Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: iAT8jbKgYV3gAGz5jhLKl+PrkvF3PRDSgQ8FxY+Sasw=
Subject key identifier: 78:3F:B8:CC:96:F4:ED:23:B9:F3:E2:15:5C:D9:05:B9:03:C0:55:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 045EE1C15889D268C5B73757CF5F5FC50F73BBB8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Fri 24 Jan 2025 00:00:00 +0000
ROA not before: Fri 24 Jan 2025 00:00:00 +0000
ROA not after: Fri 28 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:5e:e1:c1:58:89:d2:68:c5:b7:37:57:cf:5f:5f:c5:0f:73:bb:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 24 00:00:00 2025 GMT
Not After : Feb 28 23:59:59 2025 GMT
Subject: serialNumber=db67c5243292e8d47248e85731616277ec318c26d7b05d2a812ad70da6f9f1e9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4d:4b:5d:39:89:c6:61:a6:55:23:1d:43:32:
55:98:5f:78:d6:25:69:f3:58:0d:91:63:44:8f:29:
11:81:93:b9:25:c0:e2:be:8a:d6:e6:48:b5:5c:81:
cf:4b:ca:26:b8:42:25:76:19:98:f2:1d:9f:7b:79:
0e:ef:e9:97:35:d4:05:3c:35:bb:17:7a:6c:b7:5d:
cf:9c:a1:d9:f9:4f:f3:33:95:43:02:ad:de:eb:1a:
9e:30:2d:14:b4:e4:33:f2:bb:e0:89:f0:3d:0d:f5:
55:bc:97:0f:d3:73:2a:ed:a2:70:54:76:f8:8f:05:
35:9f:3e:be:11:04:b6:43:f1:f5:64:75:9a:71:5c:
84:7d:b5:cf:f8:25:36:76:ef:71:63:ea:6e:05:66:
c4:cb:2d:6b:ae:44:b5:5d:25:9c:57:34:4a:c0:38:
1d:23:93:e6:6d:a8:fa:1a:75:4e:00:51:69:b4:59:
6a:b3:45:5d:76:8d:75:23:b4:e7:02:09:4b:a5:84:
df:f4:f6:99:43:4b:80:ae:be:2d:d8:f5:58:35:2e:
1f:60:37:f5:74:93:5b:62:76:1c:65:c9:95:eb:32:
7b:2a:56:94:3a:04:b3:71:ee:08:d9:35:44:2d:de:
09:c9:63:54:50:4c:b5:80:19:d0:1c:dc:75:76:b3:
df:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3F:B8:CC:96:F4:ED:23:B9:F3:E2:15:5C:D9:05:B9:03:C0:55:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bf:0e:db:83:9b:8e:78:2c:5d:17:88:5b:43:83:e7:e9:e4:25:
b9:a7:ac:b8:d1:44:38:29:62:d6:86:4d:ea:f8:3d:a2:9d:96:
03:2d:9a:46:d7:50:35:a7:a7:e4:d1:81:e8:ee:bc:56:4e:77:
1b:02:10:42:cb:9e:23:ae:e4:a7:fd:6f:2b:f5:79:d4:32:d1:
ff:4e:c0:8c:14:33:26:26:d0:94:b2:71:09:3e:a2:8b:a7:46:
ac:f8:fe:2e:e2:c4:e0:b2:05:e4:e7:e6:91:86:48:ed:fe:9b:
a7:bb:84:e2:02:d8:21:97:2a:b0:cb:b4:6b:9e:59:98:fa:08:
b3:b0:ce:e0:3c:08:34:74:00:c7:43:38:d6:0e:22:a7:83:db:
fd:f0:38:79:0d:72:8e:76:8a:fd:c2:f1:5e:f6:d9:dc:bb:7f:
55:4e:c2:9e:4c:8e:11:55:7d:84:98:2d:fb:f5:68:6c:e3:25:
da:95:e2:99:99:3c:d8:b6:3e:9b:1c:99:02:be:0b:bc:6e:67:
bd:d7:60:1a:14:cb:02:f5:a8:51:c5:b1:9b:8b:90:c5:47:7c:
91:d0:91:4f:7c:ed:e1:b7:db:e6:3f:a7:dd:a4:22:46:40:3a:
b3:26:f5:f4:26:86:3c:95:4e:61:70:5f:c8:f1:3a:81:6f:e4:
4d:b3:75:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBF7hwViJ0mjFtzdXz19fxQ9zu7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMjQwMDAwMDBaFw0yNTAyMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNjdjNTI0MzI5MmU4ZDQ3MjQ4ZTg1NzMxNjE2Mjc3ZWMzMThjMjZkN2Iw
NWQyYTgxMmFkNzBkYTZmOWYxZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpNS105icZhplUjHUMyVZhfeNYlafNYDZFjRI8pEYGTuSXA4r6K1uZItVyB
z0vKJrhCJXYZmPIdn3t5Du/plzXUBTw1uxd6bLddz5yh2flP8zOVQwKt3usanjAt
FLTkM/K74InwPQ31VbyXD9NzKu2icFR2+I8FNZ8+vhEEtkPx9WR1mnFchH21z/gl
NnbvcWPqbgVmxMsta65EtV0lnFc0SsA4HSOT5m2o+hp1TgBRabRZarNFXXaNdSO0
5wIJS6WE3/T2mUNLgK6+Ldj1WDUuH2A39XSTW2J2HGXJlesyeypWlDoEs3HuCNk1
RC3eCcljVFBMtYAZ0BzcdXaz34kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4P7jM
lvTtI7nz4hVc2QW5A8BVhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQC/DtuDm454LF0XiFtDg+fp5CW5p6y40UQ4KWLWhk3q
+D2inZYDLZpG11A1p6fk0YHo7rxWTncbAhBCy54jruSn/W8r9XnUMtH/TsCMFDMm
JtCUsnEJPqKLp0as+P4u4sTgsgXk5+aRhkjt/punu4TiAtghlyqwy7RrnlmY+giz
sM7gPAg0dADHQzjWDiKng9v98Dh5DXKOdor9wvFe9tncu39VTsKeTI4RVX2EmC37
9Whs4yXaleKZmTzYtj6bHJkCvgu8bme912AaFMsC9ahRxbGbi5DFR3yR0JFPfO3h
t9vmP6fdpCJGQDqzJvX0JoY8lU5hcF/I8TqBb+RNs3Vg
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:22:09 2025 by rpki-client