Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa
File: 0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa (raw, json)
Hash identifier: pGK/5e2xBiwybfZqT/bSbjmb0kslq+IF5BFmAmeCXS4=
Subject key identifier: 54:04:B0:1F:96:4D:6A:A1:61:10:F0:E8:03:60:44:76:15:17:F5:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 528D39EE735B767EB8E59DABC02EF0AD8D21FFB1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:8d:39:ee:73:5b:76:7e:b8:e5:9d:ab:c0:2e:f0:ad:8d:21:ff:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=79a70e931ff20f10832fc047ca2609f7b1d5e9d952f331f83bf28f815d17f771, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7b:15:b4:d1:1a:f6:be:d3:38:be:c7:39:50:
ec:b5:bb:5e:ab:06:c3:c1:9c:e3:57:13:80:d9:4a:
89:3f:bc:4b:db:ea:b3:83:53:68:36:4c:d9:89:41:
b9:f5:9c:d7:f1:85:23:0d:69:a4:e3:2b:ae:5f:d4:
ab:09:73:ff:05:04:01:aa:d4:6e:63:31:9f:7d:72:
5a:f7:6f:06:8c:bc:c5:fe:55:a9:4d:fa:63:1d:5b:
ec:9e:2d:10:5b:13:48:3a:80:78:eb:c7:00:41:2d:
49:b4:76:b7:50:8c:d8:43:09:a7:23:c0:98:79:19:
e0:3b:08:87:47:e5:48:8a:42:1a:8e:2b:69:6e:cc:
68:1d:dd:30:d7:84:9a:4a:3a:be:03:86:51:de:f1:
2c:e9:13:ad:55:b6:6d:60:2c:14:2f:5b:81:fe:a5:
a8:89:e4:a2:77:e0:b4:82:68:ef:8b:bc:c6:52:dc:
38:95:37:c8:05:23:19:e3:9d:fb:33:74:e0:cc:0d:
14:e9:77:aa:f0:d1:53:0d:d7:2a:f8:13:3c:98:a8:
e9:85:c1:2d:cc:5a:af:de:7e:8f:10:1a:2b:ad:7a:
13:75:23:3f:09:c3:c8:79:11:60:ca:25:50:5e:8b:
80:6a:a0:74:f7:db:d9:fc:21:a2:3f:73:ee:ce:1d:
d5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:04:B0:1F:96:4D:6A:A1:61:10:F0:E8:03:60:44:76:15:17:F5:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
88:8c:af:58:6e:5c:b6:8f:2e:1b:8b:5b:cc:7f:92:64:b8:9c:
6e:67:5f:0d:df:49:f7:f7:ee:95:92:20:c5:83:c9:be:4c:b3:
91:de:7a:08:96:00:d1:7d:8a:34:32:1d:12:63:be:28:df:b8:
2b:bf:2a:d9:6e:ff:fe:ab:6c:df:f0:26:49:46:13:e1:2b:d4:
30:f8:2d:60:04:76:46:71:d6:07:0d:8e:0f:b9:18:19:ba:c7:
43:ed:73:b3:47:40:2f:e6:eb:7e:07:0b:4e:fb:0b:4d:3f:37:
88:ad:8b:78:e3:83:e5:f5:e7:38:2e:30:53:3f:87:7a:33:74:
bc:d3:0a:6c:5b:2e:ef:b2:36:ce:da:24:69:ca:ed:2f:42:6b:
e0:8a:a5:f6:07:49:64:f8:a9:58:07:ab:8f:db:30:af:d6:34:
22:f7:ca:79:a6:c6:2c:9d:f0:88:43:7b:91:ba:4b:b8:6d:3e:
12:58:27:f0:e1:53:e9:64:c6:76:fe:02:a6:bd:54:2b:15:2e:
95:39:13:60:fa:ef:c4:4b:54:73:73:4e:36:e9:5f:7e:75:31:
c9:6a:fc:5e:32:a9:d0:59:32:7c:2e:1e:32:6d:2e:c0:a8:ae:
75:a5:b7:1e:5a:3a:fb:0c:af:fc:a2:40:3a:9f:2a:43:24:5e:
d7:98:14:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUo057nNbdn645Z2rwC7wrY0h/7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5YTcwZTkzMWZmMjBmMTA4MzJmYzA0N2NhMjYwOWY3YjFkNWU5ZDk1MmYz
MzFmODNiZjI4ZjgxNWQxN2Y3NzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAON7FbTRGva+0zi+xzlQ7LW7XqsGw8Gc41cTgNlKiT+8S9vqs4NTaDZM2YlB
ufWc1/GFIw1ppOMrrl/Uqwlz/wUEAarUbmMxn31yWvdvBoy8xf5VqU36Yx1b7J4t
EFsTSDqAeOvHAEEtSbR2t1CM2EMJpyPAmHkZ4DsIh0flSIpCGo4raW7MaB3dMNeE
mko6vgOGUd7xLOkTrVW2bWAsFC9bgf6lqInkonfgtIJo74u8xlLcOJU3yAUjGeOd
+zN04MwNFOl3qvDRUw3XKvgTPJio6YXBLcxar95+jxAaK616E3UjPwnDyHkRYMol
UF6LgGqgdPfb2fwhoj9z7s4d1dUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUBLAf
lk1qoWEQ8OgDYER2FRf1CDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGY2YmMwZDItODYyOC00Y2NkLWEwZDktMzliYWIwMGNlODI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCIjK9Ybly2jy4bi1vMf5JkuJxuZ18N30n39+6VkiDF
g8m+TLOR3noIlgDRfYo0Mh0SY74o37grvyrZbv/+q2zf8CZJRhPhK9Qw+C1gBHZG
cdYHDY4PuRgZusdD7XOzR0Av5ut+BwtO+wtNPzeIrYt444Pl9ec4LjBTP4d6M3S8
0wpsWy7vsjbO2iRpyu0vQmvgiqX2B0lk+KlYB6uP2zCv1jQi98p5psYsnfCIQ3uR
uku4bT4SWCfw4VPpZMZ2/gKmvVQrFS6VORNg+u/ES1Rzc0426V9+dTHJavxeMqnQ
WTJ8Lh4ybS7AqK51pbceWjr7DK/8okA6nypDJF7XmBTx
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:07:47 2025 by rpki-client