Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: 9VKLBM4DyMyrJefEQISlEtNdyA4k0OcueXhlMGRmrEA=
Subject key identifier: 9D:50:C3:40:EA:B7:87:CD:D1:F3:CC:D6:CF:26:DB:20:26:EB:E9:03
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7F77F6B5534D5EB7DE33A7090CDB0984BD655696
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Tue 25 Mar 2025 23:07:12 +0000
ROA not before: Tue 25 Mar 2025 23:07:12 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:77:f6:b5:53:4d:5e:b7:de:33:a7:09:0c:db:09:84:bd:65:56:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 25 23:07:12 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:47:44:88:22:2b:62:b0:02:bf:e3:a3:b2:
e4:0e:f7:0d:d0:85:d5:7c:7e:27:35:dc:fb:73:1c:
2f:b8:ec:fd:d8:9d:41:61:8e:bf:64:05:b4:59:f2:
dc:32:81:d2:79:70:fc:36:d5:15:7c:7f:d1:5d:4d:
1d:39:85:19:96:e1:fb:19:52:88:61:30:ab:16:47:
42:fd:23:53:fc:36:a0:9f:c5:7d:1d:48:0e:e5:95:
af:5a:17:74:60:2e:d0:73:45:d4:50:50:6b:1b:5f:
a4:5d:e8:e3:7c:a3:11:5c:c9:ba:f9:e3:ba:9f:28:
90:df:ba:aa:8d:a7:d6:22:72:8b:7b:ea:cf:0d:a8:
ab:03:81:6b:21:9a:e5:38:38:8d:f2:6e:8e:eb:9c:
b4:5b:0e:46:1d:6c:04:fa:f0:2d:93:32:e1:1a:85:
45:0b:1d:3e:c2:f3:30:1f:a3:49:52:04:9a:b0:c8:
31:ae:0a:c7:e2:66:bf:28:b6:f2:44:35:bd:ba:60:
42:7b:9f:d9:7e:13:7b:5d:a4:e0:85:89:77:e3:02:
81:67:db:b2:d4:4b:3c:0d:7f:02:c0:c5:f4:22:a3:
7b:98:7d:38:7c:91:56:12:11:08:c9:05:0a:15:b7:
6b:ff:c6:5d:9b:12:5d:b6:74:88:76:17:f4:c3:44:
20:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:50:C3:40:EA:B7:87:CD:D1:F3:CC:D6:CF:26:DB:20:26:EB:E9:03
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
49:c2:81:2c:e1:c6:c5:98:3f:e9:81:a2:d3:f1:8c:00:00:71:
eb:38:c6:4e:08:9d:7e:d5:f7:09:e8:f7:e9:75:2c:a6:72:c7:
2e:83:aa:a5:47:bc:26:ba:8a:af:8b:40:d3:20:9d:50:f8:33:
56:f9:53:16:ac:82:a1:ca:58:9e:6b:58:ac:30:01:54:74:0f:
ec:37:e1:c9:da:78:c2:77:b4:8d:93:8b:60:8a:a9:e4:26:cd:
df:02:e1:b4:48:ef:67:73:11:85:0e:97:5f:be:bd:de:ff:7d:
d9:44:a7:4c:99:4a:1a:c3:78:3a:3a:bd:99:51:9b:fb:0b:ef:
59:12:50:f4:9d:67:d4:ef:93:38:48:21:c5:e2:72:73:17:5d:
4b:52:da:a1:9a:33:72:26:d8:f1:5a:12:24:b3:f9:a0:ef:9c:
4d:63:2a:50:34:e0:04:df:a0:b4:ee:fe:46:10:2d:42:71:03:
8c:72:22:9c:22:fd:d7:6f:6b:14:fc:8a:a7:9c:ff:a1:a7:db:
7b:5b:ee:e6:8c:63:24:63:5b:b6:55:7f:a6:9f:53:fb:99:c2:
0f:58:ee:96:da:d2:53:9d:dc:07:42:c4:e4:04:cf:05:0d:98:
6c:d4:be:f0:be:45:ba:51:35:c1:32:46:a5:2d:6c:9c:76:3f:
9f:f9:3a:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf3f2tVNNXrfeM6cJDNsJhL1lVpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMjUyMzA3MTJaFw0yNTA0MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MDNmMTNlNDU0MjdkOGFlZDU5Y2E5YjIzODZlYjk0MTRmYThkMmQ5NGQy
MGU1YWYyNmNhODIxM2FiOTAxNTUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKP8R0SIIitisAK/46Oy5A73DdCF1Xx+JzXc+3McL7js/didQWGOv2QFtFny
3DKB0nlw/DbVFXx/0V1NHTmFGZbh+xlSiGEwqxZHQv0jU/w2oJ/FfR1IDuWVr1oX
dGAu0HNF1FBQaxtfpF3o43yjEVzJuvnjup8okN+6qo2n1iJyi3vqzw2oqwOBayGa
5Tg4jfJujuuctFsORh1sBPrwLZMy4RqFRQsdPsLzMB+jSVIEmrDIMa4Kx+Jmvyi2
8kQ1vbpgQnuf2X4Te12k4IWJd+MCgWfbstRLPA1/AsDF9CKje5h9OHyRVhIRCMkF
ChW3a//GXZsSXbZ0iHYX9MNEICUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdUMNA
6reHzdHzzNbPJtsgJuvpAzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAScKBLOHGxZg/6YGi0/GMAABx6zjGTgidftX3
Cej36XUspnLHLoOqpUe8JrqKr4tA0yCdUPgzVvlTFqyCocpYnmtYrDABVHQP7Dfh
ydp4wne0jZOLYIqp5CbN3wLhtEjvZ3MRhQ6XX7693v992USnTJlKGsN4Ojq9mVGb
+wvvWRJQ9J1n1O+TOEghxeJycxddS1LaoZozcibY8VoSJLP5oO+cTWMqUDTgBN+g
tO7+RhAtQnEDjHIinCL9129rFPyKp5z/oafbe1vu5oxjJGNbtlV/pp9T+5nCD1ju
ltrSU53cB0LE5ATPBQ2YbNS+8L5FulE1wTJGpS1snHY/n/k6fA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:23 2025 by rpki-client