Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: AMTRWH62cffYZikDLWZBlcSm1Sj6GhnBuwaDySOZkAA=
Subject key identifier: A8:ED:FC:38:9E:D5:1B:B2:1B:E8:B2:B4:DD:E1:22:B6:D6:9C:B3:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 385619DF7DDBF55CAB7041C9AB2B1E5D19615EBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:56:19:df:7d:db:f5:5c:ab:70:41:c9:ab:2b:1e:5d:19:61:5e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=43040a67eca2299370bc58e257204946c0790c18051d9a6731854cb838453cd1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e1:80:10:57:62:69:97:f7:7b:54:b1:f9:06:
f6:ae:db:bd:70:d1:f5:4f:b5:8d:57:47:73:e3:67:
2b:44:64:62:a5:82:69:f0:2c:aa:c7:c5:74:30:d2:
9f:34:a7:84:33:93:0e:a8:1a:3b:fb:82:fc:4c:19:
b2:2f:7f:81:15:a6:00:cd:b5:b3:b9:50:e0:13:ca:
6a:6f:f2:61:27:b1:d4:80:c0:51:91:0d:24:e5:f2:
e6:93:2c:62:25:92:e0:0f:39:5c:6f:54:23:78:95:
c5:35:a9:60:77:d9:bd:ee:ed:a4:02:6c:85:75:e6:
5a:c5:f0:58:9f:61:77:28:93:30:ff:3f:58:5d:65:
7d:41:20:fc:e6:9b:e2:5c:13:c0:d2:24:9a:64:a8:
f6:41:8d:f9:5f:aa:39:05:14:ad:d9:84:43:07:65:
ab:8e:02:48:0f:6e:b9:c7:c2:7d:74:36:31:89:17:
1b:f7:1b:72:21:6f:2b:ab:33:eb:8f:5b:62:4c:a3:
ac:78:a3:a3:a7:7b:4a:82:3a:0e:e6:6a:52:4b:97:
b3:ff:0e:16:26:9f:8d:7b:ea:c7:28:9a:25:82:ab:
b1:7f:eb:56:65:7d:22:6f:e2:78:ae:7a:39:00:57:
dd:9c:15:1b:e7:50:ad:56:26:2b:16:41:ab:0b:63:
55:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:ED:FC:38:9E:D5:1B:B2:1B:E8:B2:B4:DD:E1:22:B6:D6:9C:B3:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
88:51:fa:88:f6:52:92:fc:ad:fb:22:70:51:1c:57:ef:86:a5:
50:f6:59:a1:91:41:f7:5a:ed:fb:67:7d:aa:49:47:1c:2c:2b:
78:29:c8:e2:36:cc:19:c1:fc:aa:c3:82:2c:5a:64:80:f8:da:
00:38:09:42:3f:ab:a7:ae:a5:e3:65:40:6a:14:cb:68:85:f4:
f2:db:6e:ab:4c:74:46:db:fd:da:f2:90:48:f4:c4:ce:e8:2a:
f3:dc:6a:e2:26:4d:05:ab:54:c9:9c:76:be:51:67:c4:06:26:
f4:e6:7e:dc:aa:d5:cf:8a:2b:11:c7:77:80:53:35:d5:f3:58:
e2:96:d6:ad:4b:8f:d0:c9:d0:8b:5a:84:18:60:a3:87:8e:7d:
cd:36:86:fa:33:68:59:31:aa:9b:35:7e:3c:84:0f:42:3b:2b:
05:fd:90:d3:d7:29:dd:fc:0d:6e:f3:1d:6f:3d:68:84:0f:a3:
e8:1c:13:c6:be:df:1c:e3:c4:24:bc:fb:55:19:9c:43:93:58:
10:3c:dd:fd:d7:a9:b7:84:28:62:3c:eb:8f:82:fa:b2:dd:0a:
38:93:d9:d2:10:11:f7:50:2e:7e:c7:c0:58:b1:b1:86:e7:68:
8c:34:6d:ac:89:0f:a2:53:69:4b:a8:d0:f6:72:87:8b:67:9b:
af:8e:d8:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOFYZ333b9VyrcEHJqyseXRlhXrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMDQwYTY3ZWNhMjI5OTM3MGJjNThlMjU3MjA0OTQ2YzA3OTBjMTgwNTFk
OWE2NzMxODU0Y2I4Mzg0NTNjZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKThgBBXYmmX93tUsfkG9q7bvXDR9U+1jVdHc+NnK0RkYqWCafAsqsfFdDDS
nzSnhDOTDqgaO/uC/EwZsi9/gRWmAM21s7lQ4BPKam/yYSex1IDAUZENJOXy5pMs
YiWS4A85XG9UI3iVxTWpYHfZve7tpAJshXXmWsXwWJ9hdyiTMP8/WF1lfUEg/Oab
4lwTwNIkmmSo9kGN+V+qOQUUrdmEQwdlq44CSA9uucfCfXQ2MYkXG/cbciFvK6sz
649bYkyjrHijo6d7SoI6DuZqUkuXs/8OFiafjXvqxyiaJYKrsX/rVmV9Im/ieK56
OQBX3ZwVG+dQrVYmKxZBqwtjVTMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSo7fw4
ntUbshvosrTd4SK21pyzoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQCIUfqI9lKS/K37InBRHFfvhqVQ9lmhkUH3Wu37Z32q
SUccLCt4KcjiNswZwfyqw4IsWmSA+NoAOAlCP6unrqXjZUBqFMtohfTy226rTHRG
2/3a8pBI9MTO6Crz3GriJk0Fq1TJnHa+UWfEBib05n7cqtXPiisRx3eAUzXV81ji
ltatS4/QydCLWoQYYKOHjn3NNob6M2hZMaqbNX48hA9COysF/ZDT1ynd/A1u8x1v
PWiED6PoHBPGvt8c48QkvPtVGZxDk1gQPN3916m3hChiPOuPgvqy3Qo4k9nSEBH3
UC5+x8BYsbGG52iMNG2siQ+iU2lLqND2coeLZ5uvjtjh
-----END CERTIFICATE-----
Generated at Fri May 2 21:24:42 2025 by rpki-client