Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: P+Q3vfhdoS4Mrra2RY7snXeLkNxHMTQEJZOUNeqXWFs=
Subject key identifier: 09:AD:BF:B1:DD:60:7B:18:6C:50:1B:62:51:77:D6:94:70:78:76:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D423D9106A75AD309380E96C3E0AC5696E4C550
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:42:3d:91:06:a7:5a:d3:09:38:0e:96:c3:e0:ac:56:96:e4:c5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d091c8f5e8b82e2ad5c595dd7ae2931dbaec90053fe75724a43e6cef65845478, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:3b:82:1d:f7:ca:68:ee:61:b8:57:be:d6:
ef:4c:ee:9a:31:da:2e:78:ec:d4:5c:35:51:2a:a6:
58:0a:05:10:77:44:4f:00:4b:ba:5f:48:be:b1:a6:
55:73:2e:3d:80:ba:46:2d:ae:7e:38:2e:d6:12:ac:
0b:f0:5a:43:c9:77:dd:d4:5a:79:46:48:47:71:e8:
6e:ab:ba:df:3e:ea:ea:3e:c9:e3:8e:a3:98:1c:f6:
fb:b6:5b:1b:a6:88:38:4a:04:5a:98:f4:62:55:27:
a3:b5:44:a8:40:ad:e6:d4:ab:f7:b6:76:41:47:44:
32:06:c4:22:25:56:10:b7:92:cb:e4:96:63:fb:3e:
70:95:ad:7d:7e:9f:7b:f6:ad:2e:9f:be:83:db:97:
87:ff:24:5f:b7:e2:db:8d:ef:c6:79:df:6b:a6:d8:
7a:be:bb:af:9c:29:96:32:25:d3:56:74:89:92:8e:
e9:0a:5a:cc:cf:17:00:b5:24:fe:f4:58:70:d1:f0:
16:4e:d0:ae:d4:04:fb:49:f6:c0:9d:98:df:6a:65:
f3:51:c1:f2:40:e0:29:06:73:fb:f3:69:4d:b5:0f:
0f:5a:a9:8d:5a:6f:c6:5f:8a:54:69:e9:c0:72:a0:
4c:28:34:7b:a9:f8:24:e0:8e:c7:e5:bf:c2:4d:44:
83:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AD:BF:B1:DD:60:7B:18:6C:50:1B:62:51:77:D6:94:70:78:76:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7e:21:c6:56:c2:f0:06:dd:64:3a:09:6b:f5:63:68:a8:b9:2f:
e2:71:83:77:f4:e8:fe:9e:97:5b:27:5c:8b:fd:1d:1b:25:d3:
af:26:69:f6:52:2b:bd:a6:1d:ef:6b:de:1f:70:95:b0:44:5c:
e0:15:8a:b1:c9:ab:dc:de:45:c5:6c:c0:a6:ac:ba:be:19:3b:
9c:23:4b:87:f7:26:22:e0:ec:ef:ab:49:81:d5:37:64:e0:22:
59:23:3d:e1:25:99:0c:10:42:9b:9e:27:23:76:96:13:de:16:
55:c5:f7:f9:04:99:d2:68:e6:40:c5:9d:04:f7:9e:66:8d:e7:
7a:a2:65:fb:61:0d:8b:d4:41:00:f2:25:79:fc:fd:a1:80:4b:
19:86:fa:4b:09:7b:49:69:21:f7:a3:9c:01:5a:5b:56:e8:d4:
5b:10:eb:4d:85:75:7c:8c:07:a0:bc:23:80:76:82:44:33:f4:
0c:81:bb:5d:b4:a0:f0:10:2a:8c:8c:c0:f2:42:7c:dc:f8:f8:
1c:bf:d7:49:92:f8:a6:57:7d:dd:97:7b:e3:ad:33:a0:f2:95:
a2:33:21:a8:40:d2:92:bc:ce:83:96:5d:d9:a4:a9:38:91:fd:
fc:d7:73:e8:22:fb:c3:28:75:71:65:7a:83:41:35:75:5e:70:
a5:fc:ba:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXUI9kQanWtMJOA6Ww+CsVpbkxVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwOTFjOGY1ZThiODJlMmFkNWM1OTVkZDdhZTI5MzFkYmFlYzkwMDUzZmU3
NTcyNGE0M2U2Y2VmNjU4NDU0NzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIrnO4Id98po7mG4V77W70zumjHaLnjs1Fw1USqmWAoFEHdETwBLul9IvrGm
VXMuPYC6Ri2ufjgu1hKsC/BaQ8l33dRaeUZIR3Hobqu63z7q6j7J446jmBz2+7Zb
G6aIOEoEWpj0YlUno7VEqECt5tSr97Z2QUdEMgbEIiVWELeSy+SWY/s+cJWtfX6f
e/atLp++g9uXh/8kX7fi243vxnnfa6bYer67r5wpljIl01Z0iZKO6QpazM8XALUk
/vRYcNHwFk7QrtQE+0n2wJ2Y32pl81HB8kDgKQZz+/NpTbUPD1qpjVpvxl+KVGnp
wHKgTCg0e6n4JOCOx+W/wk1EgwcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJrb+x
3WB7GGxQG2JRd9aUcHh2jjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQB+IcZWwvAG3WQ6CWv1Y2iouS/icYN39Oj+npdbJ1yL
/R0bJdOvJmn2Uiu9ph3va94fcJWwRFzgFYqxyavc3kXFbMCmrLq+GTucI0uH9yYi
4Ozvq0mB1Tdk4CJZIz3hJZkMEEKbnicjdpYT3hZVxff5BJnSaOZAxZ0E955mjed6
omX7YQ2L1EEA8iV5/P2hgEsZhvpLCXtJaSH3o5wBWltW6NRbEOtNhXV8jAegvCOA
doJEM/QMgbtdtKDwECqMjMDyQnzc+Pgcv9dJkvimV33dl3vjrTOg8pWiMyGoQNKS
vM6Dll3ZpKk4kf3813PoIvvDKHVxZXqDQTV1XnCl/Lo4
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:41:51 2025 by rpki-client