Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: k0anIwxCycLU+yeeReic4rtZhmKiolI43xGj/FYYd3o=
Subject key identifier: 40:D0:F3:F2:E8:9F:A2:C5:06:EE:25:34:E1:F5:EF:E3:82:19:66:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 113C313CD57B07358CE42C904EB68012B3F03D63
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:3c:31:3c:d5:7b:07:35:8c:e4:2c:90:4e:b6:80:12:b3:f0:3d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=e9dcee5d084ed3410449c348a95b3553e38b075ece05860470f31e7784b95eca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:e6:29:f0:f2:de:d2:ea:11:7f:21:8c:77:
ed:92:92:27:80:39:3a:ba:33:de:4d:2d:f2:51:f8:
b8:2f:03:6f:5d:14:64:63:8f:4f:ec:49:50:07:dc:
fa:d3:e0:83:b3:48:ef:43:be:ae:b2:8e:59:e3:6f:
99:ac:78:c5:c3:4e:b8:f5:6f:91:07:a6:85:01:ee:
cf:a1:d8:bd:45:c3:da:c4:43:ad:72:d3:c9:44:de:
4a:ca:a5:b8:55:a4:bd:eb:54:dd:c5:a6:b3:53:01:
2d:84:e1:e0:46:fa:c0:b1:25:b4:9c:38:d6:65:a0:
5d:04:f5:eb:19:4c:98:9c:05:a7:76:94:e7:ef:40:
ac:5d:a8:72:6f:d2:6d:12:3d:35:3b:d6:2f:47:d9:
31:65:cc:e8:f3:37:7b:69:78:fe:0a:0f:e8:b8:16:
4a:80:a0:cf:5c:33:15:2c:98:ff:00:1e:c5:ee:c8:
8a:6d:04:2d:e3:65:9b:49:78:f5:73:da:a9:d8:d9:
f4:64:c0:7b:b5:b3:e1:ff:e9:e5:07:2f:a4:b4:77:
4c:f0:de:53:a5:14:58:cb:6c:94:c4:7a:7b:23:b8:
e6:05:73:a5:34:62:e7:d4:1b:4b:1f:35:73:f6:70:
ac:8e:3c:aa:2a:76:0d:82:dd:27:33:16:0e:eb:ff:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D0:F3:F2:E8:9F:A2:C5:06:EE:25:34:E1:F5:EF:E3:82:19:66:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:ae:dc:bc:c3:56:8b:5f:e6:cb:2c:fd:4d:ab:20:34:e2:51:
01:67:35:16:4d:a4:85:10:78:86:0b:9c:c5:4c:0a:6e:3c:58:
6f:ef:12:5e:5b:74:8a:9f:31:59:c4:7d:b0:e3:2e:b9:0b:d9:
57:c9:3a:3c:91:e9:09:9a:fb:8a:a6:8c:50:87:c9:5c:6b:16:
3c:e3:bc:76:69:a4:d3:2e:16:ad:ab:f6:dd:d5:74:84:6d:46:
e8:96:a4:7d:c0:66:06:aa:a2:71:ee:bd:94:fb:50:f5:03:d6:
f9:7b:20:2e:e6:c0:92:f3:84:7a:12:54:17:02:e8:96:a4:c2:
88:05:49:b3:7e:01:9a:b2:e9:54:6b:e2:34:0d:87:35:04:ba:
30:79:82:6c:de:dc:44:18:b5:0f:b9:dc:8e:78:22:8c:d8:a5:
f0:33:74:f4:f7:d1:b4:d9:f6:16:98:31:75:88:38:63:86:54:
f0:a1:02:f2:a0:b1:da:7c:aa:e3:d3:3d:ad:05:47:df:0a:d4:
59:cf:1c:f9:1b:5c:a9:01:3b:6d:cd:71:c4:f3:ef:d9:fb:df:
83:25:e9:f6:96:6f:a0:e9:61:ed:46:97:37:c6:b0:07:1e:9b:
3f:e1:5d:d7:27:43:4a:a5:3a:ae:26:fd:6e:24:44:e9:93:07:
10:2b:62:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUETwxPNV7BzWM5CyQTraAErPwPWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZGNlZTVkMDg0ZWQzNDEwNDQ5YzM0OGE5NWIzNTUzZTM4YjA3NWVjZTA1
ODYwNDcwZjMxZTc3ODRiOTVlY2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxG5inw8t7S6hF/IYx37ZKSJ4A5Oroz3k0t8lH4uC8Db10UZGOPT+xJUAfc
+tPgg7NI70O+rrKOWeNvmax4xcNOuPVvkQemhQHuz6HYvUXD2sRDrXLTyUTeSsql
uFWkvetU3cWms1MBLYTh4Eb6wLEltJw41mWgXQT16xlMmJwFp3aU5+9ArF2ocm/S
bRI9NTvWL0fZMWXM6PM3e2l4/goP6LgWSoCgz1wzFSyY/wAexe7Iim0ELeNlm0l4
9XPaqdjZ9GTAe7Wz4f/p5QcvpLR3TPDeU6UUWMtslMR6eyO45gVzpTRi59QbSx81
c/ZwrI48qip2DYLdJzMWDuv/l4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRA0PPy
6J+ixQbuJTTh9e/jghlmyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQAirty8w1aLX+bLLP1NqyA04lEBZzUWTaSFEHiGC5zF
TApuPFhv7xJeW3SKnzFZxH2w4y65C9lXyTo8kekJmvuKpoxQh8lcaxY847x2aaTT
Lhatq/bd1XSEbUbolqR9wGYGqqJx7r2U+1D1A9b5eyAu5sCS84R6ElQXAuiWpMKI
BUmzfgGasulUa+I0DYc1BLoweYJs3txEGLUPudyOeCKM2KXwM3T099G02fYWmDF1
iDhjhlTwoQLyoLHafKrj0z2tBUffCtRZzxz5G1ypATttzXHE8+/Z+9+DJen2lm+g
6WHtRpc3xrAHHps/4V3XJ0NKpTquJv1uJETpkwcQK2L2
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:33 2025 by rpki-client