Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
File: 1e6895c8-ee33-4049-8388-c6ac073195e9.roa (raw, json)
Hash identifier: YRhdG22epabyGpGLExJSd3G+Ai+ankrvPfXdK551M1o=
Subject key identifier: 09:DB:62:DB:39:E2:8A:CC:88:69:69:94:6C:7A:FD:5B:08:EB:F4:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3191B7379E3BCC3EA7451016181B28CE77AC2F86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:91:b7:37:9e:3b:cc:3e:a7:45:10:16:18:1b:28:ce:77:ac:2f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:40:a7:69:45:b2:d7:e9:37:fb:80:a5:51:d0:
3e:3f:94:1a:82:1b:ec:9b:62:74:cd:be:85:1d:fe:
4d:c5:d0:b6:18:35:bd:af:5a:64:f0:25:4d:36:3e:
c6:b0:cd:c3:70:0d:63:a5:d3:6c:47:8b:37:8e:69:
9c:29:1d:ad:bd:36:d8:54:93:5b:d3:42:a3:a2:c1:
83:c3:03:0c:39:e9:9f:e9:a7:b2:11:59:61:34:fe:
88:e6:53:bc:07:09:07:14:cd:28:3e:de:fa:68:86:
1d:8a:da:c2:f3:10:52:2f:26:97:40:a5:a8:67:96:
9c:33:90:16:71:74:5d:92:58:a2:00:11:9c:b5:0a:
83:23:3d:a7:b4:65:dd:ae:23:a2:00:f9:99:f3:23:
62:98:2e:65:86:64:65:9a:92:5f:dc:b9:61:be:1d:
26:a3:fe:d2:83:af:2f:ab:59:23:ca:d7:40:f0:0f:
9a:52:9c:19:f8:a3:15:c3:4f:f0:8a:94:a8:a0:7e:
23:56:48:4b:5c:a8:3d:54:f8:ce:99:2d:1d:0c:5c:
36:3f:89:3f:b9:96:41:96:81:ae:80:7c:8a:8d:d3:
36:00:a8:73:98:c6:63:e1:19:28:10:8d:6a:04:09:
96:19:8f:75:9c:4e:54:b5:00:b7:a1:76:ce:5d:a5:
33:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DB:62:DB:39:E2:8A:CC:88:69:69:94:6C:7A:FD:5B:08:EB:F4:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:f1:91:b4:77:e1:91:0e:21:59:47:4b:e4:17:74:1d:06:fd:
2a:72:30:2e:d4:56:a0:9c:90:cb:56:c1:ab:3d:99:72:59:46:
90:ea:45:59:d0:a1:68:5e:42:bf:9e:ed:7c:0e:b2:c6:cb:3e:
84:44:f8:a6:6d:80:06:61:48:ef:e7:d4:50:08:80:f7:fa:d5:
a2:4d:80:1e:43:dd:a9:b2:c7:45:7e:4a:b2:13:af:40:f3:a5:
4b:d6:fa:03:d4:42:f2:c2:85:01:7b:9b:ef:16:74:0f:c1:e4:
1a:22:51:b6:94:c9:ad:07:28:ea:98:93:e4:7e:3d:eb:17:6a:
45:cc:3c:77:5f:76:a1:89:55:23:8b:c9:a8:95:1a:7c:57:d2:
8d:37:2e:51:c6:35:9f:8a:5f:d4:51:30:1d:3b:02:cc:30:4d:
a0:4b:ab:87:e5:eb:77:05:33:55:9f:6a:59:fb:5a:9d:cc:12:
62:bb:2c:b9:2a:0b:57:55:b9:6a:c0:62:de:75:ca:f0:63:a0:
6a:27:c7:e5:b3:de:1e:23:fc:73:cf:c3:3a:1b:a4:3d:72:6f:
1f:e9:75:13:01:f4:27:8b:60:c4:35:35:92:d5:fb:b7:11:cf:
13:28:fb:e1:47:34:d8:3e:c6:be:b5:7a:fb:79:fb:c2:09:d6:
47:e2:37:f9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMZG3N547zD6nRRAWGBsoznesL4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYjMxNGUzMGI5YzhlZGE5ZWQ3MmZkZmVkZWUwNjMyYzU4ZjA1ODk2MGQ5
Y2E2M2EzYjg3MmQ1OGY5MzUxM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFAp2lFstfpN/uApVHQPj+UGoIb7JtidM2+hR3+TcXQthg1va9aZPAlTTY+
xrDNw3ANY6XTbEeLN45pnCkdrb022FSTW9NCo6LBg8MDDDnpn+mnshFZYTT+iOZT
vAcJBxTNKD7e+miGHYrawvMQUi8ml0ClqGeWnDOQFnF0XZJYogARnLUKgyM9p7Rl
3a4jogD5mfMjYpguZYZkZZqSX9y5Yb4dJqP+0oOvL6tZI8rXQPAPmlKcGfijFcNP
8IqUqKB+I1ZIS1yoPVT4zpktHQxcNj+JP7mWQZaBroB8io3TNgCoc5jGY+EZKBCN
agQJlhmPdZxOVLUAt6F2zl2lM6cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJ22Lb
OeKKzIhpaZRsev1bCOv0JTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU2ODk1YzgtZWUzMy00MDQ5LTgzODgtYzZhYzA3MzE5NWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQAw8ZG0d+GRDiFZR0vkF3QdBv0qcjAu1FagnJDLVsGr
PZlyWUaQ6kVZ0KFoXkK/nu18DrLGyz6ERPimbYAGYUjv59RQCID3+tWiTYAeQ92p
ssdFfkqyE69A86VL1voD1ELywoUBe5vvFnQPweQaIlG2lMmtByjqmJPkfj3rF2pF
zDx3X3ahiVUji8molRp8V9KNNy5RxjWfil/UUTAdOwLMME2gS6uH5et3BTNVn2pZ
+1qdzBJiuyy5KgtXVblqwGLedcrwY6BqJ8fls94eI/xzz8M6G6Q9cm8f6XUTAfQn
i2DENTWS1fu3Ec8TKPvhRzTYPsa+tXr7efvCCdZH4jf5
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:36:01 2025 by rpki-client