Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
File: 132c7518-dddd-4506-8c53-640411d8120f.roa (raw, json)
Hash identifier: SvRbZeJYrrd0wZxLb4l2jOzn52bMLD0viu9BndGj5cU=
Subject key identifier: F1:18:E5:44:BF:5A:E8:62:77:B2:EF:37:D1:AC:52:30:29:F1:D5:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 227963449ECA3B380393E16515AC233B9593E44F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:79:63:44:9e:ca:3b:38:03:93:e1:65:15:ac:23:3b:95:93:e4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b5:31:9b:28:c6:5e:4a:f3:61:c8:ec:99:d9:
ce:b7:04:b5:be:f2:b7:4b:02:d1:29:31:45:63:4c:
66:de:04:c2:b4:f1:b5:dc:b3:32:a8:9e:73:87:00:
5a:47:7e:0e:1f:fc:09:73:f5:8e:77:a1:17:c1:3e:
04:db:a9:8c:80:97:cd:8b:1b:10:33:f8:07:5f:cf:
d4:6d:41:e3:67:5a:d9:1e:e2:a9:ca:eb:3f:75:44:
88:e1:85:86:d7:20:c4:e5:bd:86:af:44:99:84:47:
6e:0b:dd:a7:0f:9f:2d:f8:57:73:00:39:06:d4:67:
75:b6:2e:75:55:90:00:ca:04:f1:39:c8:7f:5a:7c:
21:e3:98:c5:90:5d:d3:b5:1a:09:5b:26:59:e4:de:
2b:ee:83:a8:8f:10:12:4d:fb:77:dc:0b:71:aa:2d:
ad:76:14:a9:94:81:60:c2:39:f2:64:d8:7d:26:52:
09:fc:b8:4b:85:9d:3a:90:88:1b:aa:de:c4:15:63:
0b:2d:5c:ac:1f:af:21:f9:59:33:93:83:6b:46:d8:
d5:77:b5:d4:dd:4c:bd:9f:f5:31:cd:b6:29:79:7a:
1a:09:71:fc:3f:b6:0b:8d:e6:6d:27:d8:47:0a:83:
5b:e8:f6:8c:5a:9c:e1:ae:f4:d2:aa:e1:51:4e:a6:
dd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:18:E5:44:BF:5A:E8:62:77:B2:EF:37:D1:AC:52:30:29:F1:D5:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6a:ad:f2:80:e4:fe:43:dd:ad:6e:15:c1:7b:51:1d:13:15:78:
3a:f4:04:e0:fc:57:9f:86:ab:59:ea:20:aa:41:70:cd:fe:53:
bc:1d:e5:43:95:cb:c6:01:f5:c9:4c:7e:33:bd:f5:29:f2:7a:
c8:6b:10:3b:84:f9:66:b0:43:49:f2:83:7e:2b:52:95:9f:ef:
7c:a3:0a:90:7d:d2:09:30:29:dc:0d:20:3a:75:3e:74:93:01:
f4:39:d1:e8:d5:b9:8a:c0:52:bb:f3:a3:15:60:29:42:6d:d0:
cd:d4:50:24:8f:ee:55:03:cf:a3:07:81:b5:d4:98:70:26:cc:
65:85:8e:a3:8c:6c:c0:78:e5:96:88:95:4c:3b:36:1f:98:f6:
88:9a:ee:09:a9:87:1f:3a:2a:48:3c:ca:85:d5:72:07:c9:60:
44:df:d1:76:82:b4:30:e5:52:4c:f3:02:62:b1:c3:7e:1e:ca:
f5:c1:48:6b:90:cf:3f:f4:7d:49:e1:f1:ed:19:f7:88:cf:29:
53:01:eb:24:6b:0c:ca:a9:0a:0d:34:60:a3:26:73:88:6a:f8:
f6:0a:9c:31:7b:32:ad:45:2b:65:bd:04:f7:49:aa:40:2c:97:
e5:14:c9:a9:09:79:0a:08:39:ab:e2:a2:56:97:96:35:6b:3d:
ac:95:a4:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUInljRJ7KOzgDk+FlFawjO5WT5E8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2YzI3NjQzMzE4MjMzYTJlYjYxYTdhMGNjYzkzYzBhNzc2MmZlNzQ2NDJj
NDZlMTAyYmJiMjU3MDU5NTcxMzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm1MZsoxl5K82HI7JnZzrcEtb7yt0sC0SkxRWNMZt4EwrTxtdyzMqiec4cA
Wkd+Dh/8CXP1jnehF8E+BNupjICXzYsbEDP4B1/P1G1B42da2R7iqcrrP3VEiOGF
htcgxOW9hq9EmYRHbgvdpw+fLfhXcwA5BtRndbYudVWQAMoE8TnIf1p8IeOYxZBd
07UaCVsmWeTeK+6DqI8QEk37d9wLcaotrXYUqZSBYMI58mTYfSZSCfy4S4WdOpCI
G6rexBVjCy1crB+vIflZM5ODa0bY1Xe11N1MvZ/1Mc22KXl6Gglx/D+2C43mbSfY
RwqDW+j2jFqc4a700qrhUU6m3U0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTxGOVE
v1roYney7zfRrFIwKfHVUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTMyYzc1MTgtZGRkZC00NTA2LThjNTMtNjQwNDExZDgxMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBqrfKA5P5D3a1uFcF7UR0TFXg69ATg/FefhqtZ6iCq
QXDN/lO8HeVDlcvGAfXJTH4zvfUp8nrIaxA7hPlmsENJ8oN+K1KVn+98owqQfdIJ
MCncDSA6dT50kwH0OdHo1bmKwFK786MVYClCbdDN1FAkj+5VA8+jB4G11JhwJsxl
hY6jjGzAeOWWiJVMOzYfmPaImu4JqYcfOipIPMqF1XIHyWBE39F2grQw5VJM8wJi
scN+Hsr1wUhrkM8/9H1J4fHtGfeIzylTAeskawzKqQoNNGCjJnOIavj2CpwxezKt
RStlvQT3SapALJflFMmpCXkKCDmr4qJWl5Y1az2slaT9
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:48:32 2025 by rpki-client