Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: yBcMF4r/ixT/jfevq1b2sc/g7eOerjlziv1LXDLlTbA=
Subject key identifier: F0:BE:57:81:46:AF:4C:FA:31:44:64:F4:F9:D8:26:68:10:3B:B9:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3588333FCD48880281E1E73631942670FDB7DBC9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:88:33:3f:cd:48:88:02:81:e1:e7:36:31:94:26:70:fd:b7:db:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=3925879e2507845c03e319a0a3ab2401da72f3829e1867212f93134a94ecad9b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:ce:fe:c8:3d:f7:9d:ce:54:f6:5b:bd:c2:
d9:81:57:5c:80:fb:91:6e:35:a7:f3:be:90:36:cb:
34:c7:57:a5:38:0b:f8:27:17:96:f5:23:13:6d:82:
f7:66:65:f7:c3:7e:be:14:e6:fe:19:41:bd:6e:6a:
b7:0a:18:83:70:48:eb:92:28:7c:7a:c9:a1:27:45:
3b:83:b3:6b:63:18:aa:6e:03:15:32:96:81:95:ac:
4d:f0:c2:96:e0:eb:28:e1:e7:bd:47:97:13:44:52:
7e:be:1e:27:45:17:03:56:4f:c2:b2:9c:06:d7:6d:
ee:a7:0d:c0:b0:72:1b:b2:2f:78:5b:5d:74:00:ea:
79:69:75:dd:f7:07:fb:7c:6c:b1:df:9f:86:69:09:
0d:d4:20:a1:06:52:bb:a7:d1:c5:71:8b:b6:99:90:
af:69:bf:52:5c:e3:82:19:79:35:64:2e:d0:b9:fd:
f9:3c:59:e5:06:84:23:e5:e4:63:c4:23:09:7c:4d:
02:28:02:fe:d9:98:37:53:4f:a8:b7:70:cd:50:2b:
a9:64:bb:39:67:c9:76:77:59:3b:b0:cc:75:14:9c:
c9:51:c9:b9:32:f1:04:69:06:bc:b3:f0:5b:1d:43:
70:75:60:ef:3d:cd:68:09:e6:82:ea:af:c4:b3:7e:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BE:57:81:46:AF:4C:FA:31:44:64:F4:F9:D8:26:68:10:3B:B9:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:1a:66:6e:c2:dc:53:92:cb:6f:4f:80:56:70:c8:e0:2d:b2:
d9:ec:cb:de:e7:db:a5:54:53:e1:ac:47:30:a6:98:aa:59:27:
86:30:49:15:b3:2e:63:6e:ae:23:eb:a4:a2:73:1f:43:98:7c:
da:c5:4f:68:b2:ea:49:4a:3a:85:07:e3:9d:54:4c:e2:d9:ab:
6c:88:25:b9:39:18:07:e7:5e:59:42:8d:87:4a:e6:55:a8:d5:
96:2c:b9:e4:2e:9f:b3:16:a4:9c:86:8b:9c:a3:29:ba:20:ab:
c9:25:0e:a2:e3:c1:b4:ac:43:bb:45:a5:6a:a8:5b:9b:6a:d1:
ec:aa:2d:7e:77:40:78:ca:05:0d:20:0a:a0:e8:e8:10:43:58:
3e:aa:59:35:69:6f:0e:8d:a4:14:79:bd:19:70:a0:a1:9c:9d:
19:d2:0f:7e:83:82:f3:37:25:45:db:03:9c:75:d7:d7:1b:6f:
54:c0:b7:fe:d1:d6:42:c9:20:98:b4:93:87:f1:63:66:b3:be:
ef:28:37:7b:5b:f2:64:00:e8:d3:02:81:44:50:df:e4:65:84:
a3:f3:09:e3:d9:d4:4b:5a:f8:e0:00:c7:b2:a8:76:d0:c9:96:
b5:91:3d:78:fb:2e:87:93:ce:07:94:37:ac:18:df:df:e5:a1:
96:f9:b6:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNYgzP81IiAKB4ec2MZQmcP2328kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5MjU4NzllMjUwNzg0NWMwM2UzMTlhMGEzYWIyNDAxZGE3MmYzODI5ZTE4
NjcyMTJmOTMxMzRhOTRlY2FkOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJPzv7IPfedzlT2W73C2YFXXID7kW41p/O+kDbLNMdXpTgL+CcXlvUjE22C
92Zl98N+vhTm/hlBvW5qtwoYg3BI65IofHrJoSdFO4Oza2MYqm4DFTKWgZWsTfDC
luDrKOHnvUeXE0RSfr4eJ0UXA1ZPwrKcBtdt7qcNwLByG7IveFtddADqeWl13fcH
+3xssd+fhmkJDdQgoQZSu6fRxXGLtpmQr2m/Ulzjghl5NWQu0Ln9+TxZ5QaEI+Xk
Y8QjCXxNAigC/tmYN1NPqLdwzVArqWS7OWfJdndZO7DMdRScyVHJuTLxBGkGvLPw
Wx1DcHVg7z3NaAnmguqvxLN+ki8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwvleB
Rq9M+jFEZPT52CZoEDu59zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQAYGmZuwtxTkstvT4BWcMjgLbLZ7Mve59ulVFPhrEcw
ppiqWSeGMEkVsy5jbq4j66Sicx9DmHzaxU9osupJSjqFB+OdVEzi2atsiCW5ORgH
515ZQo2HSuZVqNWWLLnkLp+zFqSchoucoym6IKvJJQ6i48G0rEO7RaVqqFubatHs
qi1+d0B4ygUNIAqg6OgQQ1g+qlk1aW8OjaQUeb0ZcKChnJ0Z0g9+g4LzNyVF2wOc
ddfXG29UwLf+0dZCySCYtJOH8WNms77vKDd7W/JkAOjTAoFEUN/kZYSj8wnj2dRL
WvjgAMeyqHbQyZa1kT14+y6Hk84HlDesGN/f5aGW+bbK
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:21 2025 by rpki-client