Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
File: afb29442-cb58-4fe7-9319-202c1646019f.roa (raw, json)
Hash identifier: w4RVhQZSpGup3GzYymPJ6nevF6v/lP7QRMwguxG/2hQ=
Subject key identifier: 78:07:F5:30:D7:25:81:E0:ED:3A:8E:5E:D2:4C:11:38:4C:9F:A1:B6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1454A1E3A057108B66C1010F6E5C6BE815BFA7A8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
Signing time: Tue 11 Mar 2025 14:52:36 +0000
ROA not before: Tue 11 Mar 2025 14:52:36 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:54:a1:e3:a0:57:10:8b:66:c1:01:0f:6e:5c:6b:e8:15:bf:a7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:36 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:23:d1:08:b6:92:15:8b:bd:17:76:03:81:1e:
97:57:88:5d:bc:29:a6:9a:65:69:53:be:43:58:64:
0d:8a:00:8c:6b:02:89:0e:1c:17:54:c5:b4:83:ed:
f3:e9:18:54:43:a7:c5:a9:be:db:ac:5b:47:2d:4a:
30:53:40:a0:10:4f:5e:24:60:8b:f2:59:7b:2f:bb:
c8:6e:0a:a5:be:c3:4f:4b:b1:08:ef:bf:c3:e6:a2:
6e:be:8d:4a:2a:77:2f:e3:db:fb:fe:21:da:9c:8d:
f3:99:27:c5:78:8e:d4:9d:a5:22:cd:7a:4a:37:3f:
e9:9d:9b:60:2a:29:78:5f:01:96:3f:a0:ae:4a:c8:
af:2b:4f:45:f8:32:cd:38:57:11:39:a2:7d:d9:22:
e7:c1:2f:95:0d:3f:38:d9:64:ac:14:97:6e:9d:53:
31:ed:6a:6d:19:60:3a:88:0e:db:1a:73:a8:64:58:
9f:ad:ba:b9:f9:f0:fe:69:dd:f1:e2:cb:86:35:fb:
80:ba:4d:75:fd:5b:0f:04:be:66:75:0e:47:33:70:
2c:e0:ab:e6:8f:81:7e:cf:1c:2e:41:dc:5e:99:46:
8f:25:16:e3:e1:b2:e0:47:79:41:30:93:2f:fa:92:
63:b5:00:df:dc:97:81:93:71:45:20:ce:a6:2f:52:
1c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:07:F5:30:D7:25:81:E0:ED:3A:8E:5E:D2:4C:11:38:4C:9F:A1:B6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6::/40
Signature Algorithm: sha256WithRSAEncryption
39:36:ff:43:d7:55:12:c2:56:18:da:1e:9b:96:24:29:3c:ab:
b7:9e:45:a9:cf:de:a3:4a:4b:c2:2e:10:d9:6e:ea:e2:06:2b:
0a:7d:cd:95:21:56:ea:ac:cc:36:9e:29:dc:a0:65:2c:5f:cc:
50:98:f1:8b:78:95:75:c9:c6:c5:c2:77:fb:47:e5:cc:3c:0b:
09:9b:47:7e:e6:ab:1b:f6:15:1c:54:6f:6e:96:4f:ad:23:56:
9a:ad:90:f4:69:45:c1:cf:ad:54:b3:a6:9e:0c:5a:ad:5a:83:
a0:4d:65:0b:98:4a:70:cc:2c:d8:ca:4e:1f:a0:6a:4f:b8:c9:
83:a8:90:73:f6:dd:b8:9a:bb:cc:f9:a2:a6:92:28:94:aa:24:
5b:c2:b4:56:bb:19:fd:91:d7:98:76:e3:dc:12:a5:8b:67:ce:
80:64:ba:87:9a:5c:6a:c9:34:4d:b7:b2:33:79:27:08:41:e0:
0e:34:13:c4:85:4b:f6:78:67:71:fd:21:99:af:32:28:03:6a:
da:3e:78:e7:61:22:e9:fe:8b:8e:47:8a:97:c4:2b:56:0e:db:
3c:a8:18:40:ca:e6:b4:16:32:97:05:96:ca:0d:aa:73:23:fd:
d8:76:ff:3b:ec:e4:c5:2d:6f:a9:fd:0e:0d:38:dd:9e:36:eb:
a0:4b:58:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFFSh46BXEItmwQEPblxr6BW/p6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyMzZaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljMjU5ZjVhZjVmN2I2M2I2Mzc0MjQ4MWQ1MGVhODM5MzdiMDMzM2ZkMDI2
NWRjN2YzNzU2ZWMzMDAxOGVlZTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0j0Qi2khWLvRd2A4Eel1eIXbwpppplaVO+Q1hkDYoAjGsCiQ4cF1TFtIPt
8+kYVEOnxam+26xbRy1KMFNAoBBPXiRgi/JZey+7yG4Kpb7DT0uxCO+/w+aibr6N
Sip3L+Pb+/4h2pyN85knxXiO1J2lIs16Sjc/6Z2bYCopeF8Blj+grkrIrytPRfgy
zThXETmifdki58EvlQ0/ONlkrBSXbp1TMe1qbRlgOogO2xpzqGRYn626ufnw/mnd
8eLLhjX7gLpNdf1bDwS+ZnUORzNwLOCr5o+Bfs8cLkHcXplGjyUW4+Gy4Ed5QTCT
L/qSY7UA39yXgZNxRSDOpi9SHAsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4B/Uw
1yWB4O06jl7STBE4TJ+htjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWZiMjk0NDItY2I1OC00ZmU3LTkzMTktMjAyYzE2NDYwMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5Nv9D11USwlYY2h6bliQpPKu3nkWpz96jSkvC
LhDZburiBisKfc2VIVbqrMw2nincoGUsX8xQmPGLeJV1ycbFwnf7R+XMPAsJm0d+
5qsb9hUcVG9ulk+tI1aarZD0aUXBz61Us6aeDFqtWoOgTWULmEpwzCzYyk4foGpP
uMmDqJBz9t24mrvM+aKmkiiUqiRbwrRWuxn9kdeYduPcEqWLZ86AZLqHmlxqyTRN
t7IzeScIQeAONBPEhUv2eGdx/SGZrzIoA2raPnjnYSLp/ouOR4qXxCtWDts8qBhA
yua0FjKXBZbKDapzI/3Ydv877OTFLW+p/Q4NON2eNuugS1gJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:06 2025 by rpki-client