Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
File: a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa (raw, json)
Hash identifier: gBzLop97E98Y9mTdCGUUXbPmQyt8RVnpZvOZUib+oCM=
Subject key identifier: AB:EA:98:6F:56:1C:CC:25:F4:60:C7:F1:58:81:B0:90:1F:FD:D8:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05085ED757C0CFF83DCD0514AD0DF7AE91730EE5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 15
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:08:5e:d7:57:c0:cf:f8:3d:cd:05:14:ad:0d:f7:ae:91:73:0e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=40e5f795cf902c1f8c87e918acbef0e3401645d3a8c20fb79bfedd7f1c0ff8a3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fe:37:0b:2d:54:5d:a5:0f:fc:7a:ea:83:f0:
a0:73:d7:1a:5f:75:b6:d0:c6:9b:88:84:92:77:2c:
57:9f:fa:f0:e9:3b:e6:fc:d5:55:3e:1d:d1:1d:a0:
99:1d:98:21:ab:99:cd:d6:b9:01:b3:54:fe:b6:26:
d4:c6:fa:ae:cd:d1:dd:4c:24:4d:70:df:c2:26:83:
63:82:42:f7:3a:0d:c6:da:af:ab:7f:43:58:0c:6e:
06:93:0c:14:dd:84:81:fa:a1:95:b3:e2:a1:c3:0b:
bd:82:b9:65:55:97:9b:22:9d:5c:f6:34:21:cc:21:
45:14:33:fc:1c:8d:a7:93:c3:5f:22:f7:af:cf:51:
38:68:16:db:cb:34:f1:12:b8:28:17:5b:c5:7d:69:
da:ee:e8:bb:92:8a:af:6a:d3:f2:30:fd:34:2e:88:
4e:db:0c:4f:96:b5:ba:d1:10:39:11:f1:d9:47:e0:
66:ac:b6:f8:3a:3a:39:16:54:d9:e2:ea:fc:26:bc:
c7:f8:bf:7d:d4:0e:90:a5:e0:23:69:df:59:37:91:
b6:ae:01:d5:60:56:1c:a1:3f:02:cf:38:53:ad:49:
51:a5:c0:97:46:59:3e:1d:b4:2e:0f:0c:77:cc:e1:
9a:5b:1f:1c:fc:a6:50:a5:48:d7:be:1c:dc:5f:c9:
29:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:EA:98:6F:56:1C:CC:25:F4:60:C7:F1:58:81:B0:90:1F:FD:D8:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:fe:4d:b5:74:2d:88:be:c4:7c:be:09:b1:66:42:1b:c8:20:
35:11:b6:b7:cc:68:fd:a8:34:18:98:dd:58:f0:20:a2:30:bb:
61:83:87:55:ae:9c:8a:58:24:56:ec:58:94:c6:a3:0c:70:ba:
12:34:c7:02:b6:b1:71:9c:d7:18:2f:79:c7:0f:c5:4f:80:39:
ba:5f:f8:ab:e1:c5:b3:3b:94:4e:ac:5b:75:13:b4:3c:83:2a:
30:2e:95:11:28:9f:b6:34:a1:7d:ca:5e:ee:ae:8c:40:72:af:
fe:71:ea:c4:40:67:09:3d:cc:49:6e:1b:6c:b0:1b:24:f9:2e:
55:74:cf:db:8f:41:5b:86:51:cf:b5:d9:93:a2:27:4e:10:7b:
e9:62:24:ef:27:0c:49:7d:84:59:31:e2:28:04:42:28:c8:f9:
d0:f6:e5:ff:40:4e:4b:ed:11:12:af:2f:f4:e1:35:5e:7d:1a:
33:a3:de:df:36:1b:b4:42:33:45:5a:90:c8:92:60:6e:aa:08:
70:96:1e:1d:e2:1f:c7:b3:05:18:9f:4b:bf:73:43:01:97:43:
fc:81:01:15:00:a8:41:8b:e6:4a:58:72:0d:e2:e6:e2:3c:9c:
1f:b3:3d:06:7f:5d:ee:e8:6e:6c:f5:60:f5:fd:c7:b4:c9:a3:
4c:18:86:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBQhe11fAz/g9zQUUrQ33rpFzDuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwZTVmNzk1Y2Y5MDJjMWY4Yzg3ZTkxOGFjYmVmMGUzNDAxNjQ1ZDNhOGMy
MGZiNzliZmVkZDdmMWMwZmY4YTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKP+NwstVF2lD/x66oPwoHPXGl91ttDGm4iEkncsV5/68Ok75vzVVT4d0R2g
mR2YIauZzda5AbNU/rYm1Mb6rs3R3UwkTXDfwiaDY4JC9zoNxtqvq39DWAxuBpMM
FN2EgfqhlbPiocMLvYK5ZVWXmyKdXPY0IcwhRRQz/ByNp5PDXyL3r89ROGgW28s0
8RK4KBdbxX1p2u7ou5KKr2rT8jD9NC6ITtsMT5a1utEQORHx2UfgZqy2+Do6ORZU
2eLq/Ca8x/i/fdQOkKXgI2nfWTeRtq4B1WBWHKE/As84U61JUaXAl0ZZPh20Lg8M
d8zhmlsfHPymUKVI174c3F/JKf8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSr6phv
VhzMJfRgx/FYgbCQH/3Y1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFiMjdlODctODAxZi00YzllLTk4YTItZjgxYjU0ZThiOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQB1/k21dC2IvsR8vgmxZkIbyCA1Eba3zGj9qDQYmN1Y
8CCiMLthg4dVrpyKWCRW7FiUxqMMcLoSNMcCtrFxnNcYL3nHD8VPgDm6X/ir4cWz
O5ROrFt1E7Q8gyowLpURKJ+2NKF9yl7uroxAcq/+cerEQGcJPcxJbhtssBsk+S5V
dM/bj0FbhlHPtdmToidOEHvpYiTvJwxJfYRZMeIoBEIoyPnQ9uX/QE5L7RESry/0
4TVefRozo97fNhu0QjNFWpDIkmBuqghwlh4d4h/HswUYn0u/c0MBl0P8gQEVAKhB
i+ZKWHIN4ubiPJwfsz0Gf13u6G5s9WD1/ce0yaNMGIYU
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:36 2025 by rpki-client