Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
File: 5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa (raw, json)
Hash identifier: K5YSGuJ5cNKr4AZXW2KP9YrgO8Nn8djWS5yaGj35iSs=
Subject key identifier: 46:30:D2:BA:D2:8C:64:3B:63:B1:96:A1:8E:F7:7B:16:EE:FC:39:58
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 70131009791DDFDB46691DE85A299C64ABE07314
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
Signing time: Tue 11 Mar 2025 14:54:19 +0000
ROA not before: Tue 11 Mar 2025 14:54:19 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:8c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:13:10:09:79:1d:df:db:46:69:1d:e8:5a:29:9c:64:ab:e0:73:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:54:19 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fe:35:af:d3:85:d2:9f:83:6c:7f:ed:15:93:
81:61:cf:3e:e8:34:1b:67:9a:da:fd:a5:94:44:9c:
cf:05:aa:cb:53:02:d6:36:f5:00:1d:f1:ad:c3:97:
86:6c:4e:4a:91:9e:9e:f0:91:d0:4b:04:a2:20:90:
38:b4:92:f4:8e:6a:40:ad:0f:19:3a:e2:c8:19:d4:
21:38:65:a4:11:d4:b2:89:8c:1a:4b:65:a1:58:56:
de:69:87:e2:0a:28:2e:42:1d:1a:f9:92:0e:d5:1c:
d2:cf:9a:77:d0:41:45:ca:e3:93:23:94:1f:c7:f0:
3f:93:88:79:c1:0a:50:f7:8c:33:ea:ff:80:b1:67:
4c:aa:df:be:01:7b:39:a4:d9:5d:0e:bf:4a:46:78:
d6:6d:b6:00:c9:d5:fd:1c:80:6e:be:df:94:7a:3c:
28:8c:f3:9e:7c:d2:f4:8b:72:a9:c6:86:8e:3f:34:
45:df:61:c4:87:90:bc:d6:07:e1:d4:2c:61:ee:70:
a6:2a:23:80:f0:f8:a1:c1:fd:bd:c5:72:dc:5d:b2:
97:70:9d:64:22:4e:8f:ed:06:f7:75:3d:60:5e:21:
6a:f6:60:51:7a:b6:29:18:e5:52:0d:9c:a5:7b:ae:
36:cf:da:da:cf:79:9b:e2:d3:f0:7e:45:00:1d:86:
a5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:30:D2:BA:D2:8C:64:3B:63:B1:96:A1:8E:F7:7B:16:EE:FC:39:58
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
97:06:f0:98:91:7e:85:3f:f0:3c:79:33:14:f4:1f:69:c0:cd:
d1:e9:af:14:87:f2:4d:64:71:47:35:4b:7e:c5:a8:0c:3f:7c:
2b:d1:8f:47:e0:9b:38:8e:31:14:dd:aa:73:7a:c9:7c:d3:e8:
c9:7b:9e:b8:70:04:1f:0a:56:8e:be:6e:bb:e0:4d:e1:12:ee:
d8:1c:d5:98:58:0d:ee:71:b9:77:c7:3a:5a:8c:ad:a7:ea:8b:
05:b1:07:ba:f8:00:03:cc:dd:f1:9d:43:d7:94:7a:f9:29:cb:
ee:e5:7b:df:03:2d:ae:49:dd:77:3a:c6:10:49:27:e1:84:62:
38:46:1b:cc:39:14:05:66:8d:1b:5d:62:80:4c:f7:79:ae:05:
9c:8c:ab:89:6e:9d:f5:65:b4:d2:ff:d4:b3:11:67:cf:4d:75:
e8:af:12:b1:d1:46:3b:cf:4a:59:06:27:fe:ac:9e:93:51:6a:
46:ff:08:ba:5e:a9:bb:e3:2d:9b:99:7c:49:d1:ba:54:4a:a4:
28:b4:c8:ca:d2:35:4e:99:b6:16:cc:3a:90:b8:bc:2e:64:0a:
c1:30:9a:c4:de:f5:04:e8:44:e9:e8:8e:3b:81:80:c8:fc:d6:
13:ad:b5:c7:54:e8:42:3a:9e:c6:94:02:b8:51:cb:52:03:a4:
e4:a5:a0:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcBMQCXkd39tGaR3oWimcZKvgcxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDU0MTlaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzZjFiMTYxZGE4NTliNjdjNWNjZTQyNzVkOGM0Y2Y5ZGJjNGIxZWIxODE3
N2U4ZDVhMjBlOWNmNzM5NDljZGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJT+Na/ThdKfg2x/7RWTgWHPPug0G2ea2v2llESczwWqy1MC1jb1AB3xrcOX
hmxOSpGenvCR0EsEoiCQOLSS9I5qQK0PGTriyBnUIThlpBHUsomMGktloVhW3mmH
4gooLkIdGvmSDtUc0s+ad9BBRcrjkyOUH8fwP5OIecEKUPeMM+r/gLFnTKrfvgF7
OaTZXQ6/SkZ41m22AMnV/RyAbr7flHo8KIzznnzS9ItyqcaGjj80Rd9hxIeQvNYH
4dQsYe5wpiojgPD4ocH9vcVy3F2yl3CdZCJOj+0G93U9YF4havZgUXq2KRjlUg2c
pXuuNs/a2s95m+LT8H5FAB2GpeUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRGMNK6
0oxkO2OxlqGO93sW7vw5WDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTk4MGJhZjAtMzVmZS00Y2E3LWI4NjktMDRiYjJlNzM4YjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
wDANBgkqhkiG9w0BAQsFAAOCAQEAlwbwmJF+hT/wPHkzFPQfacDN0emvFIfyTWRx
RzVLfsWoDD98K9GPR+CbOI4xFN2qc3rJfNPoyXueuHAEHwpWjr5uu+BN4RLu2BzV
mFgN7nG5d8c6Woytp+qLBbEHuvgAA8zd8Z1D15R6+SnL7uV73wMtrknddzrGEEkn
4YRiOEYbzDkUBWaNG11igEz3ea4FnIyriW6d9WW00v/UsxFnz0116K8SsdFGO89K
WQYn/qyek1FqRv8Iul6pu+Mtm5l8SdG6VEqkKLTIytI1Tpm2Fsw6kLi8LmQKwTCa
xN71BOhE6eiOO4GAyPzWE621x1ToQjqexpQCuFHLUgOk5KWgKQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:21 2025 by rpki-client