Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json)
Hash identifier: 2aknXB1jr2UFTlmmx8IK5/dUsDKwdwoCsi2wNkuZYvc=
Subject key identifier: 12:F2:A5:6D:8A:56:CD:CB:73:E1:B9:27:46:44:99:BD:A1:EA:AB:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 284B231FF3B2E599CE93F3E58FBD4E5DF7B3B986
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:4b:23:1f:f3:b2:e5:99:ce:93:f3:e5:8f:bd:4e:5d:f7:b3:b9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=b300fb9995f8f2f9817e10906d8e2ac14b55036ae0403d28773ebec1da44ea40, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2c:33:5b:6a:bc:5f:5d:df:d2:43:f8:85:f2:
19:55:41:a2:63:75:e3:e4:dd:08:4d:e9:fb:49:f3:
a9:49:43:a5:a3:6c:01:69:a9:76:7f:b0:00:86:d8:
c9:71:18:52:2c:d3:00:ac:78:4d:8c:5e:86:01:a8:
ea:eb:7f:87:73:73:c0:9d:9b:21:3b:f9:3d:ee:84:
2e:0f:c6:6e:4a:45:e9:1c:6b:b6:8c:ad:34:0b:25:
a5:15:25:6a:9b:20:4f:96:c4:f4:78:12:33:65:84:
93:22:c7:e1:2f:5c:d9:cd:41:95:a1:5e:b1:49:c4:
bf:8a:72:ad:2a:dd:98:fc:83:6c:03:99:6b:3e:31:
85:0b:5c:1d:a1:b8:eb:a3:85:d6:a7:b2:b3:af:b0:
f5:be:49:11:80:ff:42:eb:71:cf:85:61:da:95:e0:
b0:76:e4:21:b2:32:aa:68:7d:71:0b:cb:aa:0b:69:
86:88:22:a1:19:a0:7c:ec:1c:3a:dd:b3:12:07:37:
3c:3f:b1:7f:5d:bb:d9:f6:be:95:42:a0:49:e4:22:
40:ce:f5:45:52:46:d8:ae:88:5f:df:f9:bf:13:25:
25:08:db:79:8e:a2:09:21:a8:58:4f:30:a6:9c:62:
bb:45:de:69:4e:67:22:1c:01:bc:3e:5e:8c:be:1a:
8a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F2:A5:6D:8A:56:CD:CB:73:E1:B9:27:46:44:99:BD:A1:EA:AB:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:55:cd:7f:b5:bd:d1:a8:e2:ea:c6:1c:a2:c4:33:5b:50:02:
0f:e2:09:3b:c1:0f:1e:df:06:22:63:6b:15:3e:14:fa:fa:de:
0d:4a:e4:2d:c8:ff:3f:31:b1:24:13:9e:a8:3b:f7:5c:26:5d:
9b:7a:cd:2b:0c:48:bc:79:50:10:25:fd:cb:94:0c:5d:81:eb:
db:78:1f:20:da:48:01:59:a4:1b:00:e8:35:19:7d:f1:34:0c:
0c:19:ec:1c:32:76:70:cc:8b:35:5d:97:13:eb:60:8e:c7:7a:
a4:57:5e:4e:ee:bb:63:d2:20:9a:05:55:ee:96:5b:b0:ac:21:
1d:b0:98:b4:c6:be:0e:47:54:38:2e:58:df:cf:21:2a:37:37:
d4:e1:5c:56:25:e3:2a:8a:40:96:67:5b:a4:32:91:3c:5b:ea:
83:cf:22:88:04:fa:94:5d:1d:ca:9e:06:1b:08:e9:8d:f6:db:
51:e1:4d:bf:57:94:43:41:6d:85:8c:62:27:60:d3:2b:11:d6:
b3:2b:48:4b:8d:eb:67:74:30:41:3b:05:7d:3d:28:61:fc:e8:
6d:5c:b1:32:44:40:a0:db:4f:8f:d7:a3:05:b0:38:ce:20:5c:
35:56:ed:1d:8f:34:99:a6:50:6a:09:15:60:85:60:34:f0:89:
85:b5:40:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKEsjH/Oy5ZnOk/Plj71OXfezuYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMDBmYjk5OTVmOGYyZjk4MTdlMTA5MDZkOGUyYWMxNGI1NTAzNmFlMDQw
M2QyODc3M2ViZWMxZGE0NGVhNDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8sM1tqvF9d39JD+IXyGVVBomN14+TdCE3p+0nzqUlDpaNsAWmpdn+wAIbY
yXEYUizTAKx4TYxehgGo6ut/h3NzwJ2bITv5Pe6ELg/GbkpF6RxrtoytNAslpRUl
apsgT5bE9HgSM2WEkyLH4S9c2c1BlaFesUnEv4pyrSrdmPyDbAOZaz4xhQtcHaG4
66OF1qeys6+w9b5JEYD/Qutxz4Vh2pXgsHbkIbIyqmh9cQvLqgtphogioRmgfOwc
Ot2zEgc3PD+xf1272fa+lUKgSeQiQM71RVJG2K6IX9/5vxMlJQjbeY6iCSGoWE8w
ppxiu0XeaU5nIhwBvD5ejL4airUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQS8qVt
ilbNy3PhuSdGRJm9oeqrajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBvVc1/tb3RqOLqxhyixDNbUAIP4gk7wQ8e3wYiY2sV
PhT6+t4NSuQtyP8/MbEkE56oO/dcJl2bes0rDEi8eVAQJf3LlAxdgevbeB8g2kgB
WaQbAOg1GX3xNAwMGewcMnZwzIs1XZcT62COx3qkV15O7rtj0iCaBVXulluwrCEd
sJi0xr4OR1Q4LljfzyEqNzfU4VxWJeMqikCWZ1ukMpE8W+qDzyKIBPqUXR3KngYb
COmN9ttR4U2/V5RDQW2FjGInYNMrEdazK0hLjetndDBBOwV9PShh/OhtXLEyRECg
20+P16MFsDjOIFw1Vu0djzSZplBqCRVghWA08ImFtUAz
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:31 2025 by rpki-client