Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
File: c9fc58bf-3415-4839-940e-603e1b7d42f6.roa (raw, json)
Hash identifier: EUxff6mgXXue/PmAMzxAS4LkA66/N3SxPd6kg5uZXGA=
Subject key identifier: 89:5E:05:95:00:63:C1:09:8E:DD:00:3B:CB:54:32:5B:AC:EE:97:9D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 468C7AA8B17D46B14E498CA78B8AB74626CF897D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
Signing time: Tue 11 Mar 2025 14:52:33 +0000
ROA not before: Tue 11 Mar 2025 14:52:33 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:e000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:8c:7a:a8:b1:7d:46:b1:4e:49:8c:a7:8b:8a:b7:46:26:cf:89:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:33 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2c:be:39:a0:fb:8b:9d:16:ac:d1:d0:c7:e5:
93:34:80:a7:54:6a:1e:6e:98:4a:de:79:79:b9:63:
e7:d5:ae:f6:22:97:47:59:af:2a:5e:cc:5a:33:5b:
e2:3e:1b:76:ce:8e:8d:fc:0c:02:83:3a:b2:69:b5:
80:93:b4:79:55:9b:0f:4f:1f:cb:d8:ad:df:78:77:
e2:80:8f:f7:82:a6:32:a8:93:48:c1:01:32:01:ab:
a5:bb:b3:22:5f:d0:93:f2:27:9e:e0:6b:17:45:3d:
b7:82:fe:b8:6b:dd:78:7b:94:24:66:75:8d:25:82:
47:3a:b7:27:2a:a1:b5:0d:4c:83:ca:f0:90:61:18:
35:c5:97:cc:4c:61:a9:3d:70:08:93:b0:28:8b:be:
4a:5d:ed:2a:2e:c8:47:4a:52:5c:00:96:21:8b:05:
d4:e7:12:23:0f:dd:98:30:36:04:23:bd:52:95:f2:
23:23:d1:4b:a0:86:93:5d:c0:8d:c8:7f:ca:76:b4:
43:3f:ab:4e:bc:e6:ef:45:f5:ed:a7:21:5d:38:7f:
e2:ee:32:44:b9:9b:a5:64:c2:1d:75:ea:34:e1:d5:
24:98:e9:78:c2:c3:8b:15:e8:d4:c0:b7:d8:78:b8:
3b:0b:b3:aa:fa:1c:2c:24:e1:49:d4:8a:ea:bb:18:
7d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5E:05:95:00:63:C1:09:8E:DD:00:3B:CB:54:32:5B:AC:EE:97:9D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
09:46:8c:24:ed:ae:22:2d:30:69:4c:48:71:29:1f:89:57:03:
5e:df:98:2a:83:1e:7b:af:36:99:1c:fc:60:8d:67:a3:21:14:
57:1b:a0:69:95:6e:e5:f6:fb:5b:33:12:dc:b7:d9:33:9d:f7:
7e:16:14:e3:6f:d5:6b:69:a0:01:51:a7:b2:58:00:cb:a6:c9:
05:e4:ab:3c:2a:23:09:5a:96:f0:51:e4:83:a3:15:40:c9:bd:
bd:af:00:44:66:38:36:58:95:6e:92:89:a4:07:08:1c:1d:d2:
6c:cd:c1:79:69:1d:35:cc:3a:20:72:4f:78:15:bd:0a:35:71:
43:42:94:da:5a:27:41:cd:54:a1:b2:74:22:0a:af:df:c0:c9:
d2:70:cf:ec:ed:a9:d9:7e:6d:28:4b:18:3f:aa:de:21:90:e4:
55:cb:fb:c6:e8:67:fd:11:03:a8:ca:fe:f9:52:10:6e:c0:a6:
b6:4a:5f:61:80:be:1b:e8:ac:0a:54:ee:56:97:8a:da:b2:88:
13:4a:c1:06:6f:5a:33:3b:d8:0c:3c:80:c2:0b:2e:ea:69:cb:
2a:82:5d:28:8a:74:b3:95:9a:31:7c:bc:48:f7:2a:f2:82:00:
c3:a1:cd:a5:d4:78:ab:01:96:ca:92:35:c1:21:8c:17:00:ed:
84:04:bf:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURox6qLF9RrFOSYyni4q3RibPiX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyMzNaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MmExMDE1NTQ3ZmM1YmNhMGYxOWFiNThlOGM3YzE0NjU1MzFjNGExZTgy
MTViMGRhMGU0MjEyODExYzUwZGUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQsvjmg+4udFqzR0MflkzSAp1RqHm6YSt55eblj59Wu9iKXR1mvKl7MWjNb
4j4bds6OjfwMAoM6smm1gJO0eVWbD08fy9it33h34oCP94KmMqiTSMEBMgGrpbuz
Il/Qk/InnuBrF0U9t4L+uGvdeHuUJGZ1jSWCRzq3JyqhtQ1Mg8rwkGEYNcWXzExh
qT1wCJOwKIu+Sl3tKi7IR0pSXACWIYsF1OcSIw/dmDA2BCO9UpXyIyPRS6CGk13A
jch/yna0Qz+rTrzm70X17achXTh/4u4yRLmbpWTCHXXqNOHVJJjpeMLDixXo1MC3
2Hi4OwuzqvocLCThSdSK6rsYfbkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJXgWV
AGPBCY7dADvLVDJbrO6XnTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzlmYzU4YmYtMzQxNS00ODM5LTk0MGUtNjAzZTFiN2Q0MmY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fg
MA0GCSqGSIb3DQEBCwUAA4IBAQAJRowk7a4iLTBpTEhxKR+JVwNe35gqgx57rzaZ
HPxgjWejIRRXG6BplW7l9vtbMxLct9kznfd+FhTjb9VraaABUaeyWADLpskF5Ks8
KiMJWpbwUeSDoxVAyb29rwBEZjg2WJVukomkBwgcHdJszcF5aR01zDogck94Fb0K
NXFDQpTaWidBzVShsnQiCq/fwMnScM/s7anZfm0oSxg/qt4hkORVy/vG6Gf9EQOo
yv75UhBuwKa2Sl9hgL4b6KwKVO5Wl4rasogTSsEGb1ozO9gMPIDCCy7qacsqgl0o
inSzlZoxfLxI9yryggDDoc2l1HirAZbKkjXBIYwXAO2EBL+p
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:31 2025 by rpki-client