Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: vO97OueuIVnbb19No8VqASOZdVnv25xxKK+pGnkSYFo=
Subject key identifier: E3:E0:75:04:31:3A:71:A7:C2:E8:C1:26:55:87:0D:12:62:09:2C:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7EE17EE2C43EAD8DDE47AA7018EA66E41900329E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:e1:7e:e2:c4:3e:ad:8d:de:47:aa:70:18:ea:66:e4:19:00:32:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=74e951e71de6cbfe41c8b0bd9df1bb2d6df7b608152dc134ff5ea68408d84527, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:b1:ee:82:7b:6c:45:02:43:8b:73:19:ed:
9c:a3:f8:16:74:a3:f2:3c:bc:83:5e:04:08:8b:c9:
f9:a1:c4:24:d8:87:03:d1:f3:b1:ce:27:8a:7b:f7:
44:6b:20:b9:c0:37:47:93:ad:6c:20:0a:02:36:e9:
55:fe:30:f3:46:4e:c6:59:13:7d:d0:5b:f5:2e:e8:
f1:7f:cd:b5:db:51:4e:c1:b9:6b:14:03:ab:aa:d9:
aa:44:ee:b7:98:4f:27:b7:79:e2:08:49:15:d0:8e:
cf:ae:93:89:71:e6:7f:dd:fd:e8:e1:34:08:a9:7f:
2a:d4:a6:03:dc:8f:fd:05:26:e8:b5:03:bc:4f:18:
f1:5e:0f:7b:79:19:71:cd:16:31:fd:03:cd:47:d7:
e8:1b:6c:12:9e:ea:1c:88:ee:cc:39:f7:cf:f9:77:
0d:6a:52:d8:41:71:5c:1f:f8:67:e5:04:73:08:6b:
c8:62:14:f6:a6:8e:d6:8a:41:1a:cd:10:1e:b4:4b:
63:81:c1:8f:6d:80:54:10:2b:60:ab:9b:63:db:da:
f9:05:7c:e9:5f:c8:0a:5c:76:eb:f4:8d:7e:8a:17:
f0:94:53:39:bc:5a:fe:9e:6e:a1:f0:c2:c6:2c:8b:
73:1e:cc:e4:95:36:9f:72:69:aa:5b:a7:a2:a6:08:
83:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E0:75:04:31:3A:71:A7:C2:E8:C1:26:55:87:0D:12:62:09:2C:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:52:9e:13:ec:5b:eb:d9:ef:43:17:c0:89:69:a2:13:08:01:
cb:a9:e5:c0:20:2b:de:28:05:f8:8b:ce:fb:10:4f:f0:d4:bd:
bb:a7:5c:62:6f:4f:4d:51:34:a6:a7:76:49:54:f6:45:83:f7:
df:62:2d:21:75:95:8b:87:30:26:ac:06:86:4a:fb:f4:63:d4:
8b:2d:d8:07:f4:15:f8:c1:30:66:f7:41:24:1a:22:05:b3:16:
87:27:f2:d2:c2:ce:0e:39:21:3b:fb:8b:2f:b5:4a:fd:72:4a:
10:91:77:3f:10:2e:2a:ec:3c:11:61:b9:4a:f7:84:88:08:0a:
3e:7b:ef:01:8a:d1:b2:78:4f:75:8d:8a:bf:11:f3:85:cb:99:
4f:4e:ef:68:62:36:13:b7:69:93:9c:bd:96:f7:d3:79:ea:6c:
ea:13:ef:54:f9:99:0d:ab:1c:c2:96:43:2f:29:f8:bb:f4:4a:
34:e7:ef:37:33:7f:97:6a:99:55:05:77:0c:28:1e:3e:30:27:
33:e4:b1:c8:08:46:f5:d6:ad:38:24:01:e2:25:fd:db:48:5b:
a4:fa:9a:5e:df:c4:83:2f:c3:c5:cb:fd:87:d3:a6:47:ca:63:
f8:7b:87:82:0b:a2:00:4c:07:76:23:13:e2:23:a4:ca:e1:a9:
b1:d3:44:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfuF+4sQ+rY3eR6pwGOpm5BkAMp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ZTk1MWU3MWRlNmNiZmU0MWM4YjBiZDlkZjFiYjJkNmRmN2I2MDgxNTJk
YzEzNGZmNWVhNjg0MDhkODQ1MjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtRse6Ce2xFAkOLcxntnKP4FnSj8jy8g14ECIvJ+aHEJNiHA9Hzsc4ninv3
RGsgucA3R5OtbCAKAjbpVf4w80ZOxlkTfdBb9S7o8X/NtdtRTsG5axQDq6rZqkTu
t5hPJ7d54ghJFdCOz66TiXHmf9396OE0CKl/KtSmA9yP/QUm6LUDvE8Y8V4Pe3kZ
cc0WMf0DzUfX6BtsEp7qHIjuzDn3z/l3DWpS2EFxXB/4Z+UEcwhryGIU9qaO1opB
Gs0QHrRLY4HBj22AVBArYKubY9va+QV86V/IClx26/SNfooX8JRTObxa/p5uofDC
xiyLcx7M5JU2n3JpqlunoqYIg6kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTj4HUE
MTpxp8LowSZVhw0SYgksJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Up4T7Fvr2e9DF8CJaaITCAHLqeXAICveKAX4i877
EE/w1L27p1xib09NUTSmp3ZJVPZFg/ffYi0hdZWLhzAmrAaGSvv0Y9SLLdgH9BX4
wTBm90EkGiIFsxaHJ/LSws4OOSE7+4svtUr9ckoQkXc/EC4q7DwRYblK94SICAo+
e+8BitGyeE91jYq/EfOFy5lPTu9oYjYTt2mTnL2W99N56mzqE+9U+ZkNqxzClkMv
Kfi79Eo05+83M3+XaplVBXcMKB4+MCcz5LHICEb11q04JAHiJf3bSFuk+ppe38SD
L8PFy/2H06ZHymP4e4eCC6IATAd2IxPiI6TK4amx00Si
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:24:59 2025 by rpki-client