Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
File: 27a797e0-d86a-4e56-8092-d84689502090.roa (raw, json)
Hash identifier: REWQCbJK6scw3c/FkD4p2wOjSiGzlisCSwsEIuFSkU8=
Subject key identifier: 22:C8:D4:DE:82:34:C9:AD:9B:60:0A:DA:75:1A:B8:8B:5D:66:E7:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 196601CA50B125DF5567E312C88B9F079EF6660F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
Signing time: Mon 09 Dec 2024 00:00:00 +0000
ROA not before: Mon 09 Dec 2024 00:00:00 +0000
ROA not after: Mon 13 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:66:01:ca:50:b1:25:df:55:67:e3:12:c8:8b:9f:07:9e:f6:66:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 9 00:00:00 2024 GMT
Not After : Jan 13 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:32:4d:8e:b8:b7:8d:0e:5a:95:60:95:43:
90:3f:41:81:92:93:fb:a5:ea:09:e7:d7:15:ed:5a:
07:ab:00:25:b2:5c:99:b9:df:5c:a6:fc:c8:76:47:
be:5f:f1:dc:73:aa:9c:18:a4:56:91:13:91:5f:40:
c5:02:6b:1f:bc:10:6f:81:a4:d3:32:bb:b0:38:07:
9c:43:6d:ef:6f:16:57:38:65:0f:27:68:49:df:80:
5e:fe:a0:00:04:c4:c7:5e:d9:d0:bc:71:6c:7c:83:
eb:1e:a5:f0:cd:a4:fc:48:bb:5c:06:91:28:c5:40:
21:9e:92:15:98:e9:f7:07:8e:07:59:09:04:2e:d8:
6d:c4:e6:b4:c5:2b:cf:a4:61:0a:50:7f:ca:5e:06:
30:ad:92:ba:c6:70:f6:88:8f:55:b3:d1:0e:4f:38:
64:2d:fa:8c:44:04:a0:71:46:b1:91:64:c2:91:42:
e8:55:28:ee:6f:d9:1c:4c:dc:f6:58:00:43:01:d6:
bd:26:db:38:fc:b9:96:80:95:0d:a6:15:46:50:f2:
0c:3f:fe:84:4e:d8:6a:2b:b4:b9:59:8f:93:ac:8e:
f9:44:4e:b8:91:7b:42:40:5b:6f:e8:82:2d:78:31:
ed:22:a8:92:1b:45:24:13:d8:f2:c1:64:a5:45:ee:
2e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C8:D4:DE:82:34:C9:AD:9B:60:0A:DA:75:1A:B8:8B:5D:66:E7:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
b6:67:05:de:e7:54:24:ac:41:11:0e:7d:05:4b:ae:1e:34:04:
c3:b2:0c:b0:a2:7d:8e:23:a5:3a:41:f9:42:7f:a9:db:54:27:
ff:55:fe:a0:07:e1:ed:51:75:ef:a6:72:7d:4b:f8:4e:3c:b1:
d3:05:96:ff:4d:26:05:fa:f7:09:56:00:ce:cc:78:58:31:20:
bc:e9:ee:27:df:ad:77:57:5e:ff:45:ea:80:9e:0a:47:19:bf:
82:80:3a:47:48:d5:b7:df:a8:28:f2:5c:8c:89:e0:9b:6e:d4:
4b:f5:b0:40:fe:4a:95:ad:10:68:3d:07:f0:7e:16:1f:05:cd:
6b:d4:9f:6a:4e:de:91:c3:0b:3c:6b:31:71:89:87:e1:4a:21:
00:1b:88:f8:00:ca:05:c8:df:4a:d6:ed:d6:9e:20:71:ce:2f:
c0:ad:f3:ba:89:cc:8a:fe:c3:db:2d:87:9a:71:c6:c4:2d:ad:
b9:fd:8e:68:ac:7a:16:64:02:d5:f6:97:e4:68:01:1c:ef:1b:
81:71:25:e2:9e:c0:72:e5:e0:4c:ed:5c:5c:c8:87:69:71:60:
88:1b:ce:f6:69:74:a3:25:13:bc:8f:15:e4:d3:24:7f:15:65:
8d:78:3a:03:2b:4d:95:5a:6f:6f:01:fe:f1:32:a3:eb:af:4a:
c3:9a:40:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGWYBylCxJd9VZ+MSyIufB572Zg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDkwMDAwMDBaFw0yNTAxMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMjRiMzJmNGM1YjRjNzY1OTlmZDM4ZjRkZTczNDYwOTJiMDNhMTVmODhk
ZGUxZmFhZGVkM2VmZGIwNzg2ZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2QMk2OuLeNDlqVYJVDkD9BgZKT+6XqCefXFe1aB6sAJbJcmbnfXKb8yHZH
vl/x3HOqnBikVpETkV9AxQJrH7wQb4Gk0zK7sDgHnENt728WVzhlDydoSd+AXv6g
AATEx17Z0LxxbHyD6x6l8M2k/Ei7XAaRKMVAIZ6SFZjp9weOB1kJBC7YbcTmtMUr
z6RhClB/yl4GMK2SusZw9oiPVbPRDk84ZC36jEQEoHFGsZFkwpFC6FUo7m/ZHEzc
9lgAQwHWvSbbOPy5loCVDaYVRlDyDD/+hE7Yaiu0uVmPk6yO+UROuJF7QkBbb+iC
LXgx7SKokhtFJBPY8sFkpUXuLvUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQiyNTe
gjTJrZtgCtp1GriLXWbnOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjdhNzk3ZTAtZDg2YS00ZTU2LTgwOTItZDg0Njg5NTAyMDkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQC2ZwXe51QkrEERDn0FS64eNATDsgywon2OI6U6QflC
f6nbVCf/Vf6gB+HtUXXvpnJ9S/hOPLHTBZb/TSYF+vcJVgDOzHhYMSC86e4n3613
V17/ReqAngpHGb+CgDpHSNW336go8lyMieCbbtRL9bBA/kqVrRBoPQfwfhYfBc1r
1J9qTt6Rwws8azFxiYfhSiEAG4j4AMoFyN9K1u3WniBxzi/ArfO6icyK/sPbLYea
ccbELa25/Y5orHoWZALV9pfkaAEc7xuBcSXinsBy5eBM7VxcyIdpcWCIG872aXSj
JRO8jxXk0yR/FWWNeDoDK02VWm9vAf7xMqPrr0rDmkBd
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:16:40 2025 by rpki-client