Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json)
Hash identifier: hZcT38y3ELy2nyZClKe4hP1IKQ4OvNbRbJFWUgpcD5A=
Subject key identifier: 30:13:32:EB:09:FB:07:BA:A0:85:73:F6:81:3E:A0:0C:3D:23:6C:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 9C37C92C59FDD78189259FC5FEA076152B39BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9c:37:c9:2c:59:fd:d7:81:89:25:9f:c5:fe:a0:76:15:2b:39:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=817497a4739bffd0948655b529b335696423f173d7f961ca1f639fbd3c468347, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:65:81:52:b3:b1:c6:4e:c7:54:62:6e:ed:c4:
92:3a:a5:25:b9:8f:2d:5a:a9:92:b9:a0:1e:bd:52:
8a:8b:63:b3:5c:fa:fc:c0:8a:b6:34:54:1c:25:d5:
cc:ff:67:68:09:5e:df:f8:f0:6f:20:82:7a:11:80:
ef:c2:26:6f:3b:c4:80:79:f7:ae:6f:a1:bb:a0:40:
29:ec:6e:a6:f2:b6:32:e1:22:e6:fa:3f:e8:a0:db:
92:dc:6c:c9:ef:2d:a6:da:a9:fa:d9:95:dc:a4:62:
48:1b:93:68:ad:4d:a0:5f:e3:87:26:d3:86:f3:21:
3a:06:fe:7e:c6:39:50:e1:a0:71:c2:53:23:e2:e2:
78:e6:49:f2:f5:ff:d7:a1:0a:2c:03:31:b0:9f:70:
26:31:eb:83:82:fa:02:ff:e7:cd:e0:2a:d7:6d:f0:
e7:6d:8e:e2:dd:32:c8:d5:e4:88:e3:86:c9:a1:d4:
77:ff:60:c5:ab:a1:f8:29:0f:20:32:4f:34:f7:77:
d4:7a:ca:48:67:55:cb:bf:60:54:f3:94:4f:2e:19:
f7:94:0c:93:8b:9d:bd:76:3a:b7:f0:4b:89:89:e2:
d4:f0:07:41:ff:30:d8:ec:74:c5:8c:70:39:6c:26:
ea:24:1a:07:16:ad:5b:89:69:5f:07:d1:4b:08:a4:
7c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:13:32:EB:09:FB:07:BA:A0:85:73:F6:81:3E:A0:0C:3D:23:6C:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
20:94:44:25:bd:19:5f:f5:c6:f5:52:d1:c7:57:31:73:18:94:
ef:57:49:4a:19:18:d2:e4:37:bc:69:7a:1f:a7:36:8d:25:54:
db:86:b7:05:30:33:43:05:de:2d:e9:d2:78:50:01:40:6e:63:
d3:82:c5:b4:61:16:c3:fa:cc:a2:bf:cf:0c:e2:ec:1d:88:04:
ae:30:06:d5:cf:9b:71:eb:0a:b4:4f:0f:2e:3f:32:6c:c0:bd:
e4:a2:1a:3a:63:7b:a2:90:b4:ca:7c:ab:9e:67:f6:0d:9a:b0:
ba:7d:bb:6f:12:24:0a:13:b6:37:09:8d:a2:9d:0d:0d:e5:87:
69:cb:5e:df:e6:ab:67:e7:e3:a1:ca:5f:f4:7c:c8:7c:bf:c8:
09:a8:ed:5a:c5:81:b2:02:41:d0:9e:6e:19:f9:26:d5:cf:f3:
57:56:a1:2c:72:8a:20:36:3c:ed:74:c8:91:96:8c:4e:63:bd:
0a:44:07:be:04:0b:fd:4a:35:59:16:a4:63:a9:77:91:b0:44:
d7:49:d2:33:7e:09:2d:24:03:55:22:04:9d:8d:ca:13:e6:2e:
d0:47:d4:ef:50:a0:f2:d6:6b:40:52:85:b0:4a:75:e3:57:c0:
c8:2a:cf:6f:8b:94:c8:a3:ba:f1:8f:5d:83:ee:76:53:44:4f:
ff:ee:49:96
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAJw3ySxZ/deBiSWfxf6gdhUrOb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNzQ5N2E0NzM5YmZmZDA5NDg2NTViNTI5YjMzNTY5NjQyM2YxNzNkN2Y5
NjFjYTFmNjM5ZmJkM2M0NjgzNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONlgVKzscZOx1Ribu3EkjqlJbmPLVqpkrmgHr1Siotjs1z6/MCKtjRUHCXV
zP9naAle3/jwbyCCehGA78ImbzvEgHn3rm+hu6BAKexupvK2MuEi5vo/6KDbktxs
ye8tptqp+tmV3KRiSBuTaK1NoF/jhybThvMhOgb+fsY5UOGgccJTI+LieOZJ8vX/
16EKLAMxsJ9wJjHrg4L6Av/nzeAq123w522O4t0yyNXkiOOGyaHUd/9gxauh+CkP
IDJPNPd31HrKSGdVy79gVPOUTy4Z95QMk4udvXY6t/BLiYni1PAHQf8w2Ox0xYxw
OWwm6iQaBxatW4lpXwfRSwikfEkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwEzLr
CfsHuqCFc/aBPqAMPSNsvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAIJREJb0ZX/XG9VLRx1cxcxiU71dJShkY0uQ3vGl6
H6c2jSVU24a3BTAzQwXeLenSeFABQG5j04LFtGEWw/rMor/PDOLsHYgErjAG1c+b
cesKtE8PLj8ybMC95KIaOmN7opC0ynyrnmf2DZqwun27bxIkChO2NwmNop0NDeWH
acte3+arZ+fjocpf9HzIfL/ICajtWsWBsgJB0J5uGfkm1c/zV1ahLHKKIDY87XTI
kZaMTmO9CkQHvgQL/Uo1WRakY6l3kbBE10nSM34JLSQDVSIEnY3KE+Yu0EfU71Cg
8tZrQFKFsEp141fAyCrPb4uUyKO68Y9dg+52U0RP/+5Jlg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:25 2025 by rpki-client