Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
File: 1db20bc8-3bbe-45ae-975a-e89becd95e47.roa (raw, json)
Hash identifier: hiTTy3n6HAmUPloyYwA+fGUxfyWpDKjU/b4vr2o/dTU=
Subject key identifier: D3:3F:3A:B4:A9:19:AB:8C:2F:05:1F:20:1F:7D:F9:2A:2B:F7:88:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3CF2A011CC06D1980D5AD4B80F37D4028D27FF2A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:f2:a0:11:cc:06:d1:98:0d:5a:d4:b8:0f:37:d4:02:8d:27:ff:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:87:26:96:33:be:47:73:f0:ae:c4:92:df:f0:
79:6b:f9:a6:0c:c4:b6:99:cc:05:6a:4e:3a:74:95:
a7:71:63:62:23:c6:bd:f8:ce:4b:dc:cb:f5:57:59:
df:91:06:66:7c:b6:6c:4a:c4:90:38:8f:b3:76:dd:
2a:89:48:11:57:43:27:7c:9d:c3:67:90:ca:a5:61:
d9:94:6c:41:e0:c5:5d:65:30:81:44:bb:6a:0a:76:
9b:9f:49:b5:f3:33:66:de:7b:99:d9:c2:73:37:a2:
60:d2:99:bf:23:8c:aa:f3:8d:93:74:0c:cf:64:9f:
7d:05:28:8b:1e:f3:7f:00:a6:f8:d2:88:cc:60:27:
b1:27:7f:9a:bc:86:d2:bb:ea:fd:49:32:13:3c:10:
b0:81:34:dc:ec:c5:4d:ff:18:4f:0d:45:3f:40:e4:
bc:a4:7a:6b:db:0a:83:76:0b:c2:c5:98:37:44:c9:
d1:9e:b8:c8:2d:e8:c0:7b:74:2a:55:12:91:0f:fe:
ee:50:fb:fe:49:e2:06:7b:69:0d:d0:f5:c8:0b:e0:
40:bb:f0:15:f8:f9:e1:f2:88:0a:91:f0:30:c6:3d:
7a:85:1d:1e:3e:23:33:4a:5b:6f:02:29:fd:2c:3c:
db:e5:88:3b:34:84:07:42:3b:dc:28:50:ee:02:39:
69:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3F:3A:B4:A9:19:AB:8C:2F:05:1F:20:1F:7D:F9:2A:2B:F7:88:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
89:b5:77:63:a2:4d:01:4d:cd:45:cc:f9:c8:bf:6b:7f:98:bd:
6e:e9:fd:6f:7a:70:34:0f:5f:b2:ba:f8:65:b7:78:d8:e2:d2:
82:8d:36:a0:72:f9:de:c9:b4:0d:5b:0c:b5:b3:5c:d0:19:c6:
ba:08:97:31:f8:b9:b1:81:65:74:96:1e:eb:cb:ef:29:28:c4:
9e:b4:1a:21:de:2d:45:81:34:6b:44:1b:4d:a3:67:e2:10:37:
6d:88:2a:5c:73:4b:89:9b:1b:a2:01:48:19:bd:dc:e5:a0:bb:
63:5c:44:90:da:58:37:2d:19:eb:0c:fb:0a:cd:4e:50:81:6a:
3e:9d:71:94:bd:e0:7d:b7:32:53:26:c1:29:4c:13:ca:a3:5b:
0f:bb:c1:0b:32:81:5e:d2:cd:6c:dc:aa:c4:0b:77:26:d5:8d:
fa:de:63:0d:24:74:a7:1e:7b:3b:1b:8e:09:20:c5:12:7c:7c:
5d:2a:09:f5:bc:b8:69:c8:c9:2f:c9:b6:20:8e:a4:09:66:ec:
d2:4d:26:e1:82:24:38:7d:4a:fc:19:40:26:bd:df:e3:aa:67:
39:ff:b1:e1:bd:75:73:ce:dc:00:16:0c:b6:6a:68:2b:f8:1b:
7e:db:3f:a8:2d:b5:99:ad:bc:b9:f4:de:20:4f:dd:a3:87:87:
58:62:d9:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPPKgEcwG0ZgNWtS4DzfUAo0n/yowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjUwMDAwMDBaFw0yNDEyMzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNTEzOTA3ZjAzODMxNzRiYTg2MWFjNTc4MjRmNWM2OGY4MjZmYmY5YWY5
ZGRlYzllZTMwODMxNzhjNTkyZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKHJpYzvkdz8K7Ekt/weWv5pgzEtpnMBWpOOnSVp3FjYiPGvfjOS9zL9VdZ
35EGZny2bErEkDiPs3bdKolIEVdDJ3ydw2eQyqVh2ZRsQeDFXWUwgUS7agp2m59J
tfMzZt57mdnCczeiYNKZvyOMqvONk3QMz2SffQUoix7zfwCm+NKIzGAnsSd/mryG
0rvq/UkyEzwQsIE03OzFTf8YTw1FP0DkvKR6a9sKg3YLwsWYN0TJ0Z64yC3owHt0
KlUSkQ/+7lD7/kniBntpDdD1yAvgQLvwFfj54fKICpHwMMY9eoUdHj4jM0pbbwIp
/Sw82+WIOzSEB0I73ChQ7gI5aeECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTTPzq0
qRmrjC8FHyAfffkqK/eIDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRiMjBiYzgtM2JiZS00NWFlLTk3NWEtZTg5YmVjZDk1ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCJtXdjok0BTc1FzPnIv2t/mL1u6f1venA0D1+yuvhl
t3jY4tKCjTagcvneybQNWwy1s1zQGca6CJcx+LmxgWV0lh7ry+8pKMSetBoh3i1F
gTRrRBtNo2fiEDdtiCpcc0uJmxuiAUgZvdzloLtjXESQ2lg3LRnrDPsKzU5QgWo+
nXGUveB9tzJTJsEpTBPKo1sPu8ELMoFe0s1s3KrEC3cm1Y363mMNJHSnHns7G44J
IMUSfHxdKgn1vLhpyMkvybYgjqQJZuzSTSbhgiQ4fUr8GUAmvd/jqmc5/7HhvXVz
ztwAFgy2amgr+Bt+2z+oLbWZrby59N4gT92jh4dYYtmK
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:39:25 2025 by rpki-client