Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: p3EvTsDlTxhlkLuFPfWNKTN5EAJoY40RQuvPu2NrJDo=
Subject key identifier: DD:B5:F7:30:93:CB:10:39:DF:6B:C8:5F:A6:C8:88:81:2F:38:AB:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2160F4EBCBBE55A2DFEDB07472471F867B092E4B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:60:f4:eb:cb:be:55:a2:df:ed:b0:74:72:47:1f:86:7b:09:2e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=80514e61ac3c51ca55cf75b759e7aa2d9d5696857eb055a64ce17c8e75dd98e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3b:9f:3b:cb:6a:d8:6d:42:5a:82:12:e2:af:
5c:ee:91:df:43:f6:ff:67:e9:d1:6b:de:33:6a:44:
fa:ca:3f:91:ed:6b:5d:9c:a4:3f:9f:5b:ad:36:8e:
8c:82:92:15:7c:90:92:a3:f4:21:00:7f:03:bf:29:
da:56:11:2a:f2:f5:8c:06:53:8c:4b:f0:16:05:ce:
24:06:e8:2d:a1:fe:cb:14:f8:8a:8f:7e:a8:29:3f:
f9:30:7d:aa:7b:b7:c9:7e:f4:78:f8:f9:2f:7e:f1:
f0:2e:27:9c:fa:49:6f:f0:7f:e1:db:09:f4:b4:14:
98:a2:98:57:e8:13:b9:5d:33:fc:f8:a9:8f:a3:fe:
96:1b:24:19:d4:93:9e:bb:ea:fc:85:f4:54:22:b7:
29:9e:cc:cd:a9:9a:40:d4:21:b8:79:16:77:5c:7a:
d8:5c:c4:a3:30:0f:d6:86:f2:b7:37:1a:fd:f5:41:
0c:c9:c2:3d:07:c5:09:82:5a:76:88:27:a5:a0:13:
73:b9:cd:ed:25:79:c5:22:7a:83:ad:e9:55:70:fe:
3a:40:fb:a7:79:da:05:6e:f0:a2:6e:a0:e0:d9:62:
f0:01:08:4d:80:52:24:b4:d1:da:95:47:90:f2:a2:
c5:21:d9:9a:7f:d1:7b:31:a9:be:26:ed:d0:d3:51:
14:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B5:F7:30:93:CB:10:39:DF:6B:C8:5F:A6:C8:88:81:2F:38:AB:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:41:3b:67:40:45:8d:5a:8f:18:5e:4e:ed:9a:0d:8d:42:da:
8e:58:75:65:52:16:31:00:d3:57:c0:35:0c:47:90:2c:87:9c:
35:9e:94:4d:54:97:04:1a:57:47:7c:fb:5e:aa:b2:a8:23:6c:
74:d9:1a:a6:b7:be:42:5e:1e:ad:89:92:b8:70:c3:de:c9:8f:
29:58:be:19:46:0c:bc:db:93:76:5f:42:44:71:f3:4d:3e:2c:
01:04:f2:fb:9f:2c:26:a6:7b:6f:96:9c:aa:2e:d2:7a:aa:39:
47:fd:a5:9e:28:79:ca:dd:86:3b:0f:9d:63:31:dd:73:c6:7c:
20:69:c8:4f:16:d9:f2:1b:53:b2:04:b2:4d:f0:90:8f:d6:26:
31:2f:d3:a2:c0:85:60:08:a6:2c:94:7a:a8:ad:37:1e:c7:2d:
d6:3c:ce:ed:fd:84:88:65:fc:2d:c9:a3:bc:7e:38:85:99:c1:
19:e2:04:87:ba:02:c8:88:74:49:d2:36:1d:ab:6e:ac:e7:db:
04:05:b4:fb:3c:74:52:83:cf:0e:ad:59:f1:a0:c1:83:22:65:
d2:ac:56:58:46:e1:24:b5:f5:fd:02:af:c5:e7:ae:fe:8c:4a:
c8:2c:56:c7:a5:70:d6:27:32:c7:77:d2:94:8a:ce:12:de:63:
29:6a:80:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIWD068u+VaLf7bB0ckcfhnsJLkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNTE0ZTYxYWMzYzUxY2E1NWNmNzViNzU5ZTdhYTJkOWQ1Njk2ODU3ZWIw
NTVhNjRjZTE3YzhlNzVkZDk4ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJM7nzvLathtQlqCEuKvXO6R30P2/2fp0WveM2pE+so/ke1rXZykP59brTaO
jIKSFXyQkqP0IQB/A78p2lYRKvL1jAZTjEvwFgXOJAboLaH+yxT4io9+qCk/+TB9
qnu3yX70ePj5L37x8C4nnPpJb/B/4dsJ9LQUmKKYV+gTuV0z/Pipj6P+lhskGdST
nrvq/IX0VCK3KZ7MzamaQNQhuHkWd1x62FzEozAP1obytzca/fVBDMnCPQfFCYJa
dognpaATc7nN7SV5xSJ6g63pVXD+OkD7p3naBW7wom6g4Nli8AEITYBSJLTR2pVH
kPKixSHZmn/RezGpvibt0NNRFJUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdtfcw
k8sQOd9ryF+myIiBLzirAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQAaQTtnQEWNWo8YXk7tmg2NQtqOWHVlUhYxANNXwDUM
R5Ash5w1npRNVJcEGldHfPteqrKoI2x02Rqmt75CXh6tiZK4cMPeyY8pWL4ZRgy8
25N2X0JEcfNNPiwBBPL7nywmpntvlpyqLtJ6qjlH/aWeKHnK3YY7D51jMd1zxnwg
achPFtnyG1OyBLJN8JCP1iYxL9OiwIVgCKYslHqorTcexy3WPM7t/YSIZfwtyaO8
fjiFmcEZ4gSHugLIiHRJ0jYdq26s59sEBbT7PHRSg88OrVnxoMGDImXSrFZYRuEk
tfX9Aq/F567+jErILFbHpXDWJzLHd9KUis4S3mMpaoCC
-----END CERTIFICATE-----
Generated at Sat May 3 23:14:03 2025 by rpki-client