Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
File: 297efebe-504f-4d63-8877-e5b94842e462.roa (raw, json)
Hash identifier: +3KjX+d7zwKuwcNvZi0fpxdz3OR7LwNLFas1cIGzgAs=
Subject key identifier: E2:A3:EA:8F:F8:8F:A8:19:00:DA:57:95:76:EE:2C:B1:46:F2:DF:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 358D83F6843BA16106CE7DA23618B3812B57E00E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:8d:83:f6:84:3b:a1:61:06:ce:7d:a2:36:18:b3:81:2b:57:e0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:a6:29:ea:a7:e6:46:c6:66:a3:f2:2b:f8:
45:52:7e:4a:b3:39:c1:80:78:2b:89:f0:bd:ea:45:
c5:ec:b6:b5:2b:5b:7a:71:ed:61:a8:1b:a4:d1:a8:
3a:67:66:74:c2:86:3f:85:c2:cc:78:e6:1a:fe:12:
aa:d2:ec:9a:ee:bd:62:d3:87:0e:16:ae:6d:ee:cf:
f6:dd:05:07:39:7d:b2:7a:9c:fc:98:1a:5f:3c:42:
5b:c1:1e:d8:84:3c:55:c7:f7:d5:a3:d3:d8:70:aa:
a2:62:c5:09:48:45:22:85:47:c1:2d:ca:b7:a0:a9:
b8:21:1f:d7:eb:82:49:8d:07:04:9d:3e:02:6e:d4:
62:3e:54:57:ca:e6:3e:1d:ee:c4:0f:61:e2:7d:84:
24:31:d5:a0:43:5c:4e:80:df:fc:ed:97:e8:3c:dd:
58:6e:00:5e:7f:a4:e7:ad:a5:e5:ad:05:03:d0:3a:
70:e7:b7:d0:02:ef:93:6b:db:6a:6e:b1:34:ba:90:
de:aa:45:e2:a7:2f:81:10:4d:fa:43:ee:5b:5b:01:
7c:7c:2d:40:45:65:60:fe:61:e2:4a:0b:d0:d4:f3:
03:2a:ef:a2:92:45:4b:5e:0a:85:34:45:24:06:37:
45:4f:38:d1:d9:ee:b7:32:a5:c0:dd:8f:46:80:53:
19:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A3:EA:8F:F8:8F:A8:19:00:DA:57:95:76:EE:2C:B1:46:F2:DF:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b5:e6:71:64:a2:7e:58:41:5f:55:92:7d:c2:cc:e0:2b:56:bb:
cb:23:fb:62:7f:57:cb:55:8c:7f:e2:b8:df:17:e8:bd:2a:89:
2b:fb:89:2b:47:0c:d4:ed:7b:44:90:3f:b9:e1:b3:22:2a:bb:
ca:21:1f:d3:88:62:29:7b:a7:58:05:b9:19:94:66:90:76:6f:
c2:09:77:d5:e2:10:0a:90:70:e7:df:58:c7:e1:34:75:5c:c3:
c9:d8:17:e1:ea:f1:8d:5a:55:f4:5f:c8:b3:77:c5:37:3a:20:
d3:8c:40:a5:b5:53:36:59:ea:60:5d:1d:ce:f8:0b:f8:6e:7d:
ee:04:29:60:77:c6:d5:7b:5a:64:26:00:0b:59:62:9f:ff:de:
6e:e3:fc:0c:52:19:61:24:26:8f:ac:a3:b5:dc:99:6e:cd:47:
c2:39:72:b0:76:55:a8:c2:af:35:ef:60:02:97:8f:8e:b9:bc:
83:7a:1d:53:98:9b:b7:8d:43:61:df:09:a0:a4:2b:ad:ef:53:
18:7b:f8:43:fb:85:d9:d1:8c:74:14:26:f3:2d:f3:a2:02:f4:
43:f1:68:eb:e0:7f:a4:f1:2f:d7:8f:a1:76:c8:07:04:26:7e:
ce:e6:c9:7e:7a:56:dd:6e:d8:51:5f:df:af:5a:d1:90:be:09:
6c:e7:3e:bd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNY2D9oQ7oWEGzn2iNhizgStX4A4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhN2MxYWQ2ZDdmM2I3MmQ4ZTlkM2M1NjAwNGYyNDBhNDE5ZDRhNjc5NmRm
ZDgwYmJlOTg5NGFlYmE4YjFkZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvfpinqp+ZGxmaj8iv4RVJ+SrM5wYB4K4nwvepFxey2tStbenHtYagbpNGo
OmdmdMKGP4XCzHjmGv4SqtLsmu69YtOHDhaube7P9t0FBzl9snqc/JgaXzxCW8Ee
2IQ8Vcf31aPT2HCqomLFCUhFIoVHwS3Kt6CpuCEf1+uCSY0HBJ0+Am7UYj5UV8rm
Ph3uxA9h4n2EJDHVoENcToDf/O2X6DzdWG4AXn+k562l5a0FA9A6cOe30ALvk2vb
am6xNLqQ3qpF4qcvgRBN+kPuW1sBfHwtQEVlYP5h4koL0NTzAyrvopJFS14KhTRF
JAY3RU840dnutzKlwN2PRoBTGXkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTio+qP
+I+oGQDaV5V27iyxRvLflTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjk3ZWZlYmUtNTA0Zi00ZDYzLTg4NzctZTViOTQ4NDJlNDYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQC15nFkon5YQV9Vkn3CzOArVrvLI/tif1fLVYx/4rjf
F+i9Kokr+4krRwzU7XtEkD+54bMiKrvKIR/TiGIpe6dYBbkZlGaQdm/CCXfV4hAK
kHDn31jH4TR1XMPJ2Bfh6vGNWlX0X8izd8U3OiDTjECltVM2WepgXR3O+Av4bn3u
BClgd8bVe1pkJgALWWKf/95u4/wMUhlhJCaPrKO13JluzUfCOXKwdlWowq8172AC
l4+OubyDeh1TmJu3jUNh3wmgpCut71MYe/hD+4XZ0Yx0FCbzLfOiAvRD8Wjr4H+k
8S/Xj6F2yAcEJn7O5sl+elbdbthRX9+vWtGQvgls5z69
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:34:52 2025 by rpki-client