Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: qfJrVyKhvXddE+gaPgN6TafrpUwtpPimiidEhbLmXyE=
Subject key identifier: 3D:41:AA:55:C7:7B:58:E1:B5:35:4F:ED:01:D1:B5:0F:D6:33:2E:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 072304F8848C92C429BDB7FB08F91C7D51B1B695
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:23:04:f8:84:8c:92:c4:29:bd:b7:fb:08:f9:1c:7d:51:b1:b6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=e2972609c9fe035497c10881d331f9506c91fe662c9e7c51bbd8390f1fb7fad8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:5a:65:9d:7a:34:9c:9c:12:c2:8e:43:48:
82:fa:e4:43:68:37:85:8d:f9:96:7f:a8:31:36:5c:
c5:08:45:18:e7:36:52:a6:1b:5a:3f:bb:f1:d8:a6:
aa:b1:90:4e:b9:6f:4a:72:83:9f:9c:28:77:5d:cd:
f8:be:98:0f:09:fe:91:d5:13:60:41:fc:10:e3:df:
08:c8:6d:3c:eb:e2:d0:ba:08:25:9b:18:a2:6d:27:
d8:8a:96:86:de:0b:0d:38:07:27:ee:d5:38:85:c8:
2d:45:63:e7:71:3b:bb:0c:15:7c:aa:de:ee:53:9b:
e1:aa:d5:21:31:3d:1a:00:32:18:ee:67:72:8f:cc:
c0:27:e1:27:4a:16:aa:62:8c:85:e6:2c:49:61:79:
b1:67:43:df:87:71:c7:53:1c:12:a2:ce:57:6c:bd:
58:5f:d1:09:98:d3:62:98:a9:ce:ae:34:f8:06:1c:
9c:bd:c8:f9:f8:e3:e5:bf:20:35:b4:a5:2c:64:d7:
48:2a:57:a4:9b:bf:e7:b3:94:0c:8a:1b:1d:57:dc:
ca:41:e1:fb:69:be:bb:cc:24:7a:cb:78:b4:f5:0f:
a1:37:93:81:b1:d5:2d:24:6d:d5:79:24:63:f2:1a:
06:c9:6a:7b:20:e9:2d:97:c5:47:90:b9:20:8c:b1:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:41:AA:55:C7:7B:58:E1:B5:35:4F:ED:01:D1:B5:0F:D6:33:2E:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:f9:7b:77:9a:3e:54:53:2a:09:1a:0a:02:d8:9f:87:16:af:
72:05:7a:e9:53:9a:f2:96:2b:68:77:c8:96:25:35:41:6c:f5:
c7:b5:0c:83:50:c2:05:62:bf:3d:3c:c1:c0:d8:9d:bf:ed:4d:
92:a4:23:e9:92:e7:f1:2b:b0:8d:e4:29:9a:da:74:a7:ba:e2:
51:31:b1:34:9d:74:00:34:3b:7c:ad:1e:43:29:12:b1:64:fe:
6b:64:47:8f:57:01:d9:08:a6:30:42:72:03:04:9d:ef:50:16:
40:81:34:6c:44:c0:11:36:9b:60:87:f4:94:12:15:73:7f:fc:
63:fc:43:6c:fc:ea:d1:8d:c8:8f:f4:22:ba:84:c6:83:dd:67:
97:37:d2:63:43:fe:df:33:30:ba:1a:f0:17:3b:6b:28:07:c9:
4d:68:8d:f5:a4:b8:1e:93:1f:2f:21:ee:c7:24:55:ba:49:63:
10:e2:dc:e6:a1:2c:98:c6:00:59:f0:28:15:c8:72:08:84:c9:
03:71:51:9e:c9:48:1d:b3:d3:7c:3a:19:63:5d:bc:d0:66:47:
2d:f9:86:f0:75:91:50:04:04:4d:2b:14:be:8c:ed:16:1f:fc:
a0:7c:25:73:ad:c7:b1:4f:17:33:8e:63:9c:53:1f:f2:d7:76:
f8:66:3f:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUByME+ISMksQpvbf7CPkcfVGxtpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyOTcyNjA5YzlmZTAzNTQ5N2MxMDg4MWQzMzFmOTUwNmM5MWZlNjYyYzll
N2M1MWJiZDgzOTBmMWZiN2ZhZDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeHWmWdejScnBLCjkNIgvrkQ2g3hY35ln+oMTZcxQhFGOc2UqYbWj+78dim
qrGQTrlvSnKDn5wod13N+L6YDwn+kdUTYEH8EOPfCMhtPOvi0LoIJZsYom0n2IqW
ht4LDTgHJ+7VOIXILUVj53E7uwwVfKre7lOb4arVITE9GgAyGO5nco/MwCfhJ0oW
qmKMheYsSWF5sWdD34dxx1McEqLOV2y9WF/RCZjTYpipzq40+AYcnL3I+fjj5b8g
NbSlLGTXSCpXpJu/57OUDIobHVfcykHh+2m+u8wkest4tPUPoTeTgbHVLSRt1Xkk
Y/IaBslqeyDpLZfFR5C5IIyxl+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9QapV
x3tY4bU1T+0B0bUP1jMusDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQA7+Xt3mj5UUyoJGgoC2J+HFq9yBXrpU5rylitod8iW
JTVBbPXHtQyDUMIFYr89PMHA2J2/7U2SpCPpkufxK7CN5Cma2nSnuuJRMbE0nXQA
NDt8rR5DKRKxZP5rZEePVwHZCKYwQnIDBJ3vUBZAgTRsRMARNptgh/SUEhVzf/xj
/ENs/OrRjciP9CK6hMaD3WeXN9JjQ/7fMzC6GvAXO2soB8lNaI31pLgekx8vIe7H
JFW6SWMQ4tzmoSyYxgBZ8CgVyHIIhMkDcVGeyUgds9N8OhljXbzQZkct+YbwdZFQ
BARNKxS+jO0WH/ygfCVzrcexTxczjmOcUx/y13b4Zj98
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:31 2025 by rpki-client