Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: EeWSGPmx1YUd9KqNgZGR2hePgvM36vJ+OOP82WWo1XU=
Subject key identifier: 38:4B:CC:78:4C:BC:E0:4E:4C:73:30:EF:31:34:5C:91:1C:82:C5:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47C5216078D593016E76FE7B3071F35BA336F08D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:c5:21:60:78:d5:93:01:6e:76:fe:7b:30:71:f3:5b:a3:36:f0:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e9d65880d39775df237d4f770382925bce16beb48317b50dfc980aecee559366, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f8:74:b8:51:85:08:95:54:9b:86:c3:9e:68:
4c:b9:60:d6:1e:c8:4d:51:94:de:3a:35:a8:51:f2:
7c:a6:28:08:05:7b:df:bf:cd:04:a9:c3:dd:46:58:
3b:20:5c:f2:4e:74:a0:c8:70:91:b8:14:9a:01:cb:
73:b9:36:b2:7d:54:dc:1f:9a:0f:9d:5e:62:17:e8:
57:23:fd:50:de:2f:a4:e7:5e:fc:f4:89:db:86:5c:
a7:5a:d4:4d:3c:04:4e:2c:e6:b1:aa:21:d4:ef:db:
0f:79:49:ec:df:a5:60:3c:6d:b9:cd:2e:72:81:a8:
24:bf:29:f8:e8:04:a5:71:19:a1:28:8c:47:a0:31:
00:99:fb:ff:10:8d:30:72:28:b5:b8:bc:50:2c:a0:
43:aa:14:94:50:62:b1:9e:c2:5d:aa:d9:b2:54:0c:
27:67:f1:b0:ed:0e:ca:4e:3d:49:32:cb:dc:13:0f:
cb:20:5c:5d:4d:cc:9f:6e:8a:ae:72:5e:1a:b6:9d:
72:85:09:bb:1b:aa:ac:a9:d2:db:5b:0f:e6:71:b0:
a2:2b:be:8c:b1:f7:27:08:04:80:c8:80:bd:19:a4:
fd:fd:5a:b2:fc:41:5f:91:1f:50:bc:45:9f:4d:50:
0d:58:ed:cc:7f:49:38:81:72:58:77:ed:0a:02:b0:
8a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4B:CC:78:4C:BC:E0:4E:4C:73:30:EF:31:34:5C:91:1C:82:C5:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:5f:d3:da:53:a6:d7:72:10:40:5f:06:d2:43:b9:c8:f3:1d:
7c:a0:2c:0d:ba:64:94:ac:06:e8:5d:83:9e:85:a0:70:9a:95:
be:8a:a4:f1:7d:b9:32:a7:c3:77:2a:bf:5d:02:f4:0a:b5:15:
a4:e7:77:43:16:d8:86:f3:32:10:d6:27:0c:dc:90:d8:49:bf:
3c:85:fb:88:49:22:79:0d:47:d9:45:a0:90:a0:dc:de:9c:e4:
66:19:61:cd:bc:da:19:fa:a5:23:ef:99:00:7b:f2:03:e1:fe:
10:0e:65:1c:35:37:27:0f:3f:c7:33:a2:da:98:88:d7:0f:d3:
a4:04:bf:e0:1b:53:15:b5:af:8c:b2:49:e9:ab:81:26:bd:fb:
90:d1:de:9e:68:a4:7c:7e:0f:a4:06:fc:fb:d4:ae:e3:87:5f:
62:f3:c6:76:cd:b2:45:88:43:5a:51:7c:da:a9:aa:e3:d6:be:
2c:ad:6c:59:82:ed:ab:6b:d7:62:4a:99:3f:2f:45:91:26:1e:
78:d1:4a:36:87:c9:05:ee:c6:9b:2a:35:90:70:6a:59:b7:f8:
75:b3:d3:01:fc:e9:e3:df:ae:aa:3c:9f:1e:40:5b:41:70:15:
71:9e:9c:b7:c4:af:24:d1:8e:a9:08:25:c5:d4:5c:d7:1d:a3:
2d:86:84:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR8UhYHjVkwFudv57MHHzW6M28I0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZDY1ODgwZDM5Nzc1ZGYyMzdkNGY3NzAzODI5MjViY2UxNmJlYjQ4MzE3
YjUwZGZjOTgwYWVjZWU1NTkzNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOH4dLhRhQiVVJuGw55oTLlg1h7ITVGU3jo1qFHyfKYoCAV737/NBKnD3UZY
OyBc8k50oMhwkbgUmgHLc7k2sn1U3B+aD51eYhfoVyP9UN4vpOde/PSJ24Zcp1rU
TTwETizmsaoh1O/bD3lJ7N+lYDxtuc0ucoGoJL8p+OgEpXEZoSiMR6AxAJn7/xCN
MHIotbi8UCygQ6oUlFBisZ7CXarZslQMJ2fxsO0Oyk49STLL3BMPyyBcXU3Mn26K
rnJeGradcoUJuxuqrKnS21sP5nGwoiu+jLH3JwgEgMiAvRmk/f1asvxBX5EfULxF
n01QDVjtzH9JOIFyWHftCgKwipkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ4S8x4
TLzgTkxzMO8xNFyRHILF3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQAFX9PaU6bXchBAXwbSQ7nI8x18oCwNumSUrAboXYOe
haBwmpW+iqTxfbkyp8N3Kr9dAvQKtRWk53dDFtiG8zIQ1icM3JDYSb88hfuISSJ5
DUfZRaCQoNzenORmGWHNvNoZ+qUj75kAe/ID4f4QDmUcNTcnDz/HM6LamIjXD9Ok
BL/gG1MVta+Msknpq4EmvfuQ0d6eaKR8fg+kBvz71K7jh19i88Z2zbJFiENaUXza
qarj1r4srWxZgu2ra9diSpk/L0WRJh540Uo2h8kF7sabKjWQcGpZt/h1s9MB/Onj
366qPJ8eQFtBcBVxnpy3xK8k0Y6pCCXF1FzXHaMthoSX
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:23:48 2025 by rpki-client