Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
File: 156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa (raw, json)
Hash identifier: /rA7FlQwD2glq/LECRc8qQCIIXByc9/JaGaF0mvMBGU=
Subject key identifier: 5D:6E:00:36:36:E9:2C:74:37:F5:89:24:20:C8:09:84:BC:8B:B6:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3153B121EC338FFF5E61FA896FFEC9C463A11EF8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:53:b1:21:ec:33:8f:ff:5e:61:fa:89:6f:fe:c9:c4:63:a1:1e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e5:54:61:3b:f8:70:20:b2:22:77:78:6d:1d:
12:98:01:5a:0f:d3:b5:83:06:df:20:34:1b:66:ee:
30:18:53:88:fd:ac:41:8b:2c:1b:b5:87:ed:d1:2c:
a4:af:95:5b:87:5c:c6:4d:c8:c8:88:e1:95:3c:27:
0e:d9:ab:db:f5:cf:29:c2:ed:a4:93:c9:14:ad:d4:
74:87:d6:d1:d1:71:8b:28:a7:40:5f:aa:53:73:9f:
6d:19:17:ec:18:14:2f:a9:da:2c:20:41:d7:c6:29:
43:84:f7:50:cf:5e:9a:29:5d:f2:b5:08:45:41:a9:
c5:a4:1d:b1:03:22:65:44:23:49:c6:e5:4b:79:33:
71:69:ae:21:5d:14:24:9a:da:fb:6f:e3:33:75:ae:
04:da:0d:0b:c1:d6:cc:e2:b7:23:cf:8d:6c:e8:a9:
bf:54:c2:0c:0f:a1:58:7f:43:b0:5a:d1:05:6b:cc:
f2:25:5f:0f:c5:61:d5:b2:f7:7e:75:45:08:5f:7e:
3c:90:d6:48:a4:0b:3d:11:e5:cb:37:48:a5:19:1e:
c5:7b:ec:3e:b9:1b:97:5d:08:55:d7:dc:21:a4:51:
f0:7d:48:d6:e4:58:32:8c:6a:32:2e:0e:ab:5d:40:
e8:14:67:29:f3:b9:bb:f7:74:89:4a:74:13:09:0a:
ea:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6E:00:36:36:E9:2C:74:37:F5:89:24:20:C8:09:84:BC:8B:B6:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
b7:25:33:2c:b0:34:56:61:31:b1:18:fa:e7:37:5a:e3:83:78:
af:cf:ce:5a:02:d2:ff:37:78:eb:35:8b:ee:01:60:b3:a7:87:
1e:51:38:c4:d6:01:81:d6:94:67:7f:4e:63:2e:b3:9e:de:ee:
45:87:b3:19:65:06:04:f7:f3:64:7e:57:17:bd:46:b3:c4:a4:
b8:d2:76:57:c3:5b:3f:db:9d:91:25:bb:9a:62:d7:40:54:22:
c5:de:69:07:21:48:58:cb:78:a7:6b:61:b6:16:07:d3:bd:2b:
f8:47:62:0e:3f:7b:eb:c6:62:cd:fa:78:ce:d5:01:19:63:4d:
2c:00:04:9b:d6:24:c8:88:f7:81:d2:64:aa:d1:cf:f6:eb:e6:
21:39:8a:6a:c7:68:4c:1c:2f:15:74:8f:48:a9:50:d8:f9:56:
07:de:2f:0f:cd:6d:a3:9a:f9:ab:e1:b8:b1:5e:52:77:f2:a5:
8e:c0:82:07:c2:c0:b9:ae:2b:12:a7:88:3a:79:0c:48:c5:81:
9f:ac:35:52:14:1a:0e:71:e3:7d:93:a4:9b:1a:9b:26:bd:61:
ff:ec:93:f7:67:a2:d5:e3:d4:9c:20:1d:a2:ca:5e:cc:ba:97:
76:45:27:16:ea:bf:8d:ad:bf:db:ba:31:2c:24:15:6b:2f:6c:
af:51:99:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMVOxIewzj/9eYfqJb/7JxGOhHvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjUwMDAwMDBaFw0yNDEyMzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0MjdiZDZkYjZiOTI5MWI4MjgzZDYwNThlOTg0NTFkMTgyMjM4NDYwNTQ0
MjgwZTE0ZTZlM2M2NWYzMTYxMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPlVGE7+HAgsiJ3eG0dEpgBWg/TtYMG3yA0G2buMBhTiP2sQYssG7WH7dEs
pK+VW4dcxk3IyIjhlTwnDtmr2/XPKcLtpJPJFK3UdIfW0dFxiyinQF+qU3OfbRkX
7BgUL6naLCBB18YpQ4T3UM9emild8rUIRUGpxaQdsQMiZUQjScblS3kzcWmuIV0U
JJra+2/jM3WuBNoNC8HWzOK3I8+NbOipv1TCDA+hWH9DsFrRBWvM8iVfD8Vh1bL3
fnVFCF9+PJDWSKQLPRHlyzdIpRkexXvsPrkbl10IVdfcIaRR8H1I1uRYMoxqMi4O
q11A6BRnKfO5u/d0iUp0EwkK6p0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdbgA2
NuksdDf1iSQgyAmEvIu2UTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU2Y2I4YjctYjI1ZC00NGVkLThmN2EtNDRlNzQxMTU0YjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQC3JTMssDRWYTGxGPrnN1rjg3ivz85aAtL/N3jrNYvu
AWCzp4ceUTjE1gGB1pRnf05jLrOe3u5Fh7MZZQYE9/NkflcXvUazxKS40nZXw1s/
252RJbuaYtdAVCLF3mkHIUhYy3ina2G2FgfTvSv4R2IOP3vrxmLN+njO1QEZY00s
AASb1iTIiPeB0mSq0c/26+YhOYpqx2hMHC8VdI9IqVDY+VYH3i8PzW2jmvmr4bix
XlJ38qWOwIIHwsC5risSp4g6eQxIxYGfrDVSFBoOceN9k6SbGpsmvWH/7JP3Z6LV
49ScIB2iyl7Mupd2RScW6r+Nrb/bujEsJBVrL2yvUZk/
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:26:28 2025 by rpki-client