Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: F/74qodeTkgsN11jxKbhHRCIstQYEvKMdOu2CGEnb04=
Subject key identifier: D9:85:D8:F9:9F:C2:68:9B:7E:F6:47:22:5A:08:8A:3C:AC:D3:26:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24D27A35AFE436EC1F8B33C990EBFFA8CF335CCB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:d2:7a:35:af:e4:36:ec:1f:8b:33:c9:90:eb:ff:a8:cf:33:5c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=7d6c0cbe0381f88c4be9b247838e055c36b6528911c4ae841023bb00384e8db9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:27:f1:07:69:3f:02:e5:2c:38:28:88:4b:13:
fd:b8:80:8e:36:7c:2c:24:09:67:90:18:54:87:4a:
90:97:d5:6a:c8:97:7c:42:38:c5:78:f5:1c:18:92:
39:39:27:fd:a6:3b:c5:39:ad:69:ec:c1:76:b2:d3:
35:dc:d1:6a:76:10:b0:84:5b:92:d9:90:42:18:9f:
a9:d3:7b:4c:57:11:4d:e2:5e:5a:2c:08:8e:a0:ce:
df:b7:7e:20:10:18:3d:79:2b:ba:64:a2:92:06:6f:
6c:00:11:0c:2d:77:d1:92:91:68:e7:1a:63:1a:dc:
24:b0:fe:17:75:80:58:a3:8f:ca:b3:17:e8:0c:ae:
c5:fd:e9:45:ee:ca:2b:d1:fb:69:8f:79:e5:c7:3c:
2d:02:b5:c6:bc:72:83:89:b9:54:71:22:69:07:14:
99:51:79:aa:03:02:42:d8:79:18:48:ac:f0:27:e7:
d1:d6:01:29:f6:1a:78:61:5e:e2:1c:f5:d0:bf:db:
5c:71:ef:6a:b9:9a:cb:74:5d:6f:21:a3:08:8b:88:
59:ca:48:06:99:5c:f8:a9:1e:a9:29:94:a1:38:2c:
1f:c6:89:a5:58:0c:6c:d3:7d:53:36:a3:36:8d:10:
11:6f:b4:a5:b4:7d:1a:91:b3:5c:ee:30:e2:7c:6d:
87:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:85:D8:F9:9F:C2:68:9B:7E:F6:47:22:5A:08:8A:3C:AC:D3:26:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
d0:d5:4a:f3:db:c6:b7:fa:63:cb:35:5d:b5:05:bf:0d:7c:93:
ee:01:28:21:dd:b9:a1:99:8c:4c:a3:5d:88:ef:83:9f:83:0d:
07:2e:77:c5:13:f0:f7:57:81:29:66:08:92:e3:87:ed:31:1a:
1c:f9:31:55:e5:4e:7b:8c:8e:3a:3c:b6:f7:83:75:73:e0:98:
5d:68:06:36:00:73:ac:ed:6e:bf:4b:93:89:32:72:9b:78:2c:
2d:a4:88:b9:71:15:a2:da:1c:8f:d3:e8:72:25:22:46:63:5a:
a8:6f:7a:33:b8:3f:67:78:bf:f5:3d:8f:ba:9a:3f:b0:7e:84:
38:80:cb:b2:d7:33:19:10:cd:09:cf:42:fe:63:ac:ac:cf:f5:
48:bc:a1:1d:cb:44:26:e1:c8:93:d0:5a:68:50:2d:65:51:51:
8a:93:8f:65:b2:fb:13:ca:08:88:a7:98:28:3a:fe:80:3b:e3:
e5:6b:e3:f4:8d:3f:03:4c:44:8d:e0:55:0f:3c:a4:78:e3:b5:
0f:46:9a:50:73:8e:a2:f3:a0:b1:bc:40:e8:c3:dd:de:52:70:
05:c0:80:9c:38:a0:de:93:e7:1e:e7:a1:b4:e6:51:5a:48:3e:
54:e5:ab:0d:0c:4b:ae:6c:26:51:bd:91:f2:51:58:ae:49:5d:
ae:70:15:31
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJNJ6Na/kNuwfizPJkOv/qM8zXMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkNmMwY2JlMDM4MWY4OGM0YmU5YjI0NzgzOGUwNTVjMzZiNjUyODkxMWM0
YWU4NDEwMjNiYjAwMzg0ZThkYjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwn8QdpPwLlLDgoiEsT/biAjjZ8LCQJZ5AYVIdKkJfVasiXfEI4xXj1HBiS
OTkn/aY7xTmtaezBdrLTNdzRanYQsIRbktmQQhifqdN7TFcRTeJeWiwIjqDO37d+
IBAYPXkrumSikgZvbAARDC130ZKRaOcaYxrcJLD+F3WAWKOPyrMX6Ayuxf3pRe7K
K9H7aY955cc8LQK1xrxyg4m5VHEiaQcUmVF5qgMCQth5GEis8Cfn0dYBKfYaeGFe
4hz10L/bXHHvarmay3RdbyGjCIuIWcpIBplc+KkeqSmUoTgsH8aJpVgMbNN9Uzaj
No0QEW+0pbR9GpGzXO4w4nxth0cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTZhdj5
n8Jom372RyJaCIo8rNMmuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEA0NVK89vGt/pjyzVdtQW/DXyT7gEoId25oZmMTKNd
iO+Dn4MNBy53xRPw91eBKWYIkuOH7TEaHPkxVeVOe4yOOjy294N1c+CYXWgGNgBz
rO1uv0uTiTJym3gsLaSIuXEVotocj9PociUiRmNaqG96M7g/Z3i/9T2Pupo/sH6E
OIDLstczGRDNCc9C/mOsrM/1SLyhHctEJuHIk9BaaFAtZVFRipOPZbL7E8oIiKeY
KDr+gDvj5Wvj9I0/A0xEjeBVDzykeOO1D0aaUHOOovOgsbxA6MPd3lJwBcCAnDig
3pPnHuehtOZRWkg+VOWrDQxLrmwmUb2R8lFYrkldrnAVMQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:20:28 2025 by rpki-client