Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: s7nfzwd+Ih0W3wDaWRXy1eoKVeZgxyeh8OLhab1RO6Q=
Subject key identifier: 27:C7:EE:D9:68:39:9A:40:9C:3A:DD:38:11:86:04:CC:50:D5:52:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F887CA517FAD12436D4A4ABA8D82ECC85CA9ADB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:88:7c:a5:17:fa:d1:24:36:d4:a4:ab:a8:d8:2e:cc:85:ca:9a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=cf92b12cc4d12d1d7bcb03061513451c157eae0f3368583c042c31bc0ae5503c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:56:a6:ad:77:50:f2:94:ea:41:b0:08:82:32:
72:b5:0e:79:49:aa:af:46:04:32:d0:b9:0b:3b:c6:
78:18:de:64:77:50:73:9a:72:3c:3a:1d:52:87:1b:
5d:b8:20:6b:fb:51:b2:43:fa:a7:de:6d:03:bd:2e:
0e:0f:99:04:17:8c:76:df:fa:30:dd:d6:54:d3:48:
50:5e:bb:7c:b1:89:f4:33:72:2e:b3:06:fa:40:b5:
51:73:78:f6:ee:7e:9e:d2:6d:6d:f0:0d:7a:33:df:
7a:11:c5:3b:36:f6:d9:10:f1:bc:6b:5a:7e:d6:f8:
e1:fa:e7:ba:5b:1e:45:98:e5:dd:a2:d0:d8:ec:ee:
08:25:5e:59:10:ec:92:0a:ee:7b:83:2e:c3:98:b5:
b1:bb:c3:34:4e:c2:c4:34:4c:c4:11:af:a6:54:dd:
da:4b:ec:f1:1a:f1:97:d8:fc:aa:2e:5c:9c:af:7e:
d6:6b:f1:a3:39:d2:07:47:d9:6d:8f:e9:c6:c5:2f:
77:80:2d:c5:3b:01:00:d1:50:29:e3:3a:a7:55:82:
d1:99:cd:1f:d6:ba:c9:e1:c3:e6:8f:ea:a5:b6:70:
41:92:14:15:e5:10:59:40:df:51:88:74:55:7a:06:
e7:d6:1a:54:4e:2c:8a:ca:65:9a:d0:8f:3f:7a:72:
de:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C7:EE:D9:68:39:9A:40:9C:3A:DD:38:11:86:04:CC:50:D5:52:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a4:1b:e4:c5:2a:b5:fa:87:e5:17:a0:b1:93:8e:6e:01:4b:1d:
c6:3c:6a:c8:10:67:ad:db:3e:30:31:33:c2:83:4e:b5:00:48:
67:6c:99:b5:8f:17:45:ee:67:45:e4:b3:48:34:d3:4e:57:db:
01:9d:8a:e6:78:75:b3:8e:27:88:32:70:ce:d3:d1:75:28:89:
62:e4:16:fc:00:84:83:f2:6e:83:0b:c3:64:74:ff:98:e7:12:
aa:ff:78:9e:89:0d:7d:bf:10:3a:a3:23:45:52:8c:d3:7c:29:
9a:2b:1a:6e:68:23:1a:01:20:00:e5:26:09:e0:a6:5e:18:3b:
74:1e:80:38:f2:0f:43:07:c9:89:7c:b7:83:66:51:b9:05:d8:
c1:b7:a9:4b:90:c2:0e:df:bc:77:d9:3b:01:f2:51:f0:8c:b7:
d6:2a:5b:f9:35:60:df:e1:a2:0e:1e:6e:7b:b0:e9:e6:60:1f:
22:f6:c2:f2:73:4b:3a:a2:ea:86:4d:d3:b9:2b:83:d6:6a:36:
ad:b6:f5:17:9d:60:8f:f3:d8:dc:11:55:17:99:71:a9:46:4b:
96:cf:a1:da:df:f1:b0:2c:9f:07:8c:e8:6c:da:80:b4:f9:82:
86:29:70:95:10:c1:25:98:5e:74:d6:b2:00:e0:04:a5:be:b5:
a0:00:71:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb4h8pRf60SQ21KSrqNguzIXKmtswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmOTJiMTJjYzRkMTJkMWQ3YmNiMDMwNjE1MTM0NTFjMTU3ZWFlMGYzMzY4
NTgzYzA0MmMzMWJjMGFlNTUwM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlWpq13UPKU6kGwCIIycrUOeUmqr0YEMtC5CzvGeBjeZHdQc5pyPDodUocb
Xbgga/tRskP6p95tA70uDg+ZBBeMdt/6MN3WVNNIUF67fLGJ9DNyLrMG+kC1UXN4
9u5+ntJtbfANejPfehHFOzb22RDxvGtaftb44frnulseRZjl3aLQ2OzuCCVeWRDs
kgrue4Muw5i1sbvDNE7CxDRMxBGvplTd2kvs8Rrxl9j8qi5cnK9+1mvxoznSB0fZ
bY/pxsUvd4AtxTsBANFQKeM6p1WC0ZnNH9a6yeHD5o/qpbZwQZIUFeUQWUDfUYh0
VXoG59YaVE4sisplmtCPP3py3sECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQnx+7Z
aDmaQJw63TgRhgTMUNVSDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQCkG+TFKrX6h+UXoLGTjm4BSx3GPGrIEGet2z4wMTPC
g061AEhnbJm1jxdF7mdF5LNINNNOV9sBnYrmeHWzjieIMnDO09F1KIli5Bb8AISD
8m6DC8NkdP+Y5xKq/3ieiQ19vxA6oyNFUozTfCmaKxpuaCMaASAA5SYJ4KZeGDt0
HoA48g9DB8mJfLeDZlG5BdjBt6lLkMIO37x32TsB8lHwjLfWKlv5NWDf4aIOHm57
sOnmYB8i9sLyc0s6ouqGTdO5K4PWajattvUXnWCP89jcEVUXmXGpRkuWz6Ha3/Gw
LJ8HjOhs2oC0+YKGKXCVEMElmF501rIA4ASlvrWgAHF4
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:15 2025 by rpki-client