Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: MJdTy/ze0dQ1n46CRR547E76QeKFXiiShDtrjoJtKkQ=
Subject key identifier: B5:04:55:5D:60:9C:2E:26:00:BD:92:B7:78:52:47:58:00:D3:E5:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 176DA0C98EA7CB2DF36759D5100295D606353EC6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:6d:a0:c9:8e:a7:cb:2d:f3:67:59:d5:10:02:95:d6:06:35:3e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=8bd42390b89d6caf9ebb33109c085b86176bd5bb85adfc41cca9f7b84f2694e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d8:bc:5b:c1:95:13:a8:d1:09:f8:b4:70:a5:
bd:18:74:4b:0a:61:b8:e1:bf:37:2b:ec:9b:a7:c5:
a9:a3:b7:ce:32:95:41:be:02:88:89:39:95:21:09:
1b:6f:e3:5d:ad:67:0e:77:70:a8:45:b4:6e:59:db:
4e:15:f9:25:9a:b2:31:aa:82:20:b2:d9:d6:2a:44:
28:07:7a:be:0b:2a:f6:0a:ac:d0:bb:90:ce:62:0f:
8b:23:32:e9:b5:fa:76:62:78:81:d7:a4:1e:85:66:
98:ab:07:f2:0e:e3:2c:34:ce:5b:06:8f:65:27:88:
22:e5:d2:1b:40:c6:7a:9a:37:2e:05:64:1f:dc:91:
3a:9f:5b:90:4f:fd:d7:2f:44:7e:b5:ba:35:b8:e5:
27:9f:ec:77:9a:26:bb:2d:5b:9f:43:21:f8:9e:24:
ed:40:a2:11:a1:ae:42:de:da:96:ac:59:3d:cf:75:
74:ed:21:38:92:7e:7d:58:9a:25:6b:f5:5f:92:7d:
f4:bd:e8:fd:9f:90:39:2e:a2:07:2f:c9:7a:2f:54:
67:84:27:3f:c9:8f:da:4e:cd:8d:c4:71:82:26:cd:
17:63:ba:67:78:b8:93:44:a6:5d:33:c7:35:49:5c:
e3:22:02:f5:ff:0e:fe:ef:14:1c:50:9f:cf:c5:14:
88:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:04:55:5D:60:9C:2E:26:00:BD:92:B7:78:52:47:58:00:D3:E5:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:59:d7:ce:0a:7a:c7:8f:88:f9:f7:99:f6:29:18:66:db:15:
01:31:ab:e8:66:06:31:28:45:6b:fc:fd:27:e7:46:f9:ea:34:
0c:26:47:4b:9a:5c:05:4b:cd:19:20:d1:85:87:fa:5e:1c:53:
0e:a6:79:9e:6d:fb:a2:40:48:7d:21:27:62:ac:5a:f6:0c:fa:
30:10:a1:b8:ea:59:1e:fa:6c:68:8f:f1:80:57:80:38:2d:92:
66:8e:b0:a9:38:55:8a:11:22:bb:0b:d7:c4:27:80:58:9b:a7:
3a:ee:54:1c:ed:53:79:66:90:b9:82:48:99:cf:a4:5a:a4:3f:
74:ec:6e:73:5e:3e:ae:1c:41:34:82:c0:56:c5:98:2d:12:2e:
aa:03:af:3b:93:9b:0c:46:b4:db:d4:97:c4:a0:83:fa:2d:e9:
cb:63:56:b7:84:37:21:bf:6c:e3:a3:f4:51:7a:07:3a:81:cb:
2e:a8:10:6a:bb:cb:96:75:2c:7a:17:c6:38:c0:01:4d:47:46:
07:cd:7c:be:53:76:76:e8:b9:c6:64:e4:31:e1:0c:4c:ed:40:
d9:a4:bf:82:46:1f:17:38:26:0c:45:c9:19:6b:f8:87:d0:e1:
09:52:a8:07:a3:4b:d4:31:15:c4:8d:64:70:22:bd:9d:57:86:
35:23:0c:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF22gyY6nyy3zZ1nVEAKV1gY1PsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZDQyMzkwYjg5ZDZjYWY5ZWJiMzMxMDljMDg1Yjg2MTc2YmQ1YmI4NWFk
ZmM0MWNjYTlmN2I4NGYyNjk0ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7YvFvBlROo0Qn4tHClvRh0SwphuOG/Nyvsm6fFqaO3zjKVQb4CiIk5lSEJ
G2/jXa1nDndwqEW0blnbThX5JZqyMaqCILLZ1ipEKAd6vgsq9gqs0LuQzmIPiyMy
6bX6dmJ4gdekHoVmmKsH8g7jLDTOWwaPZSeIIuXSG0DGepo3LgVkH9yROp9bkE/9
1y9EfrW6NbjlJ5/sd5omuy1bn0Mh+J4k7UCiEaGuQt7alqxZPc91dO0hOJJ+fVia
JWv1X5J99L3o/Z+QOS6iBy/Jei9UZ4QnP8mP2k7NjcRxgibNF2O6Z3i4k0SmXTPH
NUlc4yIC9f8O/u8UHFCfz8UUiHMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1BFVd
YJwuJgC9krd4UkdYANPl1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQAoWdfOCnrHj4j595n2KRhm2xUBMavoZgYxKEVr/P0n
50b56jQMJkdLmlwFS80ZINGFh/peHFMOpnmebfuiQEh9ISdirFr2DPowEKG46lke
+mxoj/GAV4A4LZJmjrCpOFWKESK7C9fEJ4BYm6c67lQc7VN5ZpC5gkiZz6RapD90
7G5zXj6uHEE0gsBWxZgtEi6qA687k5sMRrTb1JfEoIP6LenLY1a3hDchv2zjo/RR
egc6gcsuqBBqu8uWdSx6F8Y4wAFNR0YHzXy+U3Z26LnGZOQx4QxM7UDZpL+CRh8X
OCYMRckZa/iH0OEJUqgHo0vUMRXEjWRwIr2dV4Y1IwyG
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:57 2025 by rpki-client