Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
File: 7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa (raw, json)
Hash identifier: Db4J7SxHnwzYn9HbU7vb/dS0zcG4wcRcxUtj1Lid37o=
Subject key identifier: C2:F8:24:25:D3:32:C3:52:30:5A:D5:B5:03:09:59:0F:12:C0:94:38
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7BFB9071ABA823AEFB24D8787546FF795A99B178
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
Signing time: Tue 11 Mar 2025 14:52:33 +0000
ROA not before: Tue 11 Mar 2025 14:52:33 +0000
ROA not after: Tue 15 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:fb:90:71:ab:a8:23:ae:fb:24:d8:78:75:46:ff:79:5a:99:b1:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Mar 11 14:52:33 2025 GMT
Not After : Apr 15 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:67:8c:63:37:d1:d1:8c:22:c1:7d:52:c5:41:
98:0e:c1:53:d0:c2:43:ea:b8:9c:82:03:2f:7a:18:
d5:e6:94:d7:cd:a8:6c:6e:1c:cb:cc:66:78:7a:cc:
92:41:18:e5:03:7b:9d:01:85:d7:8e:93:81:ca:32:
d2:48:83:09:07:ab:bb:e3:59:11:15:11:0f:b9:6a:
89:5f:85:a2:24:47:5a:7d:b2:06:9e:90:88:f8:63:
18:9a:f2:a9:23:42:9e:73:13:f1:de:a8:ac:2b:bc:
ce:92:9d:b9:a5:60:f9:6f:6e:34:c5:9b:0e:fc:5d:
af:d8:71:ef:eb:31:97:06:3c:50:fd:33:76:ee:99:
c2:c7:8a:c4:0a:10:7e:0f:6e:dd:0c:eb:29:d0:d9:
68:6e:5e:d3:5f:0a:92:6c:2f:17:1a:40:ac:6e:c9:
66:69:30:76:9d:99:dc:6c:70:28:c1:77:07:ba:48:
1c:8a:a4:fe:ea:c9:f4:ee:77:ee:93:b7:f2:07:01:
42:d6:52:e5:83:ec:eb:34:3b:2e:08:36:2d:bc:e6:
08:ba:78:5a:06:04:c1:e8:60:8c:52:1e:6c:28:64:
0a:15:25:cb:dd:bb:4d:dd:7a:b8:18:fb:09:f8:eb:
c9:41:33:58:db:7e:92:66:e8:36:87:16:aa:6e:41:
2d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F8:24:25:D3:32:C3:52:30:5A:D5:B5:03:09:59:0F:12:C0:94:38
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
35:af:ab:d3:21:1d:f7:3d:79:2c:3e:d4:ff:93:ab:a9:75:1f:
26:a1:48:61:a6:82:2b:cc:9a:2f:e4:a2:75:64:75:1e:db:4c:
36:ec:9f:ed:a2:ca:90:97:b5:39:6c:4f:23:61:c6:43:10:3e:
0e:bc:53:9b:fb:e8:17:8c:73:bd:77:7c:2a:71:cf:c7:e8:0c:
42:b7:f4:25:ab:52:e4:5b:bd:48:a0:a4:f0:01:62:b6:ad:e2:
7a:67:c6:5a:07:e6:d0:23:26:86:2d:66:7d:5d:bb:9f:b0:b4:
57:33:65:4a:75:7e:41:99:aa:8d:2f:81:55:e7:b5:7d:b0:46:
c6:0e:d1:29:aa:8d:2b:7e:6c:f5:fb:8e:28:6f:9a:51:7f:43:
98:eb:2d:91:21:2e:a3:db:b2:1c:c3:2f:85:08:a2:39:ee:58:
cf:0f:76:4a:44:6e:be:d1:a9:67:c3:91:59:d3:f8:20:0c:02:
a1:c0:a8:d6:3d:7d:53:8c:f5:b5:ba:a8:3e:58:c3:b9:d4:3e:
82:55:2b:75:cf:c4:25:25:31:77:57:24:29:0d:bc:40:49:27:
fb:6e:3e:79:4c:1c:e8:66:fd:5d:6a:3e:91:d0:b6:04:2f:d5:
e1:dc:7e:46:01:24:a4:5d:a1:f6:d2:3f:0e:57:8f:5f:5c:44:
a3:c6:c1:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe/uQcauoI677JNh4dUb/eVqZsXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTAzMTExNDUyMzNaFw0yNTA0MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGViZGUyN2QyMDI0M2EyMDdhYjVmZDVhNDU4MThhMDM4YjY4ZDI2MzcyMTYx
YTM0ZjQ0ODVmYmI5MDUzZTkzNmUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxnjGM30dGMIsF9UsVBmA7BU9DCQ+q4nIIDL3oY1eaU182obG4cy8xmeHrM
kkEY5QN7nQGF146Tgcoy0kiDCQeru+NZERURD7lqiV+FoiRHWn2yBp6QiPhjGJry
qSNCnnMT8d6orCu8zpKduaVg+W9uNMWbDvxdr9hx7+sxlwY8UP0zdu6ZwseKxAoQ
fg9u3QzrKdDZaG5e018KkmwvFxpArG7JZmkwdp2Z3GxwKMF3B7pIHIqk/urJ9O53
7pO38gcBQtZS5YPs6zQ7Lgg2LbzmCLp4WgYEwehgjFIebChkChUly927Td16uBj7
CfjryUEzWNt+kmboNocWqm5BLRsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTC+CQl
0zLDUjBa1bUDCVkPEsCUODAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzE0NmQyNGEtNDhkYy00NWIxLWFjMWItMmE2YzJkN2I3YjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQA1r6vTIR33PXksPtT/k6updR8moUhhpoIrzJov
5KJ1ZHUe20w27J/tosqQl7U5bE8jYcZDED4OvFOb++gXjHO9d3wqcc/H6AxCt/Ql
q1LkW71IoKTwAWK2reJ6Z8ZaB+bQIyaGLWZ9XbufsLRXM2VKdX5BmaqNL4FV57V9
sEbGDtEpqo0rfmz1+44ob5pRf0OY6y2RIS6j27Icwy+FCKI57ljPD3ZKRG6+0aln
w5FZ0/ggDAKhwKjWPX1TjPW1uqg+WMO51D6CVSt1z8QlJTF3VyQpDbxASSf7bj55
TBzoZv1daj6R0LYEL9Xh3H5GASSkXaH20j8OV49fXESjxsFU
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:23:39 2025 by rpki-client