Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: Ldnr51URhhx5Xa3pgK6Izf0MM1u3VoNIcOiygOTNnkU=
Subject key identifier: 79:85:D5:D8:66:94:FB:64:79:35:97:55:E4:FC:F2:D6:2A:13:E6:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2799B9ED325392CE3E87F102D03921C58A49673F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Wed 05 Mar 2025 17:51:39 +0000
ROA not before: Wed 05 Mar 2025 17:51:39 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:99:b9:ed:32:53:92:ce:3e:87:f1:02:d0:39:21:c5:8a:49:67:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:39 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:ab:44:15:ce:5d:d3:5b:a7:30:f7:be:87:
05:74:22:05:3d:79:6e:3c:eb:fb:7c:f9:5f:63:24:
20:a2:db:0d:0d:47:b3:d1:c3:02:78:dc:8c:1e:0a:
e1:69:e9:c9:cd:b2:4f:3f:90:53:05:63:30:75:50:
6a:c5:b3:be:8f:e0:09:f2:22:b5:85:ff:d7:b0:b1:
84:b5:f5:77:5b:24:e0:8b:06:be:0e:b5:55:b4:c0:
a4:97:c7:15:9e:5a:60:7c:7a:1e:36:ca:af:57:24:
2c:94:e5:36:c1:cd:b4:91:56:a3:c4:ca:9d:d0:3e:
ab:34:00:f0:00:4d:f4:24:7c:7a:01:5b:c3:7f:c5:
9d:04:d7:7d:ea:23:8b:15:03:cf:cb:89:55:4a:31:
8c:4c:2f:68:33:25:ba:2b:a7:2c:71:4e:8e:34:43:
5b:2e:2c:ae:12:55:7c:f4:30:47:66:49:01:53:be:
05:96:21:39:73:29:bd:87:48:10:3c:83:14:f5:4a:
ba:7b:f7:51:c4:90:17:dc:b4:e4:08:a6:0f:cd:66:
be:bf:77:b0:75:bb:58:65:af:3c:10:7d:dd:82:3b:
11:c5:00:ec:9c:f3:6e:5f:bb:b1:71:6b:c4:69:67:
dc:74:82:ed:d7:5a:b9:f8:3c:91:e5:c8:9f:70:85:
f3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:85:D5:D8:66:94:FB:64:79:35:97:55:E4:FC:F2:D6:2A:13:E6:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
62:ce:49:22:71:d1:d3:d5:ed:3c:7b:3d:67:62:ce:aa:d4:7b:
c0:fe:26:6c:7d:63:70:19:a1:ad:73:7c:2d:3a:4f:fe:5c:c0:
7f:c3:69:4b:17:b7:74:e5:84:45:19:9a:54:e2:a0:5e:c1:9d:
2c:12:af:5d:af:f9:19:50:c8:85:54:24:28:6b:5f:b5:27:56:
89:e2:9e:f7:63:1f:c9:b2:68:3e:48:33:10:86:5f:bb:21:a3:
e6:f3:10:a7:58:db:c6:73:26:fd:74:7d:06:a2:61:55:72:13:
d1:15:6e:8a:c1:05:61:39:7c:79:db:04:53:40:c2:8a:ca:00:
d1:24:46:ce:b2:ed:91:49:99:2e:27:aa:32:80:a1:e2:a3:62:
6b:de:9c:31:ef:50:e1:c3:bc:b2:a7:f0:c3:95:4a:4d:56:c9:
cf:e7:bc:11:22:e8:23:a6:7f:40:b5:f0:2a:d0:17:67:42:c9:
c8:30:f5:82:17:7b:d0:cc:fb:41:60:a3:14:55:c6:06:80:65:
89:dc:6d:da:0b:da:14:4c:cf:11:c5:54:c8:1b:bf:4f:bd:0a:
54:77:80:57:3a:62:a1:91:9a:6b:40:ae:08:27:5e:8a:8b:95:
ae:c2:ce:2a:a7:e3:99:a9:94:6f:07:24:94:e6:8c:a2:f7:24:
61:5b:fe:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ5m57TJTks4+h/EC0DkhxYpJZz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMzlaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ZmJiM2Y3YzA1MDkwZDVlNmE5ZGU1YzNlYTE2NzJlNTU0YmE2NWY2ODMy
OTkxMDQ4ZjI0NDliNmQzMmFkZGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrKq0QVzl3TW6cw976HBXQiBT15bjzr+3z5X2MkIKLbDQ1Hs9HDAnjcjB4K
4Wnpyc2yTz+QUwVjMHVQasWzvo/gCfIitYX/17CxhLX1d1sk4IsGvg61VbTApJfH
FZ5aYHx6HjbKr1ckLJTlNsHNtJFWo8TKndA+qzQA8ABN9CR8egFbw3/FnQTXfeoj
ixUDz8uJVUoxjEwvaDMluiunLHFOjjRDWy4srhJVfPQwR2ZJAVO+BZYhOXMpvYdI
EDyDFPVKunv3UcSQF9y05AimD81mvr93sHW7WGWvPBB93YI7EcUA7Jzzbl+7sXFr
xGln3HSC7ddaufg8keXIn3CF86MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5hdXY
ZpT7ZHk1l1Xk/PLWKhPmWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQBizkkicdHT1e08ez1nYs6q1HvA/iZsfWNwGaGtc3wt
Ok/+XMB/w2lLF7d05YRFGZpU4qBewZ0sEq9dr/kZUMiFVCQoa1+1J1aJ4p73Yx/J
smg+SDMQhl+7IaPm8xCnWNvGcyb9dH0GomFVchPRFW6KwQVhOXx52wRTQMKKygDR
JEbOsu2RSZkuJ6oygKHio2Jr3pwx71Dhw7yyp/DDlUpNVsnP57wRIugjpn9AtfAq
0BdnQsnIMPWCF3vQzPtBYKMUVcYGgGWJ3G3aC9oUTM8RxVTIG79PvQpUd4BXOmKh
kZprQK4IJ16Ki5Wuws4qp+OZqZRvBySU5oyi9yRhW/5w
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:29 2025 by rpki-client