Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: 01TQm47VXec9c758bZFTFbh0oskONGwytrRGDoDwZQE=
Subject key identifier: 44:FF:53:41:ED:1F:DD:7D:E9:3B:C3:9F:F7:22:C9:B9:23:B0:92:FE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0228CE97E79CA2BAD5FD2CA5E89B07CB4004029D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Tue 11 Mar 2025 14:52:27 +0000
ROA not before: Tue 11 Mar 2025 14:52:27 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:28:ce:97:e7:9c:a2:ba:d5:fd:2c:a5:e8:9b:07:cb:40:04:02:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:27 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:85:57:8b:29:bd:2a:cf:47:50:bf:2d:2f:bc:
ef:80:07:ed:b5:ee:1a:de:6e:5e:19:b2:57:c7:9f:
d6:a5:2d:4e:48:fe:86:39:e7:fb:da:d5:e8:4b:d0:
5d:17:0c:de:5d:f0:a4:ba:0e:b1:1e:7c:e4:8c:06:
e6:51:e2:58:89:42:ed:22:67:c7:36:1e:63:18:1b:
1c:7d:83:87:64:6c:72:fb:f3:9c:96:34:21:6a:4b:
cd:9b:8b:fb:85:c9:0f:3e:ad:dc:7a:86:4b:35:ee:
aa:42:24:b6:a2:ab:f7:1b:e3:de:1a:50:53:31:6f:
b3:1e:49:76:5e:ce:3e:95:d1:af:ee:58:99:c9:2f:
e5:29:71:5d:c7:4b:de:67:80:e1:91:e0:4d:9a:39:
70:0b:3d:29:6a:f2:d2:9a:ee:22:55:62:5a:39:62:
92:9b:e5:ea:76:67:47:0f:58:d9:25:25:5f:b5:7a:
f6:cf:bb:ec:bd:b7:36:43:85:53:9a:08:f3:3b:d4:
0f:b7:7c:3f:7b:e6:ef:1f:31:d4:15:2b:43:b5:fd:
0c:0c:29:bb:1d:a5:e9:41:a8:db:5a:8a:37:d2:4b:
4b:59:31:7f:25:8c:47:e1:bf:a5:25:b4:a7:d4:ee:
b5:ba:f2:60:e7:36:06:ab:7e:6a:6e:01:b4:b7:4e:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FF:53:41:ED:1F:DD:7D:E9:3B:C3:9F:F7:22:C9:B9:23:B0:92:FE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
8c:30:8d:6d:b7:52:b5:a1:4d:d5:aa:53:36:dc:b8:26:07:57:
5a:65:5d:1f:93:2b:0d:29:bf:8d:12:88:3b:95:7c:a3:09:be:
bf:dd:89:ce:c8:bd:38:a6:52:db:07:f0:fb:d7:6f:1c:11:03:
90:ef:59:07:1f:19:11:97:f4:75:8d:89:91:c5:7b:22:8e:0d:
72:cc:1e:e9:75:a1:fd:ee:16:63:b4:bb:69:65:4b:57:60:7c:
d6:3f:a5:a4:d5:e0:4b:f7:fe:15:99:53:6a:7d:88:35:ed:6a:
ac:32:52:51:3e:5e:c9:27:5e:a1:f7:46:b9:e9:8d:0b:75:b8:
15:53:82:9b:20:73:7b:d2:97:c5:4e:b0:6b:11:b8:70:17:9c:
76:35:6f:69:0c:49:fd:38:34:47:b3:45:c3:05:e7:2a:6a:ca:
05:16:cc:f9:67:fb:da:7c:55:d6:39:60:4a:6c:82:48:f4:93:
d8:2e:a1:08:bf:72:65:06:1b:bb:e4:e6:2b:eb:32:03:d0:89:
f4:d2:b2:be:12:fc:9a:91:41:8c:ea:f8:3f:eb:11:5a:a3:03:
ce:df:fa:58:b3:fd:b6:fa:0a:4e:5d:d0:2c:86:1d:7b:0b:2d:
fa:fe:2f:78:5d:56:be:d1:c0:5a:4d:a8:55:7b:bf:5b:b1:f3:
c2:d0:85:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAijOl+ecorrV/Syl6JsHy0AEAp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyMjdaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxYTI4MmJkOWQ3ZWJjOThhYjE4ZjUxMDYwY2M2Y2Y2MGQ0YjZiNzg3OWE3
ZTQ5OTY5MjAyNGFlNzM3ZmNlYTUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIuFV4spvSrPR1C/LS+874AH7bXuGt5uXhmyV8ef1qUtTkj+hjnn+9rV6EvQ
XRcM3l3wpLoOsR585IwG5lHiWIlC7SJnxzYeYxgbHH2Dh2RscvvznJY0IWpLzZuL
+4XJDz6t3HqGSzXuqkIktqKr9xvj3hpQUzFvsx5Jdl7OPpXRr+5Ymckv5SlxXcdL
3meA4ZHgTZo5cAs9KWry0pruIlViWjlikpvl6nZnRw9Y2SUlX7V69s+77L23NkOF
U5oI8zvUD7d8P3vm7x8x1BUrQ7X9DAwpux2l6UGo21qKN9JLS1kxfyWMR+G/pSW0
p9TutbryYOc2Bqt+am4BtLdOGucCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRE/1NB
7R/dfek7w5/3Ism5I7CS/jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQCMMI1tt1K1oU3VqlM23LgmB1daZV0fkysNKb+N
Eog7lXyjCb6/3YnOyL04plLbB/D7128cEQOQ71kHHxkRl/R1jYmRxXsijg1yzB7p
daH97hZjtLtpZUtXYHzWP6Wk1eBL9/4VmVNqfYg17WqsMlJRPl7JJ16h90a56Y0L
dbgVU4KbIHN70pfFTrBrEbhwF5x2NW9pDEn9ODRHs0XDBecqasoFFsz5Z/vafFXW
OWBKbIJI9JPYLqEIv3JlBhu75OYr6zID0In00rK+EvyakUGM6vg/6xFaowPO3/pY
s/22+gpOXdAshh17Cy36/i94XVa+0cBaTahVe79bsfPC0IWA
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:29:18 2025 by rpki-client