Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: Tcg1MnSwviyRbOHOpEyJJqt/VuItcWQXnjf4417moBM=
Subject key identifier: EA:B5:9A:C0:0B:26:2E:42:78:DB:AB:E0:77:04:F6:50:67:AE:83:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02DD75E3FC24F8A8C8CC9516AFFE09FCD267D552
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:dd:75:e3:fc:24:f8:a8:c8:cc:95:16:af:fe:09:fc:d2:67:d5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=0637b342af58f6baea2349e47e0ab71b547e00523541813bd4edbe47e29b6407, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2f:08:13:17:2f:6f:e6:5b:9e:d6:9c:a3:0a:
35:f5:ea:64:c2:36:31:13:c7:5a:57:61:4c:03:5a:
68:9d:b7:be:5b:be:74:c7:c4:50:d1:4b:7f:d6:91:
75:5f:a5:1b:fe:c9:36:8a:79:88:10:cf:b2:4f:58:
d5:e6:43:b1:e1:cd:7e:cb:d7:f6:a2:97:b7:f6:d0:
e3:b9:3b:52:83:f6:eb:f3:c6:39:bb:50:b2:82:49:
2f:0b:09:66:cd:df:2d:00:9f:ab:61:0f:50:7e:97:
2c:33:dc:a9:a1:2a:bf:28:b2:10:f6:59:9a:35:a1:
c1:e7:f3:55:cd:ce:20:ed:d1:96:51:e9:a0:d2:9d:
d9:c3:b3:cd:cf:5a:e5:cf:a2:07:9e:ad:5f:5a:fe:
56:dc:bb:3c:07:53:4e:2b:df:56:ce:09:63:5c:c8:
76:37:2d:ac:8c:26:b1:ed:ea:0d:03:68:0a:f1:e5:
00:fc:f8:8a:76:36:e5:39:4b:6c:15:3d:02:a7:b2:
53:5e:2d:e0:7d:38:e2:20:9b:54:b8:f6:23:dc:30:
59:cb:31:d4:28:67:b1:7c:74:69:ba:2f:08:6a:74:
25:8b:0d:ab:90:0e:d6:8f:b2:54:b3:6d:3d:ed:49:
17:34:d1:c6:c4:71:3e:f7:8d:81:25:22:d3:ea:69:
39:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B5:9A:C0:0B:26:2E:42:78:DB:AB:E0:77:04:F6:50:67:AE:83:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:96:24:cc:ba:81:e6:dd:4b:9c:1c:93:c6:a2:c4:ae:43:cc:
eb:5b:be:17:31:64:d3:74:94:e1:94:89:b2:a4:31:b4:ff:b9:
ab:9a:bd:72:c1:c6:37:1d:82:3e:f2:d3:50:f7:fc:64:9b:22:
3e:b3:ff:42:48:d5:3e:0a:75:da:68:d2:62:52:e3:61:d8:d4:
75:15:d9:8b:ed:b6:b5:51:b8:df:44:11:66:09:f8:23:37:2b:
e5:5c:45:9a:7c:44:c2:37:02:3f:d5:ec:4f:cb:6f:bb:de:3d:
25:27:63:bb:34:d8:8c:87:13:4e:e4:94:2c:61:78:1e:4b:4d:
8f:5b:33:1b:68:d4:a8:b3:40:dd:f9:3b:d1:28:f3:9e:12:96:
4c:f7:30:d3:8f:93:bb:63:1d:83:4c:17:b0:bb:46:bf:98:40:
c2:ed:49:c1:f0:c9:f2:e0:33:8c:2b:22:99:47:06:cf:89:c8:
e2:e5:fc:a4:50:e8:9c:f9:9b:35:a4:40:d3:22:3c:e0:8c:54:
8f:77:a8:10:a4:8f:55:53:08:df:87:5c:1c:05:4d:76:02:77:
0a:83:1d:60:6c:74:7f:cf:0a:a2:9c:c8:bd:8b:94:db:ec:f8:
c1:f5:64:a1:10:31:a4:19:29:78:12:37:67:f5:94:42:70:a8:
9e:79:36:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAt114/wk+KjIzJUWr/4J/NJn1VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MzdiMzQyYWY1OGY2YmFlYTIzNDllNDdlMGFiNzFiNTQ3ZTAwNTIzNTQx
ODEzYmQ0ZWRiZTQ3ZTI5YjY0MDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsvCBMXL2/mW57WnKMKNfXqZMI2MRPHWldhTANaaJ23vlu+dMfEUNFLf9aR
dV+lG/7JNop5iBDPsk9Y1eZDseHNfsvX9qKXt/bQ47k7UoP26/PGObtQsoJJLwsJ
Zs3fLQCfq2EPUH6XLDPcqaEqvyiyEPZZmjWhwefzVc3OIO3RllHpoNKd2cOzzc9a
5c+iB56tX1r+Vty7PAdTTivfVs4JY1zIdjctrIwmse3qDQNoCvHlAPz4inY25TlL
bBU9AqeyU14t4H044iCbVLj2I9wwWcsx1ChnsXx0abovCGp0JYsNq5AO1o+yVLNt
Pe1JFzTRxsRxPveNgSUi0+ppObcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqtZrA
CyYuQnjbq+B3BPZQZ66DUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQCIliTMuoHm3UucHJPGosSuQ8zrW74XMWTTdJThlImy
pDG0/7mrmr1ywcY3HYI+8tNQ9/xkmyI+s/9CSNU+CnXaaNJiUuNh2NR1FdmL7ba1
UbjfRBFmCfgjNyvlXEWafETCNwI/1exPy2+73j0lJ2O7NNiMhxNO5JQsYXgeS02P
WzMbaNSos0Dd+TvRKPOeEpZM9zDTj5O7Yx2DTBewu0a/mEDC7UnB8Mny4DOMKyKZ
RwbPicji5fykUOic+Zs1pEDTIjzgjFSPd6gQpI9VUwjfh1wcBU12AncKgx1gbHR/
zwqinMi9i5Tb7PjB9WShEDGkGSl4Ejdn9ZRCcKieeTYK
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:06:53 2025 by rpki-client