Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
File: 42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa (raw, json)
Hash identifier: mKuldUdIyg6i5l80nslIMXLPMv8pWz6rxMshW3YLjVU=
Subject key identifier: BF:1D:CA:7D:7A:1F:63:D8:93:C4:60:B0:1E:FA:B4:89:59:D9:8B:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AE23263AC474BE85652410918E6B72FA8924A83
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:e2:32:63:ac:47:4b:e8:56:52:41:09:18:e6:b7:2f:a8:92:4a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=49d681555f1a29e23b6199c4b485332d61f2d0f53ae16c8e999d8774864aa17b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:59:5d:33:86:ec:eb:09:37:ba:f4:fa:ec:
c6:72:ac:55:e2:63:48:a7:be:24:60:b1:93:94:78:
1a:21:1e:31:84:0a:52:a0:61:0b:34:21:b9:74:a4:
14:9b:1b:74:b3:71:bc:60:31:06:db:b7:e3:58:96:
95:3f:ef:36:93:8c:5f:09:b3:30:c5:ce:83:81:87:
8a:a9:c5:3a:fd:c5:d6:dd:2b:d4:b4:92:03:5a:b5:
1e:da:48:e0:b7:61:bb:6d:f2:9e:e2:2d:03:6e:81:
08:2d:e2:6b:69:8a:6b:53:25:c8:3d:87:b8:cd:7e:
e2:bd:a6:54:29:e7:71:97:c7:a5:c9:f6:7c:22:56:
88:5b:3f:c7:fb:f8:2c:de:24:e5:35:7a:13:e8:1a:
88:60:b7:1c:a8:ea:89:1b:a7:4e:2c:28:8b:d4:a4:
ce:62:13:b6:b8:fc:b2:14:ea:4e:4b:17:66:3e:a9:
79:ba:58:4f:39:ce:8d:1a:bb:12:01:bf:51:ad:5a:
34:27:ea:f0:4b:fd:3d:8a:5c:99:c5:2c:90:29:d6:
76:5c:95:d1:f2:90:c9:40:0e:61:d2:55:e2:3f:77:
86:a1:2a:3b:e9:b7:ff:ea:cf:96:da:a3:da:29:46:
31:4e:e2:5a:72:66:6a:33:2e:65:46:fb:f3:fe:d3:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1D:CA:7D:7A:1F:63:D8:93:C4:60:B0:1E:FA:B4:89:59:D9:8B:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:65:01:3f:60:1b:e4:5d:93:34:05:88:8f:c9:b9:10:69:a0:
98:10:6f:c4:29:32:2a:fb:55:a8:46:16:dc:50:ee:86:cc:57:
be:d4:04:89:1d:59:78:c5:ab:05:6c:ff:61:98:12:10:5b:29:
e1:ce:f8:b2:f9:d0:df:ec:09:2d:31:5b:d8:db:36:b1:55:88:
8b:3d:1b:64:88:45:55:1c:a6:1d:86:69:d7:98:3a:1e:d8:b0:
cd:65:c8:27:5f:4d:bf:87:a1:6a:63:5e:e7:fd:c3:56:f1:27:
46:97:d5:ff:9f:8d:8d:c7:5b:6a:1d:7f:f2:7b:09:88:d8:85:
7f:97:0e:fe:2f:a9:9e:2e:ab:9a:f3:d2:32:85:de:12:5c:b5:
46:3a:c1:05:e3:99:02:44:0d:93:99:62:db:f4:97:6b:2e:39:
94:d4:cc:6c:90:27:b2:27:a0:0c:34:9b:17:ca:c4:f1:a0:f4:
80:e4:19:b9:3b:f4:ed:b8:ee:66:bb:84:81:9c:cd:bb:f3:c8:
54:09:ee:b1:20:28:b5:d7:e9:f5:5e:7b:42:3b:3a:a2:13:3e:
94:63:b7:50:18:7d:87:18:5e:43:09:d7:27:1f:d1:bd:ad:7c:
34:fd:19:7b:20:90:9e:c3:64:dc:94:53:bd:3b:8c:3a:b5:9f:
bd:26:23:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGuIyY6xHS+hWUkEJGOa3L6iSSoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZDY4MTU1NWYxYTI5ZTIzYjYxOTljNGI0ODUzMzJkNjFmMmQwZjUzYWUx
NmM4ZTk5OWQ4Nzc0ODY0YWExN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8PWV0zhuzrCTe69PrsxnKsVeJjSKe+JGCxk5R4GiEeMYQKUqBhCzQhuXSk
FJsbdLNxvGAxBtu341iWlT/vNpOMXwmzMMXOg4GHiqnFOv3F1t0r1LSSA1q1HtpI
4Ldhu23ynuItA26BCC3ia2mKa1MlyD2HuM1+4r2mVCnncZfHpcn2fCJWiFs/x/v4
LN4k5TV6E+gaiGC3HKjqiRunTiwoi9SkzmITtrj8shTqTksXZj6pebpYTznOjRq7
EgG/Ua1aNCfq8Ev9PYpcmcUskCnWdlyV0fKQyUAOYdJV4j93hqEqO+m3/+rPltqj
2ilGMU7iWnJmajMuZUb78/7TTHECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/Hcp9
eh9j2JPEYLAe+rSJWdmLTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJmNDdjODUtZTlmZS00MGY5LWFlMWMtNTdlYTFiODA1NDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQAOZQE/YBvkXZM0BYiPybkQaaCYEG/EKTIq+1WoRhbc
UO6GzFe+1ASJHVl4xasFbP9hmBIQWynhzviy+dDf7AktMVvY2zaxVYiLPRtkiEVV
HKYdhmnXmDoe2LDNZcgnX02/h6FqY17n/cNW8SdGl9X/n42Nx1tqHX/yewmI2IV/
lw7+L6meLqua89Iyhd4SXLVGOsEF45kCRA2TmWLb9JdrLjmU1MxskCeyJ6AMNJsX
ysTxoPSA5Bm5O/TtuO5mu4SBnM2788hUCe6xICi11+n1XntCOzqiEz6UY7dQGH2H
GF5DCdcnH9G9rXw0/Rl7IJCew2TclFO9O4w6tZ+9JiM1
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:30 2025 by rpki-client