Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: 8qGI4RpYt+T5YNgF6tHebN9ledJiD8CaS0ezYBUbHJ4=
Subject key identifier: 16:13:12:CC:12:29:1D:E6:56:FC:50:95:73:9B:FD:03:84:18:5B:A7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 54BB59B158D92B853CF3F59E38354E960C652ACE
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Tue 11 Mar 2025 14:54:27 +0000
ROA not before: Tue 11 Mar 2025 14:54:27 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:bb:59:b1:58:d9:2b:85:3c:f3:f5:9e:38:35:4e:96:0c:65:2a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:54:27 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d1:a4:f8:ac:29:d4:c2:29:a0:6f:77:00:d0:
d9:1a:c7:6c:ab:84:b0:e5:89:f9:98:7a:9a:e4:f7:
7b:a3:dc:3e:52:10:c0:ab:9e:6c:68:28:c4:72:6c:
e6:10:e5:80:e1:5f:d4:be:47:41:0a:4c:08:23:73:
e6:64:3a:54:77:13:6a:16:3f:27:6a:a1:df:be:cf:
2b:de:dc:60:03:e7:76:64:76:10:92:7b:47:d6:34:
72:58:70:63:c5:c2:22:e8:8c:5a:69:31:a8:a6:da:
78:05:4e:1f:93:b1:0f:8f:28:43:cc:75:63:14:bb:
a0:f2:5f:34:0f:ac:81:89:8f:b5:1a:a1:33:76:d9:
b8:b4:54:32:fa:25:b7:14:37:e7:52:a8:24:c8:07:
47:ad:45:d2:02:0a:48:61:2a:6b:cc:25:ef:93:68:
38:c1:d6:1d:a4:34:c9:ae:f8:cc:a8:01:9d:63:5d:
81:76:c1:55:59:71:d3:0e:71:dd:7c:b0:ce:12:a1:
e6:61:d5:ae:c7:8c:79:af:06:e7:fa:da:1b:9f:75:
15:2a:22:4c:bc:a3:ae:2d:67:b0:c1:45:7a:18:24:
1f:75:73:5f:9d:14:ab:83:38:a2:77:cc:05:cf:f0:
9d:e6:53:fc:ed:2e:8c:0e:dd:e6:1a:ce:0a:11:eb:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:13:12:CC:12:29:1D:E6:56:FC:50:95:73:9B:FD:03:84:18:5B:A7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
1f:0a:b0:f5:ae:0d:0d:2e:c8:9a:8a:40:da:70:fa:01:fb:90:
bf:76:2a:a4:d4:96:67:5b:93:db:b2:63:44:69:4b:25:92:6d:
6a:51:96:da:65:b5:29:dc:64:66:fd:93:7f:6e:2e:ed:ba:a9:
8e:54:4e:72:4b:82:09:93:4d:3f:87:96:1f:60:ea:3b:83:35:
7d:03:19:44:b2:fc:74:a3:be:7f:83:c2:2b:55:8d:93:37:0e:
1d:5d:bc:40:30:55:49:df:96:d7:4d:b4:4c:c0:71:f3:9c:9a:
f4:42:51:f7:0b:4b:c6:2d:df:f0:ba:f7:31:a0:1e:90:65:53:
a9:05:10:31:7e:b3:5e:12:c8:ba:a7:45:85:07:d9:a0:cd:db:
09:06:36:69:bc:c4:4e:a0:4c:dd:6e:d0:3d:e8:d0:a2:99:28:
26:6a:ff:f3:fe:8b:23:7c:6a:0d:da:fa:d7:11:19:eb:27:79:
5d:9c:ec:7e:cf:05:38:bf:7d:ea:64:fb:c2:1c:96:e9:cc:f7:
e2:70:e5:96:6e:75:15:50:4d:71:e2:e1:6c:a5:6b:8c:f6:24:
2e:07:c4:7e:be:25:bc:a6:76:21:b2:c0:41:1f:f4:bf:0e:e9:
bc:34:9e:ef:cb:de:5e:f4:d0:8c:3a:67:d4:95:5e:5c:3e:9b:
32:cc:2c:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVLtZsVjZK4U88/WeODVOlgxlKs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDU0MjdaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2OWM1MWMzMDE2YzgwZGI3NmJmMjc3ZDFmZTRlNjNmN2U1OWRhODY0Zjg3
MjVlZGNiZjg0NzU2MTJmOGFiYmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjRpPisKdTCKaBvdwDQ2RrHbKuEsOWJ+Zh6muT3e6PcPlIQwKuebGgoxHJs
5hDlgOFf1L5HQQpMCCNz5mQ6VHcTahY/J2qh377PK97cYAPndmR2EJJ7R9Y0clhw
Y8XCIuiMWmkxqKbaeAVOH5OxD48oQ8x1YxS7oPJfNA+sgYmPtRqhM3bZuLRUMvol
txQ351KoJMgHR61F0gIKSGEqa8wl75NoOMHWHaQ0ya74zKgBnWNdgXbBVVlx0w5x
3XywzhKh5mHVrseMea8G5/raG591FSoiTLyjri1nsMFFehgkH3VzX50Uq4M4onfM
Bc/wneZT/O0ujA7d5hrOChHrtF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWExLM
Eikd5lb8UJVzm/0DhBhbpzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQAfCrD1rg0NLsiaikDacPoB+5C/diqk1JZnW5Pb
smNEaUslkm1qUZbaZbUp3GRm/ZN/bi7tuqmOVE5yS4IJk00/h5YfYOo7gzV9AxlE
svx0o75/g8IrVY2TNw4dXbxAMFVJ35bXTbRMwHHznJr0QlH3C0vGLd/wuvcxoB6Q
ZVOpBRAxfrNeEsi6p0WFB9mgzdsJBjZpvMROoEzdbtA96NCimSgmav/z/osjfGoN
2vrXERnrJ3ldnOx+zwU4v33qZPvCHJbpzPficOWWbnUVUE1x4uFspWuM9iQuB8R+
viW8pnYhssBBH/S/Dum8NJ7vy95e9NCMOmfUlV5cPpsyzCyg
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:17:27 2025 by rpki-client