Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json)
Hash identifier: VlmWv/nzHAJX5QtOpwjOdgqEZm6XmPdMpE0v2lMSlL4=
Subject key identifier: A2:BE:F0:08:E2:4B:9B:B0:63:F7:ED:D1:E4:22:8B:93:33:23:8D:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3BA9F55CC131E574AED2A330B65DE342D70FED0D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a9:f5:5c:c1:31:e5:74:ae:d2:a3:30:b6:5d:e3:42:d7:0f:ed:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f90913fc5708b546efbb535c2237daa67e0884ea5425f423b323dbb60614d29d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f5:6c:fe:cf:4d:fd:9c:bf:20:78:89:90:4c:
12:40:20:79:b7:fb:c0:bb:be:bd:66:5e:a3:97:13:
6b:05:2f:f5:10:9e:51:be:42:a1:2c:ce:c8:92:f3:
ac:4e:7d:15:cc:7e:5b:7c:ae:ad:05:b4:f7:66:3e:
f2:ce:92:7a:a2:17:b3:ce:6b:fd:07:52:c2:f4:7d:
e6:4f:15:d3:45:32:d4:c2:6a:d6:0b:be:c8:7c:8f:
5f:d9:be:d4:db:43:8e:cc:b6:56:6c:97:be:bb:dc:
ef:93:51:0c:39:91:8d:56:c1:74:49:41:96:a0:3a:
5f:7b:99:64:19:bf:af:18:7b:08:fc:8e:2a:6d:fa:
39:eb:a8:c8:6a:67:16:73:c8:2c:f2:e3:96:f0:80:
e8:ba:e0:6e:bc:25:3f:43:67:b9:69:f9:9f:50:05:
47:fa:59:49:43:a6:12:a8:c7:d8:3d:30:e3:bc:8f:
91:92:69:50:50:10:6b:aa:69:5e:c9:df:ee:83:eb:
f3:cc:02:31:7e:3f:8f:17:48:ba:24:6f:a4:4d:27:
34:cf:c9:ef:e4:ff:4a:51:5b:d4:0e:de:f3:c9:eb:
08:35:f1:59:7d:24:68:d1:df:1e:6f:8a:72:48:87:
1a:f4:b7:c7:a7:91:61:30:73:c2:47:4f:fb:7f:f8:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BE:F0:08:E2:4B:9B:B0:63:F7:ED:D1:E4:22:8B:93:33:23:8D:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:ce:92:a8:47:4e:b9:b6:78:00:23:58:52:14:20:f3:0b:45:
59:01:2a:63:53:f2:8b:0d:ec:dc:08:91:d5:03:2d:74:eb:7b:
ec:8c:9d:14:8c:e8:bf:60:4d:2b:72:17:69:ef:8e:09:93:4a:
c0:00:d4:1c:48:cf:a9:40:83:b0:4e:71:e8:22:44:e1:f8:92:
90:9b:5d:10:41:d9:f5:15:9d:20:27:61:c4:4e:50:4a:c9:79:
1f:81:7f:18:47:75:f0:d8:18:51:76:1e:af:60:ca:80:e5:1b:
dd:d8:aa:4d:f8:0d:df:c0:f0:61:2c:0a:f2:6b:75:94:3f:48:
b3:94:50:3e:39:af:96:1b:d3:ed:a4:48:2c:71:b4:29:46:d1:
90:56:88:e2:fe:ca:29:ec:08:2f:07:f6:6d:79:b0:ae:62:88:
ac:a8:fe:26:46:d3:39:81:40:7a:65:5b:84:bb:54:f3:da:f7:
a4:0b:f0:5e:1b:1c:0e:4e:88:6c:9d:aa:89:30:d8:8f:92:3c:
2b:da:f1:4f:ba:d3:59:22:20:f2:41:26:f3:01:b6:5d:45:f5:
34:91:0a:7c:a3:1a:48:96:4f:66:ce:94:16:21:59:35:e3:d1:
ec:1c:82:3a:65:db:19:00:f4:d2:cf:2c:87:1d:e0:5d:f3:8d:
48:bf:d9:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO6n1XMEx5XSu0qMwtl3jQtcP7Q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MDkxM2ZjNTcwOGI1NDZlZmJiNTM1YzIyMzdkYWE2N2UwODg0ZWE1NDI1
ZjQyM2IzMjNkYmI2MDYxNGQyOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALn1bP7PTf2cvyB4iZBMEkAgebf7wLu+vWZeo5cTawUv9RCeUb5CoSzOyJLz
rE59Fcx+W3yurQW092Y+8s6SeqIXs85r/QdSwvR95k8V00Uy1MJq1gu+yHyPX9m+
1NtDjsy2VmyXvrvc75NRDDmRjVbBdElBlqA6X3uZZBm/rxh7CPyOKm36OeuoyGpn
FnPILPLjlvCA6LrgbrwlP0NnuWn5n1AFR/pZSUOmEqjH2D0w47yPkZJpUFAQa6pp
Xsnf7oPr88wCMX4/jxdIuiRvpE0nNM/J7+T/SlFb1A7e88nrCDXxWX0kaNHfHm+K
ckiHGvS3x6eRYTBzwkdP+3/4oecCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSivvAI
4kubsGP37dHkIouTMyONnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQALzpKoR065tngAI1hSFCDzC0VZASpjU/KLDezcCJHV
Ay1063vsjJ0UjOi/YE0rchdp744Jk0rAANQcSM+pQIOwTnHoIkTh+JKQm10QQdn1
FZ0gJ2HETlBKyXkfgX8YR3Xw2BhRdh6vYMqA5Rvd2KpN+A3fwPBhLArya3WUP0iz
lFA+Oa+WG9PtpEgscbQpRtGQVoji/sop7AgvB/ZtebCuYoisqP4mRtM5gUB6ZVuE
u1Tz2vekC/BeGxwOTohsnaqJMNiPkjwr2vFPutNZIiDyQSbzAbZdRfU0kQp8oxpI
lk9mzpQWIVk149HsHII6ZdsZAPTSzyyHHeBd841Iv9md
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:07:58 2025 by rpki-client