Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: WmCSbac5sM6k5+gpRLRiMZffImq6VU1EdsJzTeXGwas=
Subject key identifier: 64:03:CB:88:BD:8F:04:AD:85:4A:5D:3C:43:42:55:85:59:37:E1:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C81541F6BFECF603AFEC5FB9693E103A3192F7A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:81:54:1f:6b:fe:cf:60:3a:fe:c5:fb:96:93:e1:03:a3:19:2f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: serialNumber=4337dc27dea3a69d9dca658af8f4a3a6f0c835ff0e10645b9c5927595ee34688, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:d0:9a:7b:2d:2e:52:44:ea:56:21:11:c2:
74:75:9f:30:60:6e:9c:8d:bb:d3:6d:92:29:0b:d8:
3b:c3:e6:01:c5:d6:87:76:1e:d6:d2:8f:6d:81:07:
b2:67:e0:dd:c8:26:5b:46:b1:3c:d3:5b:c3:ae:94:
2b:e2:19:ee:f1:6b:98:3c:c3:72:88:d1:49:a9:93:
d5:22:0c:16:e3:b8:5f:18:d5:7a:fe:c4:22:b5:52:
3a:c0:a1:02:53:1c:98:fb:33:ec:83:ba:7f:98:65:
db:d7:f1:ef:ca:4e:e6:46:d4:2a:f7:3b:76:d7:b0:
53:36:07:0d:ba:51:e6:3b:68:9c:93:83:74:fe:b4:
41:0b:11:db:4e:7c:d0:17:27:c0:87:89:69:2f:aa:
61:eb:24:37:11:92:5d:92:e1:2f:e1:59:6f:9b:31:
58:d1:3e:b3:30:65:18:f5:28:76:a0:6b:a8:b9:fe:
7a:f4:2e:27:96:83:c3:b1:9a:c2:dc:b0:62:50:d7:
4e:41:4b:aa:df:c7:43:b6:8a:02:71:24:6a:dc:1f:
59:27:9c:7b:8a:1e:48:0d:a2:3d:d8:47:df:dd:bf:
ae:46:3c:c5:c7:fa:d6:65:c9:e1:2c:00:18:09:78:
9f:f1:ee:0b:31:8f:e3:fe:e2:3b:3a:d9:29:02:a7:
ef:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:03:CB:88:BD:8F:04:AD:85:4A:5D:3C:43:42:55:85:59:37:E1:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b6:e4:17:a4:84:9d:c1:57:8b:dd:ce:35:7f:08:49:1a:c0:d1:
d5:3b:94:f3:97:6b:09:25:94:f1:0a:41:84:a8:4b:69:15:ea:
af:2e:01:82:99:29:51:1b:c6:7e:b8:6f:b1:b1:aa:74:51:7d:
dd:e2:cf:78:f3:06:fb:10:83:d7:c2:25:4e:ef:8f:87:1b:bb:
99:b4:df:e5:0b:de:3f:04:6d:61:79:44:d8:b5:ad:eb:a7:c0:
50:24:5d:90:e5:6b:b8:77:01:71:14:d1:d2:72:1a:b3:12:14:
a9:1c:8a:b2:70:67:c2:af:93:cb:8f:5e:bf:67:f3:1f:40:42:
61:93:df:95:a7:1a:b9:fc:87:60:a6:9f:eb:2b:6e:8d:60:d1:
2a:3e:94:64:a2:69:5d:a5:1f:58:d2:a1:86:37:ad:78:4d:b8:
ed:bc:87:11:0a:50:9b:b2:51:f1:fb:59:51:4c:8b:03:a6:4c:
d4:c5:a1:56:e4:e4:db:5f:e6:e4:74:92:7e:10:ef:00:69:32:
2a:65:65:e6:8e:b2:f2:9d:1e:28:47:49:e5:14:07:36:e2:73:
cc:f1:66:99:ff:b8:73:97:91:bc:cc:35:1e:f9:83:b1:1b:b5:
de:d7:4c:2e:69:75:d4:6d:b1:ab:b4:60:55:d0:bf:62:41:10:
4a:39:ff:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHIFUH2v+z2A6/sX7lpPhA6MZL3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjUwMDAwMDBaFw0yNTAzMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMzdkYzI3ZGVhM2E2OWQ5ZGNhNjU4YWY4ZjRhM2E2ZjBjODM1ZmYwZTEw
NjQ1YjljNTkyNzU5NWVlMzQ2ODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6h0Jp7LS5SROpWIRHCdHWfMGBunI27022SKQvYO8PmAcXWh3Ye1tKPbYEH
smfg3cgmW0axPNNbw66UK+IZ7vFrmDzDcojRSamT1SIMFuO4XxjVev7EIrVSOsCh
AlMcmPsz7IO6f5hl29fx78pO5kbUKvc7dtewUzYHDbpR5jtonJODdP60QQsR2058
0BcnwIeJaS+qYeskNxGSXZLhL+FZb5sxWNE+szBlGPUodqBrqLn+evQuJ5aDw7Ga
wtywYlDXTkFLqt/HQ7aKAnEkatwfWSece4oeSA2iPdhH392/rkY8xcf61mXJ4SwA
GAl4n/HuCzGP4/7iOzrZKQKn74UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkA8uI
vY8ErYVKXTxDQlWFWTfhwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQC25BekhJ3BV4vdzjV/CEkawNHVO5Tzl2sJJZTxCkGE
qEtpFeqvLgGCmSlRG8Z+uG+xsap0UX3d4s948wb7EIPXwiVO74+HG7uZtN/lC94/
BG1heUTYta3rp8BQJF2Q5Wu4dwFxFNHSchqzEhSpHIqycGfCr5PLj16/Z/MfQEJh
k9+Vpxq5/Idgpp/rK26NYNEqPpRkomldpR9Y0qGGN614TbjtvIcRClCbslHx+1lR
TIsDpkzUxaFW5OTbX+bkdJJ+EO8AaTIqZWXmjrLynR4oR0nlFAc24nPM8WaZ/7hz
l5G8zDUe+YOxG7Xe10wuaXXUbbGrtGBV0L9iQRBKOf89
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:05 2025 by rpki-client