Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: iBvfbEPpX04mRPNLliM25B/HOUJyhtCLajoWuh7GTM4=
Subject key identifier: C4:CC:EF:45:00:44:A6:91:49:AB:5B:0A:D6:78:9F:C2:2B:75:CA:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 105DE08E96D8FF8FB1FDB3AF82EA13373467A15B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:5d:e0:8e:96:d8:ff:8f:b1:fd:b3:af:82:ea:13:37:34:67:a1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=b264ca365b725230f9e395805d5f8d3f64500377fcc9b9db5086c5ecf88dcfc3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a8:c6:18:89:06:6f:a8:53:0e:a2:9f:3d:be:
23:66:2c:8b:d4:5d:64:3c:7f:88:cf:17:b8:43:0a:
82:b6:d4:b1:34:1e:47:b1:38:44:df:72:40:d7:aa:
60:14:2d:43:17:9b:be:2e:12:ec:7f:7a:8c:6e:15:
4d:d0:5b:f6:11:35:90:0b:02:67:b2:bd:8d:d4:0d:
1d:9f:81:f3:de:62:dc:e1:ba:71:d6:6b:43:ba:cf:
13:7d:8e:b4:bf:8e:29:3e:8f:e6:3d:b5:a3:ae:35:
84:af:5e:85:7c:98:53:50:9c:e4:88:66:7d:b1:74:
8b:6c:ac:28:23:30:d9:a0:11:09:5c:5b:b6:bb:e7:
ad:60:f9:69:fa:4d:d8:14:36:a7:3f:be:dc:89:4d:
30:c2:ec:51:8c:35:eb:2e:39:b9:b8:9b:d6:e8:5c:
56:1f:ff:cc:e1:78:fd:18:0b:42:3e:5b:26:cd:1f:
2a:55:61:99:d8:a8:17:4d:a4:e6:02:94:22:53:0d:
d3:e1:27:b3:77:16:10:c7:02:fe:1a:47:cd:54:7e:
e6:4b:44:9e:0a:93:6d:16:32:7b:9c:c6:0e:d5:b2:
86:1c:7a:04:43:3d:d6:00:96:8a:7d:d0:55:35:3a:
06:26:4d:ee:7e:cd:b7:17:70:f6:d7:03:00:08:2f:
4c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CC:EF:45:00:44:A6:91:49:AB:5B:0A:D6:78:9F:C2:2B:75:CA:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
1a:5b:e9:a9:3f:d8:66:17:bf:47:7b:37:f2:a3:e6:16:10:2f:
46:9c:f0:cb:a4:09:07:54:2f:66:69:8e:e2:25:5c:d5:69:27:
44:26:0e:87:92:ee:5d:ca:3e:b0:c4:b2:08:a1:65:1e:11:d8:
e6:22:52:8d:7e:12:8d:7a:c2:c2:56:91:97:17:b7:ed:6e:b7:
ca:ac:7a:c8:79:1b:fb:c7:ed:ff:0e:86:34:14:f5:a5:16:35:
45:bc:3e:96:db:6d:b9:45:34:e3:d5:e9:02:dc:d9:f3:28:71:
e1:f0:73:de:93:81:92:dd:65:e3:b3:6f:1a:1d:90:ee:fe:60:
44:be:bd:79:39:8e:51:b1:74:78:c7:f8:be:ce:af:bc:2c:26:
92:70:7f:8d:16:d2:26:1f:5a:d3:a6:c6:91:c2:60:a4:4b:43:
b6:ac:1b:8d:ad:05:df:34:16:32:9a:15:4e:53:49:99:72:07:
9d:5c:3e:16:53:3f:56:78:d7:10:bd:b8:35:dc:02:26:8d:54:
27:84:fe:11:1e:6c:f8:7f:72:af:98:4a:e5:11:31:83:c5:99:
1b:25:39:51:fe:8a:ba:35:47:0e:bb:b6:36:ff:70:b0:fd:53:
ef:cc:55:2f:2c:22:67:eb:a8:f9:e8:29:33:c9:3b:5a:06:58:
51:70:84:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEF3gjpbY/4+x/bOvguoTNzRnoVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNjRjYTM2NWI3MjUyMzBmOWUzOTU4MDVkNWY4ZDNmNjQ1MDAzNzdmY2M5
YjlkYjUwODZjNWVjZjg4ZGNmYzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeoxhiJBm+oUw6inz2+I2Ysi9RdZDx/iM8XuEMKgrbUsTQeR7E4RN9yQNeq
YBQtQxebvi4S7H96jG4VTdBb9hE1kAsCZ7K9jdQNHZ+B895i3OG6cdZrQ7rPE32O
tL+OKT6P5j21o641hK9ehXyYU1Cc5IhmfbF0i2ysKCMw2aARCVxbtrvnrWD5afpN
2BQ2pz++3IlNMMLsUYw16y45ubib1uhcVh//zOF4/RgLQj5bJs0fKlVhmdioF02k
5gKUIlMN0+Ens3cWEMcC/hpHzVR+5ktEngqTbRYye5zGDtWyhhx6BEM91gCWin3Q
VTU6BiZN7n7Ntxdw9tcDAAgvTMECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEzO9F
AESmkUmrWwrWeJ/CK3XKtzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQAaW+mpP9hmF79Hezfyo+YWEC9GnPDLpAkHVC9maY7i
JVzVaSdEJg6Hku5dyj6wxLIIoWUeEdjmIlKNfhKNesLCVpGXF7ftbrfKrHrIeRv7
x+3/DoY0FPWlFjVFvD6W2225RTTj1ekC3NnzKHHh8HPek4GS3WXjs28aHZDu/mBE
vr15OY5RsXR4x/i+zq+8LCaScH+NFtImH1rTpsaRwmCkS0O2rBuNrQXfNBYymhVO
U0mZcgedXD4WUz9WeNcQvbg13AImjVQnhP4RHmz4f3KvmErlETGDxZkbJTlR/oq6
NUcOu7Y2/3Cw/VPvzFUvLCJn66j56CkzyTtaBlhRcIR2
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:39:46 2025 by rpki-client