Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: ZzjwpY4BGj5I/BaGruSD/HXm59pH63XftQbMjB/c2XE=
Subject key identifier: 0B:F9:DD:22:EA:7E:BC:2A:8A:7F:1F:16:9A:C1:8F:C5:94:6A:70:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77EE18FB118D70FB2BC002431398FB5DB23807EE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:ee:18:fb:11:8d:70:fb:2b:c0:02:43:13:98:fb:5d:b2:38:07:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f4c9f0c1000a11f4c50041a555affd3ef1dac499b2e0f5faad96bc3c45717444, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4a:75:a3:40:33:3b:d9:62:60:c4:22:1e:22:
ef:d4:c0:de:f0:a3:33:da:c0:f6:75:76:b0:27:57:
ef:10:fa:fd:b5:c2:9b:d8:07:c1:8d:f6:78:ca:c8:
54:ae:9f:73:83:87:ae:d9:46:ef:26:be:37:a7:b0:
9f:9e:68:b4:c8:b4:44:ec:14:21:f5:99:a0:a5:cc:
a4:8b:3e:a5:f7:ff:7c:c3:4d:7e:16:f6:10:15:5a:
cb:d2:dc:7a:6d:44:f5:2b:48:2a:66:2b:b5:29:41:
9d:06:38:f7:c6:74:2f:e8:11:05:8c:0e:c4:07:f5:
99:05:0e:8f:73:b6:ec:21:ae:b4:11:7e:91:56:f3:
0c:e7:de:ce:41:04:61:47:c1:26:3f:a3:a7:26:45:
e9:15:02:82:c9:5d:28:e7:ae:b5:a6:ef:98:05:9a:
83:90:b9:32:85:23:c0:51:ef:5b:b7:ff:5a:68:ff:
46:60:eb:ea:d4:7c:21:ae:c2:4c:5d:73:01:47:de:
2a:7f:db:82:02:9b:08:95:89:5e:83:15:69:0d:21:
fd:f2:97:da:a5:1b:d2:ba:68:d9:98:4f:56:2c:f2:
ac:e4:a2:0a:e9:71:3d:01:52:c1:e6:be:bc:4b:ed:
8c:86:c8:c4:1a:d6:77:4d:16:cb:30:a2:5a:fe:68:
1d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F9:DD:22:EA:7E:BC:2A:8A:7F:1F:16:9A:C1:8F:C5:94:6A:70:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4a:a3:2a:bb:fb:3a:b5:d4:d0:74:91:ac:0b:4b:91:1e:cd:36:
26:e8:67:ff:e0:d3:db:9e:b7:a7:92:2f:a3:d4:a2:32:4d:3c:
f8:ab:5f:75:17:db:40:40:86:6c:d9:6b:1b:15:50:50:18:8c:
8c:e5:d1:7c:48:fb:cf:fe:88:28:f7:ac:26:47:52:09:9f:89:
44:78:8d:f9:72:53:07:d0:6b:82:33:54:09:a5:2d:ac:80:a9:
95:fd:98:69:47:a6:a3:db:94:ea:6e:bd:1c:bf:10:73:70:28:
ea:04:44:7f:7d:72:00:fd:00:d4:2d:27:a1:69:58:b3:1b:62:
ee:6e:ab:dd:77:04:df:4d:55:36:b1:fe:f3:5e:90:58:19:52:
43:ad:c4:63:f8:96:be:38:0d:87:bf:36:b7:6b:76:84:8c:e8:
13:4d:7d:f2:f8:bf:d6:41:c3:20:28:63:ca:f4:c7:8e:a2:99:
7b:bc:ad:5a:64:94:b3:63:62:ec:1b:ca:56:e9:22:c9:0f:3d:
2b:13:8c:0b:ac:c1:a6:c9:cb:7a:89:8f:76:69:7c:38:87:64:
d9:c6:70:d5:53:87:db:ee:48:77:dd:3f:c2:d4:c0:ca:27:19:
c0:b6:31:da:9f:ec:32:b0:e2:0a:14:ac:3b:8f:12:b2:aa:51:
4e:a1:a9:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd+4Y+xGNcPsrwAJDE5j7XbI4B+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YzlmMGMxMDAwYTExZjRjNTAwNDFhNTU1YWZmZDNlZjFkYWM0OTliMmUw
ZjVmYWFkOTZiYzNjNDU3MTc0NDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdKdaNAMzvZYmDEIh4i79TA3vCjM9rA9nV2sCdX7xD6/bXCm9gHwY32eMrI
VK6fc4OHrtlG7ya+N6ewn55otMi0ROwUIfWZoKXMpIs+pff/fMNNfhb2EBVay9Lc
em1E9StIKmYrtSlBnQY498Z0L+gRBYwOxAf1mQUOj3O27CGutBF+kVbzDOfezkEE
YUfBJj+jpyZF6RUCgsldKOeutabvmAWag5C5MoUjwFHvW7f/Wmj/RmDr6tR8Ia7C
TF1zAUfeKn/bggKbCJWJXoMVaQ0h/fKX2qUb0rpo2ZhPVizyrOSiCulxPQFSwea+
vEvtjIbIxBrWd00WyzCiWv5oHTUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQL+d0i
6n68Kop/HxaawY/FlGpwGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQBKoyq7+zq11NB0kawLS5EezTYm6Gf/4NPbnrenki+j
1KIyTTz4q191F9tAQIZs2WsbFVBQGIyM5dF8SPvP/ogo96wmR1IJn4lEeI35clMH
0GuCM1QJpS2sgKmV/ZhpR6aj25Tqbr0cvxBzcCjqBER/fXIA/QDULSehaVizG2Lu
bqvddwTfTVU2sf7zXpBYGVJDrcRj+Ja+OA2Hvza3a3aEjOgTTX3y+L/WQcMgKGPK
9MeOopl7vK1aZJSzY2LsG8pW6SLJDz0rE4wLrMGmyct6iY92aXw4h2TZxnDVU4fb
7kh33T/C1MDKJxnAtjHan+wysOIKFKw7jxKyqlFOoamY
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:48 2025 by rpki-client