Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
File: 1988904e-7fdf-4bdf-b594-825eb95caf68.roa (raw, json)
Hash identifier: g/f55yFvMJk2cg/VoHR+7WaaGwJeN2rvw/6WDm0ofHk=
Subject key identifier: 74:47:4A:56:70:E9:D9:69:E5:BB:41:4F:3B:1B:D4:F4:FE:C8:53:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6434C67400222537E37804C8345BA70B9145AAA2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:34:c6:74:00:22:25:37:e3:78:04:c8:34:5b:a7:0b:91:45:aa:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:e6:46:5a:6a:57:47:8d:cc:21:89:37:fd:
1a:14:63:ba:2c:85:54:7f:ac:88:8b:99:cd:80:3c:
b8:20:71:11:cb:95:16:91:bd:d1:48:71:18:48:61:
17:74:80:cb:e8:a8:28:f4:1f:82:b6:8e:72:7f:93:
1a:0d:e6:84:e7:c5:b7:b6:51:8f:ff:14:25:32:ca:
9c:58:f8:71:ea:2a:da:c6:00:4d:23:4e:df:5a:4b:
de:2f:ef:c4:4d:ed:7c:5e:d3:c8:b4:af:a6:c9:bf:
86:d8:bd:67:5d:82:2d:93:8f:f2:c9:3e:a3:6e:3f:
f8:16:bd:e0:84:ef:78:b4:10:5a:75:75:8c:6f:17:
67:26:ff:eb:34:93:fd:cd:20:da:60:ac:77:8f:68:
bc:31:23:c1:d2:67:d4:a0:d9:88:f6:2d:48:7e:50:
39:d1:8e:00:58:ee:7d:f6:0f:9a:ac:41:2c:de:76:
4a:5e:28:33:1d:16:81:65:d3:0a:25:07:11:09:04:
ae:cd:80:eb:15:5a:08:2a:2b:5f:40:08:7b:34:36:
92:01:f4:ba:64:8e:93:bd:d0:97:92:be:9f:18:25:
05:d3:d2:42:12:ff:f7:2d:fd:ea:60:9a:52:6f:92:
ab:e3:d3:ca:b0:55:17:5f:2a:3f:7a:55:39:b0:66:
c7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:47:4A:56:70:E9:D9:69:E5:BB:41:4F:3B:1B:D4:F4:FE:C8:53:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
26:10:65:58:e1:6d:a6:2d:86:a4:38:0d:5f:80:19:66:88:e3:
9c:76:bc:96:46:ed:02:55:bb:60:20:a8:20:30:a4:54:75:30:
0e:ad:16:2d:22:ae:52:af:56:f5:66:cd:3f:e7:de:63:4f:cb:
aa:07:4f:fb:37:ec:f0:c0:d9:f4:ab:f1:4e:7c:ff:b2:48:da:
ea:1e:de:fe:5c:05:95:05:0c:b7:83:8c:8e:85:fc:17:0c:da:
a7:51:62:c5:6a:cd:96:16:aa:55:e5:0f:50:03:af:de:34:f8:
56:3d:cd:34:00:f5:39:45:3b:51:c8:dd:d5:4b:6e:cd:50:7f:
d1:5a:d0:26:ba:f7:df:77:53:72:33:09:04:e3:3e:8a:a4:db:
fd:d3:d5:7f:92:c4:8f:85:61:0e:d8:bd:14:92:4e:6b:ba:68:
d2:a0:91:39:2a:70:70:e5:07:cb:16:8e:33:be:84:1b:bd:16:
5f:30:e1:a1:45:18:e6:a0:92:3d:f6:d4:a0:5e:01:88:2e:ba:
ab:35:85:7f:5c:97:e6:38:8c:2f:0d:de:6d:48:dc:ce:c7:55:
3d:2e:ac:aa:c3:ce:32:88:73:e3:f5:df:41:3f:1f:95:a8:6a:
7b:d2:b4:6e:13:4a:09:e8:f9:8d:e1:47:aa:f3:65:99:10:9a:
b9:02:72:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZDTGdAAiJTfjeATINFunC5FFqqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3ZGVmMWZiMWIxNzgyMWIxM2VhNjZlNmRmYmI4MjAxMGE3ZDAxOGQ4OGY0
MDc1NmYxZWNjMmI4YWNiNDQ2ODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlo5kZaaldHjcwhiTf9GhRjuiyFVH+siIuZzYA8uCBxEcuVFpG90UhxGEhh
F3SAy+ioKPQfgraOcn+TGg3mhOfFt7ZRj/8UJTLKnFj4ceoq2sYATSNO31pL3i/v
xE3tfF7TyLSvpsm/hti9Z12CLZOP8sk+o24/+Ba94ITveLQQWnV1jG8XZyb/6zST
/c0g2mCsd49ovDEjwdJn1KDZiPYtSH5QOdGOAFjuffYPmqxBLN52Sl4oMx0WgWXT
CiUHEQkErs2A6xVaCCorX0AIezQ2kgH0umSOk73Ql5K+nxglBdPSQhL/9y396mCa
Um+Sq+PTyrBVF18qP3pVObBmxzkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0R0pW
cOnZaeW7QU87G9T0/shTRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTk4ODkwNGUtN2ZkZi00YmRmLWI1OTQtODI1ZWI5NWNhZjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQAmEGVY4W2mLYakOA1fgBlmiOOcdryWRu0CVbtgIKgg
MKRUdTAOrRYtIq5Sr1b1Zs0/595jT8uqB0/7N+zwwNn0q/FOfP+ySNrqHt7+XAWV
BQy3g4yOhfwXDNqnUWLFas2WFqpV5Q9QA6/eNPhWPc00APU5RTtRyN3VS27NUH/R
WtAmuvffd1NyMwkE4z6KpNv909V/ksSPhWEO2L0Ukk5rumjSoJE5KnBw5QfLFo4z
voQbvRZfMOGhRRjmoJI99tSgXgGILrqrNYV/XJfmOIwvDd5tSNzOx1U9Lqyqw84y
iHPj9d9BPx+VqGp70rRuE0oJ6PmN4Ueq82WZEJq5AnLl
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:12:55 2025 by rpki-client