Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: U951mHMFPbeNi4SxzgYmwkvvdr+ckw4RaavgXt54Bhc=
Subject key identifier: 02:22:65:EE:39:BB:67:A5:9B:A0:28:B5:F3:92:81:F9:8D:2E:15:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F7523D6D2A2EC2525A0FE398F4A5952BCCDA064
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:75:23:d6:d2:a2:ec:25:25:a0:fe:39:8f:4a:59:52:bc:cd:a0:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=92c3cc581ea3e4c54e515480a0ebc1fc00759243a1c0303ec77702a42e4f053d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:47:eb:ec:47:1d:73:e0:a0:67:11:36:f2:4c:
d9:f2:3a:69:04:fc:54:e3:33:e6:59:b4:fd:13:2b:
f2:9c:b4:b0:ba:ec:24:f1:ec:84:55:92:1b:08:b1:
28:27:9c:f0:c5:31:5d:e0:1a:0b:7b:a6:7b:3f:49:
9b:99:c7:83:03:55:31:fd:0e:71:69:5c:ff:12:44:
9d:d1:e6:6f:d4:2f:13:d3:1a:fa:3c:b7:ed:b8:df:
2a:3e:64:00:e5:7c:73:fc:75:b1:c0:99:65:a7:ec:
93:54:a8:ae:91:3e:4a:8d:2b:6e:74:70:6d:50:83:
28:0b:60:fc:3c:a0:34:04:5b:d9:c2:fe:aa:97:72:
a2:01:86:02:d2:2c:16:e4:0f:2a:e1:14:83:65:e1:
3c:95:ea:5e:f0:0a:30:71:78:fc:fa:4f:40:ad:5b:
d9:96:58:64:94:4b:d8:eb:c3:69:6d:64:25:0e:7b:
a2:eb:43:ff:d1:48:d0:f1:57:93:48:88:7c:d7:15:
5d:c3:bf:71:ed:a0:02:24:31:5e:d1:35:9a:dc:93:
1e:e5:21:f4:72:c4:7a:86:07:66:f0:82:55:12:d8:
01:93:65:f9:16:5f:cb:b2:9e:ed:3b:9c:29:c8:96:
01:24:63:bf:32:46:ee:27:a0:c0:d3:bb:ca:80:c5:
a5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:22:65:EE:39:BB:67:A5:9B:A0:28:B5:F3:92:81:F9:8D:2E:15:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
43:3c:4b:31:2d:41:88:83:cc:68:fa:b3:ed:eb:57:e0:39:25:
40:58:4c:f5:00:82:8c:10:7d:79:dd:e2:90:df:27:86:bc:33:
6a:50:5a:c6:10:5e:34:08:0e:d1:5a:66:35:fd:1f:b4:cc:4b:
ce:2c:5d:3e:93:2b:61:8e:73:f8:54:bf:1c:e5:7f:8a:55:cb:
b7:9a:4e:eb:a0:7f:a2:ab:46:0b:84:93:e9:b6:15:fa:a6:65:
08:69:bc:d8:5e:99:9b:cc:66:02:0f:c2:2f:d0:38:52:4b:49:
b0:3b:2f:b6:96:0a:b9:96:b0:a6:16:50:dd:8b:eb:45:92:85:
dc:d5:81:a4:c7:c2:38:dd:c7:76:77:3e:67:09:0f:4d:3f:6a:
74:b3:d8:e8:bd:3f:a7:3e:4a:d1:d3:b1:7b:65:6a:2e:ff:a7:
62:09:bc:a2:14:7f:42:0f:b6:56:ca:cc:05:0c:2b:93:fe:c3:
33:1e:b5:99:b2:80:be:13:cf:6d:74:57:c4:f8:7a:9d:f4:eb:
af:9d:ed:f3:7d:8a:03:b6:5e:e8:8d:52:45:32:4b:f3:e9:7e:
1d:da:90:d4:88:e8:88:61:ca:09:bb:2c:91:89:d0:e8:fb:14:
fb:17:18:1f:ef:62:c0:6b:97:1e:3b:c3:e8:2b:39:c1:d4:f8:
4b:5b:a5:ee
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUD3Uj1tKi7CUloP45j0pZUrzNoGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyYzNjYzU4MWVhM2U0YzU0ZTUxNTQ4MGEwZWJjMWZjMDA3NTkyNDNhMWMw
MzAzZWM3NzcwMmE0MmU0ZjA1M2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJH6+xHHXPgoGcRNvJM2fI6aQT8VOMz5lm0/RMr8py0sLrsJPHshFWSGwix
KCec8MUxXeAaC3umez9Jm5nHgwNVMf0OcWlc/xJEndHmb9QvE9Ma+jy37bjfKj5k
AOV8c/x1scCZZafsk1SorpE+So0rbnRwbVCDKAtg/DygNARb2cL+qpdyogGGAtIs
FuQPKuEUg2XhPJXqXvAKMHF4/PpPQK1b2ZZYZJRL2OvDaW1kJQ57outD/9FI0PFX
k0iIfNcVXcO/ce2gAiQxXtE1mtyTHuUh9HLEeoYHZvCCVRLYAZNl+RZfy7Ke7Tuc
KciWASRjvzJG7iegwNO7yoDFpV8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQCImXu
ObtnpZugKLXzkoH5jS4VzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAQzxLMS1BiIPMaPqz7etX4DklQFhM9QCCjBB9ed3i
kN8nhrwzalBaxhBeNAgO0VpmNf0ftMxLzixdPpMrYY5z+FS/HOV/ilXLt5pO66B/
oqtGC4ST6bYV+qZlCGm82F6Zm8xmAg/CL9A4UktJsDsvtpYKuZawphZQ3YvrRZKF
3NWBpMfCON3Hdnc+ZwkPTT9qdLPY6L0/pz5K0dOxe2VqLv+nYgm8ohR/Qg+2VsrM
BQwrk/7DMx61mbKAvhPPbXRXxPh6nfTrr53t832KA7Ze6I1SRTJL8+l+HdqQ1Ijo
iGHKCbsskYnQ6PsU+xcYH+9iwGuXHjvD6Cs5wdT4S1ul7g==
-----END CERTIFICATE-----
Generated at Sat May 3 01:28:45 2025 by rpki-client