Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: 4/qfdNkmzJjHCTDFqhhgLQ+asDEBb1ILhE46rA/Bf34=
Subject key identifier: 5B:85:1B:EE:22:A5:53:80:C7:8E:29:EF:DB:DB:20:EC:7C:BC:CE:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51C8626CF2BC036B2FBB013215C5B0E8A4876079
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Mon 17 Mar 2025 15:40:45 +0000
ROA not before: Mon 17 Mar 2025 15:40:45 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c8:62:6c:f2:bc:03:6b:2f:bb:01:32:15:c5:b0:e8:a4:87:60:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:40:45 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:24:b8:cc:c6:e0:2e:c3:54:99:61:58:32:cd:
f6:8b:63:55:79:48:51:00:cd:5d:3b:bd:0b:f7:36:
f0:1a:d8:ee:9f:66:4b:71:8c:6f:f4:0e:7a:cb:7e:
27:52:20:5a:5d:b4:1e:f1:27:13:c8:a6:88:36:a6:
39:0d:fe:b9:45:b9:88:56:4b:30:2a:8f:16:2d:b6:
19:e5:63:75:11:f7:3b:26:3b:ee:08:ba:cf:e9:96:
96:3b:75:0b:71:b6:27:cb:15:bf:f0:72:03:21:00:
6f:fc:28:e8:51:43:ff:63:96:38:e0:ff:bc:3a:b5:
0c:c1:99:7f:32:3b:61:ad:31:c0:b1:33:fb:37:de:
67:20:fa:6a:d1:24:71:f0:72:1c:9e:c2:93:14:a3:
a5:33:79:e6:9f:84:3a:02:7c:33:73:51:29:a5:0a:
0b:83:d2:e2:51:74:a2:0c:8f:7d:5a:be:44:c8:66:
a8:75:23:df:75:2b:ee:fb:f8:e6:99:8d:e8:46:c5:
49:5d:8e:c1:42:ca:78:9e:59:97:66:a0:86:89:a3:
66:a0:6d:29:12:17:b4:65:41:1a:1b:a8:9c:c7:19:
38:49:0c:e5:db:35:67:7f:f5:e4:11:f8:a8:a4:9b:
83:e2:ad:f3:e1:a8:f8:e0:23:bf:53:ab:14:ee:9e:
5c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:85:1B:EE:22:A5:53:80:C7:8E:29:EF:DB:DB:20:EC:7C:BC:CE:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:09:b5:e3:50:1b:15:8e:f3:2c:21:be:60:77:52:6d:01:66:
57:34:d7:0a:7e:8e:83:e8:53:62:dc:30:1c:2f:c1:06:72:cd:
2b:99:95:6a:43:32:06:b7:ed:a0:a7:f1:95:ef:7b:d9:62:db:
44:de:30:10:6e:d6:a1:03:cc:58:34:57:24:ae:ef:7e:22:8d:
30:70:78:2a:5d:bd:31:61:1f:00:25:90:0c:b7:1d:d5:43:41:
92:72:22:03:7f:02:b3:9b:43:ed:e9:21:82:ef:c3:c2:c2:2c:
0f:73:52:58:2c:86:a6:a3:4b:5e:e3:b7:67:d5:94:95:55:ed:
76:af:f3:a6:2e:35:c1:63:ba:17:f8:8e:9c:af:fb:25:4a:71:
73:73:5a:5a:75:4a:53:33:59:f6:d8:0d:0b:d8:73:ac:13:ed:
89:be:93:1a:f4:ff:59:de:61:17:1a:66:e0:ec:55:dd:c6:cf:
c3:23:ca:63:dc:12:2a:e7:5f:c7:27:1f:b7:bd:f9:e5:44:74:
89:0f:75:c7:c9:48:a8:2e:fe:82:aa:06:a7:1d:28:b5:85:6f:
68:7d:72:de:20:7e:84:6f:b5:fa:a8:68:de:b5:4c:a0:a5:ea:
29:b3:b3:46:2b:7b:0f:54:51:9c:68:5b:0e:51:b6:e6:0e:27:
d6:bd:b9:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUchibPK8A2svuwEyFcWw6KSHYHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQwNDVaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMjlhMWU2ZTgyM2QzMmMzNTQxM2ZhOWQ4YjkxZDc5Mjg1ZjI4MzJkN2Ew
ZWM2YmQxZWMzOTA1ZmUwNTM3OTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIkuMzG4C7DVJlhWDLN9otjVXlIUQDNXTu9C/c28BrY7p9mS3GMb/QOest+
J1IgWl20HvEnE8imiDamOQ3+uUW5iFZLMCqPFi22GeVjdRH3OyY77gi6z+mWljt1
C3G2J8sVv/ByAyEAb/wo6FFD/2OWOOD/vDq1DMGZfzI7Ya0xwLEz+zfeZyD6atEk
cfByHJ7CkxSjpTN55p+EOgJ8M3NRKaUKC4PS4lF0ogyPfVq+RMhmqHUj33Ur7vv4
5pmN6EbFSV2OwULKeJ5Zl2aghomjZqBtKRIXtGVBGhuonMcZOEkM5ds1Z3/15BH4
qKSbg+Kt8+Go+OAjv1OrFO6eXE0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRbhRvu
IqVTgMeOKe/b2yDsfLzOPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAhCbXjUBsVjvMsIb5gd1JtAWZXNNcKfo6D6FNi3DAc
L8EGcs0rmZVqQzIGt+2gp/GV73vZYttE3jAQbtahA8xYNFckru9+Io0wcHgqXb0x
YR8AJZAMtx3VQ0GSciIDfwKzm0Pt6SGC78PCwiwPc1JYLIamo0te47dn1ZSVVe12
r/OmLjXBY7oX+I6cr/slSnFzc1padUpTM1n22A0L2HOsE+2JvpMa9P9Z3mEXGmbg
7FXdxs/DI8pj3BIq51/HJx+3vfnlRHSJD3XHyUioLv6CqganHSi1hW9ofXLeIH6E
b7X6qGjetUygpeops7NGK3sPVFGcaFsOUbbmDifWvbkn
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:17:15 2025 by rpki-client