Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: mVh6shNTW77bolnfMFeizjOU2zLbZVBZ5MaHlTKjKI8=
Subject key identifier: 20:10:F4:7A:30:8D:79:A4:A5:50:3F:16:6A:0C:04:7C:CA:88:73:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 790E1E493F447693CF35F96BBC07637FC338A77B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:0e:1e:49:3f:44:76:93:cf:35:f9:6b:bc:07:63:7f:c3:38:a7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=35ef3d8d530a9020d5c8119611532653625abe61112c76b0afc1f8d3dd76dc5a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e9:b8:df:5b:3b:ef:cb:e7:48:4d:a3:f8:22:
d6:d2:cf:1d:77:1e:d6:fa:35:8d:7b:7d:bb:c4:45:
b8:a5:1f:e6:bd:f4:89:cd:29:7b:00:ab:83:27:4b:
1d:59:7f:0f:da:40:4a:3e:a0:fb:37:22:e1:61:bb:
48:09:17:52:86:4c:ce:f4:f9:06:82:f8:89:ad:ea:
51:b6:92:f8:1e:2a:ab:7e:4a:ba:bc:01:4a:6a:f1:
b5:15:0c:3f:6f:d1:23:1b:b7:00:33:39:cd:d8:62:
d4:95:5f:c4:de:8d:a5:41:a9:84:5c:25:58:31:ae:
e1:ef:8b:38:93:7f:5e:f4:0d:00:a7:41:db:67:f5:
9d:f6:0e:6f:21:9f:25:40:ff:dc:4f:0e:56:80:e8:
07:9e:f0:8f:a7:15:7e:dd:4e:5f:24:7a:41:bf:6e:
a1:3c:d5:dc:ff:7c:bd:3e:44:4c:12:66:9c:dd:c7:
5c:3a:a2:94:ce:1e:0b:42:09:01:39:2c:68:20:b3:
29:c2:52:1b:b7:35:20:13:02:f2:f0:8c:3d:98:e0:
48:41:93:14:24:3f:6a:ab:a3:76:06:ff:3e:55:d2:
d7:be:b2:62:4b:bb:90:34:8c:f3:2c:c0:a6:73:87:
32:24:16:ce:ea:32:16:40:74:96:16:4a:a8:19:59:
84:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:10:F4:7A:30:8D:79:A4:A5:50:3F:16:6A:0C:04:7C:CA:88:73:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9a:c1:5d:89:6d:23:7a:05:0c:0c:59:6a:72:9f:00:63:48:00:
47:43:c3:e7:cd:b7:b8:af:e1:90:86:a1:10:35:9e:d6:20:df:
76:db:9c:86:37:a4:86:ea:a1:da:76:c3:5a:16:6f:04:76:2f:
ee:3d:74:1c:0b:a1:d8:63:ce:6a:64:a2:86:3e:46:20:a4:8c:
36:21:d1:d3:ce:9b:56:76:8c:63:da:a2:62:b8:20:b6:f1:a5:
af:a4:cd:fc:2d:bb:31:a9:ef:c8:c4:e8:c8:58:2a:3e:ce:86:
6b:43:94:95:80:69:5d:f1:b1:fd:f8:ef:44:a5:25:5c:7a:8c:
e7:1b:3d:61:25:12:1b:52:d7:84:ba:c1:2a:9e:a5:4c:c3:35:
fc:6b:e0:07:b3:f4:a4:06:0a:34:ba:16:38:99:1e:ee:20:d1:
64:8b:72:23:58:40:10:ea:14:a3:95:be:fd:74:32:af:a7:c9:
f0:de:4a:04:fe:ca:3f:53:d5:4a:76:36:bc:15:33:1e:36:19:
32:a5:63:d1:2a:a0:3d:4a:8f:7a:18:54:85:f8:d9:47:ce:f3:
de:ae:8a:5d:91:80:3c:30:82:32:2a:9c:c5:cb:e0:cd:ad:09:
43:f6:9e:fe:59:75:e6:42:2b:8e:9c:b2:a1:c8:b4:87:c6:be:
b6:af:af:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeQ4eST9EdpPPNflrvAdjf8M4p3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1ZWYzZDhkNTMwYTkwMjBkNWM4MTE5NjExNTMyNjUzNjI1YWJlNjExMTJj
NzZiMGFmYzFmOGQzZGQ3NmRjNWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzpuN9bO+/L50hNo/gi1tLPHXce1vo1jXt9u8RFuKUf5r30ic0pewCrgydL
HVl/D9pASj6g+zci4WG7SAkXUoZMzvT5BoL4ia3qUbaS+B4qq35KurwBSmrxtRUM
P2/RIxu3ADM5zdhi1JVfxN6NpUGphFwlWDGu4e+LOJN/XvQNAKdB22f1nfYObyGf
JUD/3E8OVoDoB57wj6cVft1OXyR6Qb9uoTzV3P98vT5ETBJmnN3HXDqilM4eC0IJ
ATksaCCzKcJSG7c1IBMC8vCMPZjgSEGTFCQ/aqujdgb/PlXS176yYku7kDSM8yzA
pnOHMiQWzuoyFkB0lhZKqBlZhNECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgEPR6
MI15pKVQPxZqDAR8yohzpjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCawV2JbSN6BQwMWWpynwBjSABHQ8Pnzbe4r+GQhqEQ
NZ7WIN9225yGN6SG6qHadsNaFm8Edi/uPXQcC6HYY85qZKKGPkYgpIw2IdHTzptW
doxj2qJiuCC28aWvpM38Lbsxqe/IxOjIWCo+zoZrQ5SVgGld8bH9+O9EpSVceozn
Gz1hJRIbUteEusEqnqVMwzX8a+AHs/SkBgo0uhY4mR7uINFki3IjWEAQ6hSjlb79
dDKvp8nw3koE/so/U9VKdja8FTMeNhkypWPRKqA9So96GFSF+NlHzvPeropdkYA8
MIIyKpzFy+DNrQlD9p7+WXXmQiuOnLKhyLSHxr62r6/9
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:44:16 2025 by rpki-client