Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: 7aBkJFiIqyk1vWnMnzZHDfLKW9CT4SxdqxRwk2acFQk=
Subject key identifier: 97:77:86:75:08:77:89:A0:08:EA:F3:4D:73:02:69:C7:B4:E7:50:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11B06301125EB196F19173D4C658AB992E905B15
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:b0:63:01:12:5e:b1:96:f1:91:73:d4:c6:58:ab:99:2e:90:5b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=ef961dc81e5b3fdc719102fec9692992a0b91767c4784b14c362cd653223249a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cd:c6:b8:70:d0:d2:ae:15:3c:af:bc:a0:9d:
33:4c:79:30:a9:8c:91:d5:72:97:ea:92:97:4b:c1:
5e:aa:4e:34:18:f0:8b:94:c1:98:63:4d:96:ac:08:
7a:e3:ef:0a:8d:7b:d6:f5:76:97:9e:4e:3c:c2:10:
99:4b:b2:b4:6c:c5:c2:1b:ed:ad:a8:2a:f2:5a:39:
91:d4:c6:3e:3c:cc:a2:6d:22:ca:9b:20:32:1a:8f:
9b:cf:3c:a1:20:13:79:ec:da:bf:5d:7d:7c:3c:60:
3c:50:fd:92:33:57:c8:3c:cb:42:7c:e9:6f:cf:b2:
6f:d2:44:8a:68:08:06:c9:1d:7f:9b:9f:1c:60:ca:
82:88:5f:e3:17:1b:cd:80:bd:2a:6d:81:02:4f:55:
fe:0c:14:15:80:71:18:99:f6:dd:fa:4f:91:4b:07:
6c:85:a6:d8:a0:82:4d:be:04:e4:8b:f1:9d:69:ab:
66:5c:e6:e0:0e:81:78:d9:63:d8:2b:88:5c:0f:40:
17:8c:1c:27:23:6b:04:ba:04:16:dc:d1:92:24:0e:
0d:f5:63:ab:11:f5:8c:71:e0:6f:31:21:20:3e:19:
6e:55:8d:e3:be:ad:93:42:60:77:5f:81:a1:f9:52:
f4:25:93:20:75:cb:9f:73:79:91:7d:4c:96:0e:f7:
75:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:77:86:75:08:77:89:A0:08:EA:F3:4D:73:02:69:C7:B4:E7:50:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:76:b6:5a:84:b3:24:e2:fc:b5:dc:1b:fb:25:71:5b:be:18:
c3:72:81:56:ef:aa:29:6d:d7:16:26:a9:fe:d4:0c:1e:71:b9:
3b:37:bc:c9:42:af:9e:fa:92:51:78:bf:65:a3:2a:28:d5:e2:
21:8c:b2:15:f4:b1:9b:87:64:da:55:a3:e2:6e:69:e4:5e:5e:
fe:fb:3c:8a:35:4e:cb:9d:16:14:f8:09:5a:cb:10:86:e0:c6:
a0:92:48:ff:b2:ae:8e:17:67:9a:99:32:e7:7d:f9:29:20:57:
7b:de:cd:0f:56:ed:5d:b5:a2:0c:63:cf:40:9e:31:13:5f:6c:
41:77:6e:e3:55:34:83:b7:3a:a8:f9:b1:eb:de:14:ed:29:af:
a4:77:f7:88:d8:93:53:e1:87:37:52:f7:3a:30:35:4c:a7:0a:
34:8e:7a:93:fa:99:04:2a:af:40:2f:a8:bd:5b:1f:96:0d:2d:
6b:61:bb:95:f7:49:bc:d1:e3:d6:ac:12:51:31:11:c9:d5:25:
95:ae:db:6e:3b:32:26:58:56:fe:39:a6:f9:a8:be:e2:9a:0a:
ea:12:9f:39:0d:ab:25:94:a1:e9:5b:5b:09:ee:6f:e1:6c:2d:
92:2c:80:5c:1b:b8:ea:60:a4:24:0d:6b:b9:9c:e5:8b:a5:23:
4b:77:ec:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEbBjARJesZbxkXPUxlirmS6QWxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmOTYxZGM4MWU1YjNmZGM3MTkxMDJmZWM5NjkyOTkyYTBiOTE3NjdjNDc4
NGIxNGMzNjJjZDY1MzIyMzI0OWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/Nxrhw0NKuFTyvvKCdM0x5MKmMkdVyl+qSl0vBXqpONBjwi5TBmGNNlqwI
euPvCo171vV2l55OPMIQmUuytGzFwhvtragq8lo5kdTGPjzMom0iypsgMhqPm888
oSATeezav119fDxgPFD9kjNXyDzLQnzpb8+yb9JEimgIBskdf5ufHGDKgohf4xcb
zYC9Km2BAk9V/gwUFYBxGJn23fpPkUsHbIWm2KCCTb4E5IvxnWmrZlzm4A6BeNlj
2CuIXA9AF4wcJyNrBLoEFtzRkiQODfVjqxH1jHHgbzEhID4ZblWN476tk0Jgd1+B
oflS9CWTIHXLn3N5kX1Mlg73dQcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXd4Z1
CHeJoAjq801zAmnHtOdQaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQAzdrZahLMk4vy13Bv7JXFbvhjDcoFW76opbdcWJqn+
1Awecbk7N7zJQq+e+pJReL9loyoo1eIhjLIV9LGbh2TaVaPibmnkXl7++zyKNU7L
nRYU+AlayxCG4Magkkj/sq6OF2eamTLnffkpIFd73s0PVu1dtaIMY89AnjETX2xB
d27jVTSDtzqo+bHr3hTtKa+kd/eI2JNT4Yc3Uvc6MDVMpwo0jnqT+pkEKq9AL6i9
Wx+WDS1rYbuV90m80ePWrBJRMRHJ1SWVrttuOzImWFb+Oab5qL7imgrqEp85Dasl
lKHpW1sJ7m/hbC2SLIBcG7jqYKQkDWu5nOWLpSNLd+yp
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:02:05 2025 by rpki-client