB56Lu
+5tj1arRKH8uMi6svS+rP7lmGlz18akNdBy9JKX8CJR61sINuN83GM3IeHOIpJDH
60EDvnsftkaXiAOXwCl1yE4dN8jm8htRxs9JXvg9BQQ+5dYCoA39YZpduQFjmf2c
a5TV/oqwZq5hlyoscPIxyB8vUzyYHbvdvE1/DvnGdE9KUeF8CJZz9fpoq21Ja12+
3pH91NqtEEHnn2qB1kw3RwbhZPS13xRAbFq4j4QEXlZOjVgw
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:22:17 2025 by rpki-client