Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: bDgF6GNm4NtRaVaSlNYewDSPu087a+8s9sa8kpjGSZs=
Subject key identifier: 51:6B:EF:F0:F5:32:7A:81:F9:C6:71:6A:B3:DE:60:40:41:38:8A:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3BA458A874508B2D4D5FDA6ABAA9456EE1CD6E43
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a4:58:a8:74:50:8b:2d:4d:5f:da:6a:ba:a9:45:6e:e1:cd:6e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f9b549cd175ad435269c888555b179a7f5c58568a5bd645c84cfd008fbcc5890, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2d:6b:32:e4:97:14:e3:2c:34:8b:48:fb:d2:
e2:76:97:f3:69:99:62:6d:68:02:c9:7f:e4:87:03:
6e:2f:a7:81:5e:c2:a6:d5:21:1f:95:b2:d1:15:dc:
54:37:b3:65:4c:61:d1:80:f4:4b:92:c4:c7:c9:76:
45:2b:6d:ee:a9:77:9e:10:91:ae:3c:58:92:ad:b3:
44:c5:52:f6:c0:8e:1d:6f:cd:bd:3f:e6:d3:4d:3b:
12:55:dc:1f:63:c7:1c:fa:ff:da:32:ef:94:e9:f3:
69:f4:25:55:8b:ce:99:26:7d:f4:c9:96:7c:8f:f9:
06:40:16:b6:59:6c:00:cb:a4:4d:e3:46:42:fc:e4:
da:b0:47:19:e4:5b:0e:e9:fd:8e:e3:bc:c7:dc:70:
13:cc:30:1d:a8:bc:13:6a:7f:4b:b3:01:0f:7b:9a:
d5:52:81:46:20:f9:3f:2a:b1:5a:35:a6:d3:9e:29:
d5:40:87:7c:5f:74:96:d2:b5:56:33:45:4b:65:5c:
fd:2d:71:24:bd:cc:ee:68:0a:7e:92:b3:71:b8:bf:
aa:b9:99:77:6d:a1:c9:7b:52:d0:2f:94:a2:85:c4:
e6:00:c1:7e:70:b9:48:4f:64:f9:b2:87:4a:b8:58:
50:5e:1c:c4:79:4e:c2:f9:ef:00:78:7d:61:ce:a9:
22:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:6B:EF:F0:F5:32:7A:81:F9:C6:71:6A:B3:DE:60:40:41:38:8A:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2e:75:7e:54:a8:85:b0:a7:4d:38:ac:cb:75:29:69:82:58:5a:
81:f2:13:e3:e3:32:9c:9b:5e:96:b9:a5:3e:7c:61:15:01:9b:
2e:8e:a5:a7:df:47:23:89:02:f6:08:6c:94:a6:92:66:67:fe:
bf:ad:00:97:f1:68:0d:6b:07:a8:f7:e6:fb:88:3f:cf:c5:0b:
b6:56:54:45:5e:ce:2e:12:d9:55:93:fe:28:53:33:fe:a4:bd:
73:a4:7e:f1:92:62:e4:f7:b1:e6:46:48:56:2f:a8:c4:f8:af:
f7:52:52:35:65:33:2c:6c:02:b0:8a:14:4a:a1:5d:f3:40:06:
0c:03:21:64:5e:57:2a:16:47:4d:7b:76:82:e8:e8:6a:4d:41:
12:3a:88:46:d5:02:9b:37:f8:13:b3:1a:ec:7e:bf:2d:34:3d:
3e:b1:17:48:37:82:9f:d0:b2:6f:bd:10:09:b7:83:54:d4:16:
b8:5a:3d:99:32:65:3f:02:43:e7:e0:78:05:c1:f2:63:21:31:
ae:81:1f:7c:41:2b:bb:cc:4c:0f:c8:4a:16:aa:88:fd:ae:4d:
44:99:41:e5:5c:4a:ee:e4:ff:3f:9e:b8:71:32:3f:f8:7d:d2:
28:ba:d4:6d:21:64:5b:29:55:21:d2:89:5b:e9:a8:e6:71:bd:
bc:80:1a:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO6RYqHRQiy1NX9pquqlFbuHNbkMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YjU0OWNkMTc1YWQ0MzUyNjljODg4NTU1YjE3OWE3ZjVjNTg1NjhhNWJk
NjQ1Yzg0Y2ZkMDA4ZmJjYzU4OTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJctazLklxTjLDSLSPvS4naX82mZYm1oAsl/5IcDbi+ngV7CptUhH5Wy0RXc
VDezZUxh0YD0S5LEx8l2RStt7ql3nhCRrjxYkq2zRMVS9sCOHW/NvT/m0007ElXc
H2PHHPr/2jLvlOnzafQlVYvOmSZ99MmWfI/5BkAWtllsAMukTeNGQvzk2rBHGeRb
Dun9juO8x9xwE8wwHai8E2p/S7MBD3ua1VKBRiD5PyqxWjWm054p1UCHfF90ltK1
VjNFS2Vc/S1xJL3M7mgKfpKzcbi/qrmZd22hyXtS0C+UooXE5gDBfnC5SE9k+bKH
SrhYUF4cxHlOwvnvAHh9Yc6pIsECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRRa+/w
9TJ6gfnGcWqz3mBAQTiK9TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQAudX5UqIWwp004rMt1KWmCWFqB8hPj4zKcm16WuaU+
fGEVAZsujqWn30cjiQL2CGyUppJmZ/6/rQCX8WgNaweo9+b7iD/PxQu2VlRFXs4u
EtlVk/4oUzP+pL1zpH7xkmLk97HmRkhWL6jE+K/3UlI1ZTMsbAKwihRKoV3zQAYM
AyFkXlcqFkdNe3aC6OhqTUESOohG1QKbN/gTsxrsfr8tND0+sRdIN4Kf0LJvvRAJ
t4NU1Ba4Wj2ZMmU/AkPn4HgFwfJjITGugR98QSu7zEwPyEoWqoj9rk1EmUHlXEru
5P8/nrhxMj/4fdIoutRtIWRbKVUh0olb6ajmcb28gBqZ
-----END CERTIFICATE-----
Generated at Sat May 3 11:59:10 2025 by rpki-client