Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: 6G7XD+FJRZIjw/RnHbbumMwURXb4MDmIwiLxIixDSko=
Subject key identifier: 73:09:52:32:E4:39:8F:42:5D:60:AE:32:69:BF:AF:52:B5:98:13:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CDAF21D266069E2AE1526CC5DE5A95C1A6DA512
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:da:f2:1d:26:60:69:e2:ae:15:26:cc:5d:e5:a9:5c:1a:6d:a5:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=fb0306cda9d22eeeb83936bb553e847cdd0fd12e8060aec591d0e7e3b1fa4365, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a8:93:08:a6:10:00:92:f5:c2:b6:d2:9f:ee:
9f:73:84:38:1e:f2:79:39:a4:0c:aa:91:59:39:27:
00:b0:6d:f2:f1:f4:a3:90:6e:c7:2b:96:aa:fd:25:
5f:bd:23:e9:3d:09:fc:68:dd:9c:75:63:b1:c2:51:
3d:f4:ab:b9:b3:75:10:18:e6:70:f9:c4:58:07:a5:
4c:f7:44:82:0b:9f:ca:86:28:6b:78:85:a7:c1:67:
0f:38:59:1e:3f:7d:8b:a4:b6:40:ec:c1:f4:75:29:
7d:10:5f:7d:5e:3a:61:9c:63:9b:b5:b0:f1:65:e1:
1e:9e:d8:ea:30:60:87:86:46:64:ff:bc:6c:fd:87:
ca:6c:e1:d4:a7:23:dd:9c:4a:5e:42:8d:c1:cf:bd:
c2:e5:a2:be:fd:63:eb:55:fc:4a:a6:c8:a0:a8:b3:
5e:7e:b4:ff:98:e4:16:0a:b9:56:87:10:18:98:4b:
a9:aa:3d:65:60:df:90:9c:c9:39:9e:ac:98:6d:67:
b9:13:93:36:d0:30:d0:79:e5:9b:62:63:78:3c:9d:
f9:0a:d2:f3:80:f6:72:c6:46:4e:c8:b2:19:e6:d4:
9c:95:be:78:6f:16:71:20:ac:fa:fb:09:26:93:8d:
98:13:15:ae:19:23:d7:7b:35:fb:1e:ab:6d:51:21:
ab:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:09:52:32:E4:39:8F:42:5D:60:AE:32:69:BF:AF:52:B5:98:13:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
77:90:3c:3f:8a:c2:05:9f:7b:e5:f0:20:ef:98:3f:cb:07:f1:
06:30:e4:5d:5e:ca:a3:db:2c:a5:a4:80:6e:8c:1e:2a:35:bf:
bc:29:38:07:f9:b5:b8:13:fd:97:96:40:bb:be:07:2f:35:20:
ee:a5:e1:22:f6:af:e1:2f:2a:02:8e:b7:5d:f8:00:56:c4:7c:
b1:25:7d:83:ec:8b:80:8f:99:22:18:6c:15:2c:b5:62:2b:2e:
77:33:93:7e:4b:b6:c0:d8:b5:1a:66:70:5c:d8:b4:3b:84:27:
41:b4:86:aa:4a:ec:f2:e7:4a:bd:d8:a3:c4:df:85:10:84:e3:
5b:64:ba:8d:f0:fe:82:0a:08:85:57:16:84:c8:2a:82:b8:a2:
5e:8b:fa:a5:3e:a9:0b:3a:59:0a:01:56:03:ed:52:2d:cc:f1:
f7:5f:c8:cb:ba:a8:27:cf:19:fe:26:d2:b9:54:46:51:d2:a4:
05:94:a6:c1:ca:83:3a:1c:d2:4e:69:3f:4e:01:38:c1:e2:23:
5f:bf:0f:c9:8e:9b:9a:34:8b:bb:e0:d2:f6:1b:56:c8:88:0a:
b7:0b:89:b5:a9:66:14:f5:15:01:f9:85:8d:7e:1a:7a:c5:44:
41:e5:7d:97:f0:d1:dd:91:80:06:5b:58:e8:1c:a3:fd:18:06:
f0:ba:18:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfNryHSZgaeKuFSbMXeWpXBptpRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMDMwNmNkYTlkMjJlZWViODM5MzZiYjU1M2U4NDdjZGQwZmQxMmU4MDYw
YWVjNTkxZDBlN2UzYjFmYTQzNjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2okwimEACS9cK20p/un3OEOB7yeTmkDKqRWTknALBt8vH0o5BuxyuWqv0l
X70j6T0J/GjdnHVjscJRPfSrubN1EBjmcPnEWAelTPdEggufyoYoa3iFp8FnDzhZ
Hj99i6S2QOzB9HUpfRBffV46YZxjm7Ww8WXhHp7Y6jBgh4ZGZP+8bP2Hymzh1Kcj
3ZxKXkKNwc+9wuWivv1j61X8SqbIoKizXn60/5jkFgq5VocQGJhLqao9ZWDfkJzJ
OZ6smG1nuROTNtAw0Hnlm2JjeDyd+QrS84D2csZGTsiyGebUnJW+eG8WcSCs+vsJ
JpONmBMVrhkj13s1+x6rbVEhq00CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRzCVIy
5DmPQl1grjJpv69StZgTZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEAd5A8P4rCBZ975fAg75g/ywfxBjDkXV7Ko9sspaSA
boweKjW/vCk4B/m1uBP9l5ZAu74HLzUg7qXhIvav4S8qAo63XfgAVsR8sSV9g+yL
gI+ZIhhsFSy1YisudzOTfku2wNi1GmZwXNi0O4QnQbSGqkrs8udKvdijxN+FEITj
W2S6jfD+ggoIhVcWhMgqgriiXov6pT6pCzpZCgFWA+1SLczx91/Iy7qoJ88Z/ibS
uVRGUdKkBZSmwcqDOhzSTmk/TgE4weIjX78PyY6bmjSLu+DS9htWyIgKtwuJtalm
FPUVAfmFjX4aesVEQeV9l/DR3ZGABltY6Byj/RgG8LoYEg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:07:22 2025 by rpki-client