Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: xPUjL25C2j7USDrrPNtkAw/bxPv+ZyZNk49tYhOOSag=
Subject key identifier: 52:C6:8A:62:15:76:87:6E:E1:D0:0E:E2:D9:AE:3F:F7:F5:D0:57:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28E19781733F4DD00EDD7E59F54C233D517133B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:e1:97:81:73:3f:4d:d0:0e:dd:7e:59:f5:4c:23:3d:51:71:33:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=ed355c22b7851da1cc7d1c920f8dbbb1635c546da3e49409fadc55829bef93e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ac:3f:c9:59:e4:33:e0:38:ce:eb:cb:ce:0d:
af:5d:22:7b:65:43:aa:42:0c:84:1c:b7:d4:0f:64:
dc:71:2f:54:d3:24:c0:47:41:07:6b:df:3d:60:e3:
fc:4d:8b:c1:6e:7c:8a:28:36:31:14:77:3f:08:8b:
05:29:9e:f8:c0:e4:3f:69:a8:f7:26:46:c8:00:95:
b2:11:f7:c3:27:32:81:42:7b:21:44:33:2b:3c:d4:
4b:2b:96:a0:ff:90:32:6d:12:71:6c:a5:7b:9a:94:
84:0d:49:87:d8:3b:21:03:b8:88:1d:78:c6:09:2e:
f4:b4:cd:00:80:38:77:c6:05:c9:c3:be:46:0d:47:
fa:ff:d0:d1:c2:57:28:c4:4b:93:b3:c5:2f:a8:50:
3b:27:97:5e:18:f5:b9:74:c5:15:54:cd:fd:4b:d0:
c7:49:b6:ed:17:a7:b7:cc:c4:ab:3f:eb:51:26:e7:
18:a3:d2:b6:7a:8a:3c:68:d5:82:18:fd:89:ea:5b:
67:11:e0:20:aa:1c:04:c2:6a:2b:63:45:3b:c1:3e:
e5:b7:5d:f6:06:d4:aa:0f:60:8d:38:4d:31:12:70:
7c:00:8e:6f:84:80:d2:3a:44:e8:0a:b1:ea:c5:d1:
71:22:0b:9d:90:27:23:7b:a4:0d:28:22:ed:c1:13:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C6:8A:62:15:76:87:6E:E1:D0:0E:E2:D9:AE:3F:F7:F5:D0:57:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:dc:ec:d9:94:03:b6:25:e1:63:09:2a:b7:4e:84:6d:d9:01:
c4:20:bc:62:12:0b:5d:d8:61:63:d0:07:55:aa:17:cd:0e:85:
96:24:70:79:fd:63:a1:29:ca:e4:af:4d:34:c7:2b:b2:86:0e:
80:9a:95:bb:e8:54:3a:65:ad:b2:e5:72:1d:47:44:b5:fd:9d:
1f:db:7b:fd:a4:35:fc:9c:4d:ca:f2:2b:6b:a2:01:2e:dc:a4:
85:de:52:67:4f:3a:db:49:c5:97:eb:7a:7a:33:3d:de:7f:93:
fa:7c:3b:92:03:f4:4c:c4:9c:68:46:89:13:ec:e8:f2:bb:68:
6c:b0:ec:e4:50:b4:90:80:47:e6:7c:05:6d:b4:b8:1a:e7:76:
e9:4c:e0:d9:8a:46:e1:b9:41:9f:70:0e:56:b1:98:88:b9:1f:
32:8f:7e:e7:70:01:7e:87:32:9b:58:76:ca:62:16:b5:8f:c4:
c6:1e:e4:73:a5:6b:b4:c0:35:10:5a:a3:5e:3e:01:04:cb:5d:
76:d2:73:cf:c6:5e:79:aa:58:4b:3a:6c:94:39:66:52:3e:17:
02:64:9f:89:5f:6e:68:54:f3:da:c9:40:09:d1:b3:3e:0a:de:
a0:0c:ed:c8:fc:92:dd:bf:35:9d:6b:4d:e7:df:64:0e:b6:b5:
e5:fc:69:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKOGXgXM/TdAO3X5Z9UwjPVFxM7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMzU1YzIyYjc4NTFkYTFjYzdkMWM5MjBmOGRiYmIxNjM1YzU0NmRhM2U0
OTQwOWZhZGM1NTgyOWJlZjkzZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCsP8lZ5DPgOM7ry84Nr10ie2VDqkIMhBy31A9k3HEvVNMkwEdBB2vfPWDj
/E2LwW58iig2MRR3PwiLBSme+MDkP2mo9yZGyACVshH3wycygUJ7IUQzKzzUSyuW
oP+QMm0ScWyle5qUhA1Jh9g7IQO4iB14xgku9LTNAIA4d8YFycO+Rg1H+v/Q0cJX
KMRLk7PFL6hQOyeXXhj1uXTFFVTN/UvQx0m27Rent8zEqz/rUSbnGKPStnqKPGjV
ghj9iepbZxHgIKocBMJqK2NFO8E+5bdd9gbUqg9gjThNMRJwfACOb4SA0jpE6Aqx
6sXRcSILnZAnI3ukDSgi7cET6BcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSxopi
FXaHbuHQDuLZrj/39dBXwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ3OzZlAO2JeFjCSq3ToRt2QHEILxiEgtd2GFj0AdV
qhfNDoWWJHB5/WOhKcrkr000xyuyhg6AmpW76FQ6Za2y5XIdR0S1/Z0f23v9pDX8
nE3K8itrogEu3KSF3lJnTzrbScWX63p6Mz3ef5P6fDuSA/RMxJxoRokT7Ojyu2hs
sOzkULSQgEfmfAVttLga53bpTODZikbhuUGfcA5WsZiIuR8yj37ncAF+hzKbWHbK
Yha1j8TGHuRzpWu0wDUQWqNePgEEy1120nPPxl55qlhLOmyUOWZSPhcCZJ+JX25o
VPPayUAJ0bM+Ct6gDO3I/JLdvzWda03n32QOtrXl/GlL
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:43 2025 by rpki-client