Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
File: cb8e2b63-db40-4825-9c5a-943662c198a5.roa (raw, json)
Hash identifier: BnxnaCf2J9KFljHd8+UZXZ2JMbiM4BdOc1Ip+phb6hM=
Subject key identifier: C7:96:5C:BF:61:E3:88:F6:66:7E:7D:F1:E0:DA:49:56:03:FC:11:2F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 40D971827CB908D18873B6DEA69AD526EAB6DEC8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
Signing time: Tue 11 Mar 2025 14:52:40 +0000
ROA not before: Tue 11 Mar 2025 14:52:40 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7840::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d9:71:82:7c:b9:08:d1:88:73:b6:de:a6:9a:d5:26:ea:b6:de:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:40 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:e3:c1:23:e1:90:1a:26:68:e2:d2:6b:2c:
4e:99:50:23:27:c9:6d:b4:29:cb:23:95:46:fc:fe:
aa:55:70:90:84:f3:ef:ec:2e:bb:d9:5a:df:b7:1c:
0a:18:3b:2b:06:ec:46:6b:bb:ae:98:59:b4:e4:52:
a2:59:82:a3:f0:3a:dc:52:8f:64:5e:68:e8:31:dd:
bd:ec:c8:9b:02:f1:58:3e:cb:9d:5d:72:c0:b2:71:
20:ce:7d:ab:aa:9f:72:f8:6f:5d:74:01:8b:a3:65:
58:64:a1:e7:51:1d:bd:7e:2c:4d:bf:e0:ae:d0:4a:
2b:36:7f:eb:19:0f:2b:d6:6b:3f:ea:81:38:1b:71:
96:5d:a9:4e:d7:d1:7c:d0:98:b4:8e:66:48:1a:2e:
51:79:6d:83:cc:55:8b:6e:6c:bb:56:d9:10:d3:70:
54:95:c4:12:85:89:1d:26:e5:67:8e:87:45:09:b2:
75:6f:90:40:34:d5:54:ca:6b:3d:ae:ad:99:51:25:
d4:d3:8c:4b:d1:a0:de:df:57:55:a2:a4:65:ae:0e:
6f:05:3d:a1:4c:6f:9a:80:80:c6:7f:7e:16:77:e3:
85:73:19:c0:f7:cb:5d:f2:2a:ea:44:82:fa:39:fc:
33:8a:6c:69:46:bd:2f:21:08:26:34:6c:cf:bd:cc:
49:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:96:5C:BF:61:E3:88:F6:66:7E:7D:F1:E0:DA:49:56:03:FC:11:2F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7840::/46
Signature Algorithm: sha256WithRSAEncryption
4c:f5:23:0e:4f:2d:47:7e:05:36:fc:ec:c8:92:53:6e:9a:03:
1d:df:73:f6:ad:7e:75:1d:1b:01:2f:b0:13:69:9e:69:fa:da:
c8:40:e4:f5:dd:68:fb:ef:f5:54:86:2a:9a:e9:1c:8b:00:24:
05:b7:7b:19:d3:34:cf:e1:39:4d:72:f7:d4:cb:87:b2:46:ae:
8d:ed:43:2f:a1:88:ff:45:6c:3c:1d:ef:52:a6:b9:ca:13:9b:
c9:d8:bf:ea:07:c1:c5:64:67:09:17:cd:7a:7e:be:43:00:77:
7b:58:61:9c:14:45:5d:79:b8:4d:a4:6c:ac:1a:59:b2:ef:9e:
5f:f2:be:80:c1:32:54:56:1e:3b:e5:de:53:a0:b1:f5:2c:49:
b0:f6:5e:12:b5:e7:75:a6:24:79:28:cc:f0:51:82:98:57:07:
b3:75:d6:85:82:cb:5f:08:c5:12:5e:4c:6a:37:7d:e5:58:67:
4e:dd:68:ad:ea:b7:24:79:e7:4b:33:66:25:8b:d6:ce:7e:f8:
8c:33:e9:a2:bb:9a:bb:58:a4:d7:59:dc:7e:92:f1:09:8b:f4:
d8:e9:88:28:00:0f:71:6b:d9:fa:60:b3:d1:ff:ea:72:5b:31:
d0:75:ec:d2:54:00:c0:f0:0f:ca:52:8b:cc:24:27:3f:ce:6b:
7c:98:73:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQNlxgny5CNGIc7bepprVJuq23sgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyNDBaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkZGUwZWQzMzkzYTgzYTAyYWE4Y2Q3NWJlNDk1MTY5Y2E1NTMyYmFlZGY5
ZjBiNDA4YWJkMzRmYzRhNDkyNGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWK48Ej4ZAaJmji0mssTplQIyfJbbQpyyOVRvz+qlVwkITz7+wuu9la37cc
Chg7KwbsRmu7rphZtORSolmCo/A63FKPZF5o6DHdvezImwLxWD7LnV1ywLJxIM59
q6qfcvhvXXQBi6NlWGSh51EdvX4sTb/grtBKKzZ/6xkPK9ZrP+qBOBtxll2pTtfR
fNCYtI5mSBouUXltg8xVi25su1bZENNwVJXEEoWJHSblZ46HRQmydW+QQDTVVMpr
Pa6tmVEl1NOMS9Gg3t9XVaKkZa4ObwU9oUxvmoCAxn9+FnfjhXMZwPfLXfIq6kSC
+jn8M4psaUa9LyEIJjRsz73MSX8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTHlly/
YeOI9mZ+ffHg2klWA/wRLzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2I4ZTJiNjMtZGI0MC00ODI1LTljNWEtOTQzNjYyYzE5OGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
QDANBgkqhkiG9w0BAQsFAAOCAQEATPUjDk8tR34FNvzsyJJTbpoDHd9z9q1+dR0b
AS+wE2meafrayEDk9d1o++/1VIYqmukciwAkBbd7GdM0z+E5TXL31MuHskauje1D
L6GI/0VsPB3vUqa5yhObydi/6gfBxWRnCRfNen6+QwB3e1hhnBRFXXm4TaRsrBpZ
su+eX/K+gMEyVFYeO+XeU6Cx9SxJsPZeErXndaYkeSjM8FGCmFcHs3XWhYLLXwjF
El5Majd95VhnTt1oreq3JHnnSzNmJYvWzn74jDPporuau1ik11ncfpLxCYv02OmI
KAAPcWvZ+mCz0f/qclsx0HXs0lQAwPAPylKLzCQnP85rfJhzRQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:29 2025 by rpki-client