Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: ot/YaaU/T+HyKL6jXLUGE0c+fz/N6o9P28ASr91BGlU=
Subject key identifier: A8:EA:D7:41:21:70:B2:D0:EC:06:05:92:1E:66:E3:FC:38:B5:87:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D5536C56ECE04615C1A9E93ECE1BE8BB6AE3899
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:55:36:c5:6e:ce:04:61:5c:1a:9e:93:ec:e1:be:8b:b6:ae:38:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=ba02039dac13de0675adcca299bbc8105d74e286832ed883aa4f27e0e631ca06, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3c:03:9c:14:43:9c:a5:2c:68:1d:7c:2e:6a:
f9:b3:c4:9f:04:53:91:6c:36:f3:44:4a:d9:96:a5:
71:88:e3:16:9c:b0:b2:29:c3:ce:41:1c:46:bc:31:
8c:61:c4:90:5c:c9:14:93:49:81:79:00:b5:78:61:
0e:9b:ea:cc:b7:16:f8:f8:ec:27:bc:ce:9f:42:eb:
61:12:79:16:bc:a3:ae:fd:6e:19:4b:b9:f7:ec:78:
ca:54:9f:ce:3a:d9:85:3e:86:38:94:af:bf:d9:58:
6a:91:fa:c5:6b:a7:78:6f:bf:68:74:67:b4:a0:6f:
53:5b:b3:74:4f:ca:84:9b:cc:c3:eb:3a:f4:61:b3:
34:cc:82:0b:81:a0:1f:94:a9:19:e7:eb:17:31:d0:
08:cc:d9:6b:60:6d:05:4e:af:fa:da:6d:e1:ad:f6:
0d:2a:e0:b3:fd:6b:7c:2b:1f:2c:ff:98:7f:8e:f2:
cf:c2:7a:d1:df:00:d2:28:d0:ef:8b:71:38:e4:f7:
80:31:bd:04:4f:36:46:59:8b:0e:b1:40:ea:d3:96:
de:14:b3:df:65:bb:49:bf:9b:b2:ad:d6:c1:4c:7c:
81:26:66:9e:18:f1:de:60:93:c2:54:56:dd:66:2e:
07:94:5c:3e:7b:63:99:fe:02:37:48:c6:93:fb:f5:
1c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EA:D7:41:21:70:B2:D0:EC:06:05:92:1E:66:E3:FC:38:B5:87:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:e7:a5:c0:34:17:3b:3d:7d:1f:4f:b1:a7:2a:f5:3b:a8:68:
47:43:fb:c6:9e:72:e3:0d:01:72:54:1e:0e:f3:8c:52:87:70:
9b:83:36:19:14:1e:c8:e5:db:08:85:6f:78:d3:1a:cd:46:a6:
aa:d1:7e:b0:5d:91:48:21:b3:10:c4:7c:1a:34:2b:44:42:46:
7a:33:75:8b:9f:f7:f9:4d:fd:5a:6b:c1:59:a3:37:e9:90:ba:
68:36:74:f6:9f:3c:aa:20:45:7d:a5:0b:0a:ff:29:52:45:cf:
95:52:31:e8:54:43:c0:62:15:60:71:21:5e:b0:49:e0:b7:55:
46:bb:9b:2a:2a:d0:ec:f6:d9:94:c7:2a:2e:95:69:10:1c:a7:
78:a9:b4:17:ab:b8:e8:57:31:77:cc:d8:1a:c4:80:80:0d:a6:
8c:99:a0:6a:dd:62:bd:6e:b0:2f:3b:aa:c9:a2:c9:85:58:4c:
7a:8e:32:5b:1a:c0:c2:11:65:64:3c:b0:eb:2f:5e:20:6c:2d:
4b:2f:0f:67:97:39:13:ec:91:4a:1d:8e:1b:0c:df:36:68:cf:
f9:ad:2d:50:37:7a:73:94:9c:0a:5f:e4:cc:a5:25:6d:68:8d:
38:2d:d9:6e:4d:f6:df:97:ec:ec:83:a8:c6:87:fd:4c:15:98:
13:66:1f:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTVU2xW7OBGFcGp6T7OG+i7auOJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhMDIwMzlkYWMxM2RlMDY3NWFkY2NhMjk5YmJjODEwNWQ3NGUyODY4MzJl
ZDg4M2FhNGYyN2UwZTYzMWNhMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY8A5wUQ5ylLGgdfC5q+bPEnwRTkWw280RK2ZalcYjjFpywsinDzkEcRrwx
jGHEkFzJFJNJgXkAtXhhDpvqzLcW+PjsJ7zOn0LrYRJ5Fryjrv1uGUu59+x4ylSf
zjrZhT6GOJSvv9lYapH6xWuneG+/aHRntKBvU1uzdE/KhJvMw+s69GGzNMyCC4Gg
H5SpGefrFzHQCMzZa2BtBU6v+tpt4a32DSrgs/1rfCsfLP+Yf47yz8J60d8A0ijQ
74txOOT3gDG9BE82RlmLDrFA6tOW3hSz32W7Sb+bsq3WwUx8gSZmnhjx3mCTwlRW
3WYuB5RcPntjmf4CN0jGk/v1HA0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSo6tdB
IXCy0OwGBZIeZuP8OLWHuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQDD56XANBc7PX0fT7GnKvU7qGhHQ/vGnnLjDQFyVB4O
84xSh3CbgzYZFB7I5dsIhW940xrNRqaq0X6wXZFIIbMQxHwaNCtEQkZ6M3WLn/f5
Tf1aa8FZozfpkLpoNnT2nzyqIEV9pQsK/ylSRc+VUjHoVEPAYhVgcSFesEngt1VG
u5sqKtDs9tmUxyoulWkQHKd4qbQXq7joVzF3zNgaxICADaaMmaBq3WK9brAvO6rJ
osmFWEx6jjJbGsDCEWVkPLDrL14gbC1LLw9nlzkT7JFKHY4bDN82aM/5rS1QN3pz
lJwKX+TMpSVtaI04LdluTfbfl+zsg6jGh/1MFZgTZh/K
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:09:51 2025 by rpki-client