Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: TbT1l3x8S3YFYSFbM+AmwmxM+7PakI1rF5ahhyaaWH4=
Subject key identifier: A6:E3:D8:53:E7:A2:72:EA:34:8E:BB:FD:1B:B6:79:83:D1:9D:4A:20
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 048CF3340DFA7F597C926F8BBE9FE488D6CC6AEC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Tue 11 Mar 2025 14:52:20 +0000
ROA not before: Tue 11 Mar 2025 14:52:20 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:8c:f3:34:0d:fa:7f:59:7c:92:6f:8b:be:9f:e4:88:d6:cc:6a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:20 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0e:49:0d:df:10:e3:c1:f4:00:29:2c:c8:db:
9b:39:04:98:63:b8:96:92:6d:60:ed:72:50:e7:4e:
3b:94:a1:a1:05:b5:47:57:1b:ec:74:3e:16:90:ee:
a6:72:59:5b:a8:3b:a2:77:4b:3b:fd:d6:1d:90:5f:
07:77:a9:c8:b4:d2:3d:46:78:97:31:e1:12:31:85:
c6:95:4a:00:c1:0a:81:5f:75:29:ab:16:0d:dd:1f:
f3:b8:39:a5:f8:eb:23:43:8a:a1:43:4d:ce:2c:38:
80:1e:aa:4f:2c:4f:e7:6c:ac:ad:42:bb:05:3d:73:
23:ad:bb:25:c7:0d:b8:6d:e2:e3:2b:be:86:88:56:
b8:9b:4b:7d:17:f1:79:da:dd:de:a3:c8:a5:8d:8a:
ae:8f:ac:6e:2b:06:bc:0d:4d:44:d9:4e:ee:f7:f0:
33:5f:7b:b4:a5:a0:86:a6:9d:b8:a7:7c:08:ee:a0:
a5:f7:ab:0c:89:d3:28:92:99:c0:12:18:ea:d1:2f:
cd:ab:17:67:67:b5:62:de:b1:41:62:9a:19:0c:29:
fe:15:c9:bf:10:9d:b0:6d:fe:ed:7b:e6:7a:30:fa:
32:8b:93:72:36:11:96:63:16:78:91:42:d0:28:e8:
f4:03:83:36:2e:64:90:4d:59:a3:e1:21:bf:4f:49:
9b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E3:D8:53:E7:A2:72:EA:34:8E:BB:FD:1B:B6:79:83:D1:9D:4A:20
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
33:a7:88:17:44:1a:a4:1f:ac:67:6f:52:a7:fe:74:9b:e0:9e:
77:5a:64:df:19:bf:2c:94:58:77:9e:bb:34:39:c0:97:c7:92:
9d:a3:f7:af:23:a9:cc:c2:ac:d3:44:e0:35:48:d5:72:57:fd:
fa:d7:0b:9a:bc:37:dc:f4:9c:21:75:6a:52:cc:2d:19:96:ec:
84:e4:b0:d3:4c:9c:80:9b:a4:af:70:79:82:eb:be:a1:8f:11:
61:a9:94:1f:c3:47:1e:3c:9c:45:b6:d2:47:b6:68:16:27:13:
15:0c:b5:c8:a3:f4:60:71:12:69:9b:f2:4a:50:e5:f0:58:e0:
a7:96:af:99:db:f5:cd:7a:b6:db:68:12:e1:78:04:e2:c9:92:
ab:96:48:9d:e3:3b:81:f9:e7:38:f4:d2:a9:3d:ae:3a:c9:46:
92:41:8a:86:54:96:0c:73:bc:2c:c1:a5:41:a9:93:0c:4e:3d:
89:7c:27:06:14:d5:4c:5c:20:fe:07:73:88:ad:77:93:7f:76:
c9:0f:17:e5:b5:2c:4c:32:f5:a6:af:bf:ba:07:4f:ab:0c:f5:
a4:b8:ff:79:c3:51:55:39:a7:74:54:7f:ad:79:fb:21:0f:a6:
89:80:9a:86:eb:bd:64:47:6e:da:3b:d3:0c:57:64:bd:eb:a2:
93:58:3c:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBIzzNA36f1l8km+Lvp/kiNbMauwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyMjBaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZjkxY2EwYzU3Y2NlNGFlMzM1ZDYzNjMzNzA1ZWQ3MGUyMzdhM2E0YTUy
ZGU0NGVjMzA0ZGZkODQ3ODc4YjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcOSQ3fEOPB9AApLMjbmzkEmGO4lpJtYO1yUOdOO5ShoQW1R1cb7HQ+FpDu
pnJZW6g7ondLO/3WHZBfB3epyLTSPUZ4lzHhEjGFxpVKAMEKgV91KasWDd0f87g5
pfjrI0OKoUNNziw4gB6qTyxP52ysrUK7BT1zI627JccNuG3i4yu+hohWuJtLfRfx
edrd3qPIpY2Kro+sbisGvA1NRNlO7vfwM197tKWghqaduKd8CO6gpferDInTKJKZ
wBIY6tEvzasXZ2e1Yt6xQWKaGQwp/hXJvxCdsG3+7XvmejD6MouTcjYRlmMWeJFC
0Cjo9AODNi5kkE1Zo+Ehv09Jm78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSm49hT
56Jy6jSOu/0btnmD0Z1KIDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzp4gXRBqkH6xnb1Kn/nSb4J53WmTfGb8slFh3
nrs0OcCXx5Kdo/evI6nMwqzTROA1SNVyV/361wuavDfc9JwhdWpSzC0ZluyE5LDT
TJyAm6SvcHmC676hjxFhqZQfw0cePJxFttJHtmgWJxMVDLXIo/RgcRJpm/JKUOXw
WOCnlq+Z2/XNerbbaBLheATiyZKrlkid4zuB+ec49NKpPa46yUaSQYqGVJYMc7ws
waVBqZMMTj2JfCcGFNVMXCD+B3OIrXeTf3bJDxfltSxMMvWmr7+6B0+rDPWkuP95
w1FVOad0VH+tefshD6aJgJqG671kR27aO9MMV2S966KTWDzx
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:24 2025 by rpki-client