Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
File: 4dc4706c-5c38-4195-b396-c038125e8874.roa (raw, json)
Hash identifier: z0w1t+ISqdF48ScVBquzqW8AFLR7HjC1i0XRT+iYbU0=
Subject key identifier: 6F:C2:72:63:CA:CF:EF:B6:F2:B3:B1:0D:CE:66:1B:F6:A8:F1:44:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BFC64E91C2E1B9CB3EA9B961AEA6EAAA09FA751
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:fc:64:e9:1c:2e:1b:9c:b3:ea:9b:96:1a:ea:6e:aa:a0:9f:a7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:04:ec:f6:43:22:21:4b:27:7f:c5:89:31:fb:
19:50:09:75:8e:f7:4f:75:e4:c7:0d:3b:1e:f6:2c:
e3:17:b0:af:d6:8a:98:d9:6c:4a:72:1b:bb:ba:a9:
af:fa:88:d3:14:b9:98:f8:9e:f5:be:b6:cb:be:02:
31:28:b0:8f:ea:9f:41:ad:fe:a9:40:7c:56:66:57:
47:a5:73:23:af:7a:d2:b7:ad:7c:99:8c:8d:04:e3:
fd:9d:c2:01:94:94:05:73:51:c0:fa:44:a1:de:9c:
c9:2d:c9:89:43:69:37:79:a5:ab:dd:8d:d0:13:37:
82:63:b6:0a:71:72:f6:ce:e1:61:a5:08:4d:7a:05:
e7:e1:6e:d6:9b:38:3c:50:94:b6:7d:2d:89:55:0e:
68:9a:af:40:e3:a2:4b:5f:a6:1b:32:7f:7c:8c:e4:
bc:02:20:34:2c:71:8a:4a:91:df:ae:d8:80:83:23:
21:71:41:a6:fa:35:f8:97:90:67:0b:2f:91:b6:d9:
12:06:90:c6:9a:5a:68:4e:1b:e3:46:6f:cf:d4:f0:
5a:62:03:3a:6c:17:fb:77:df:a1:09:d0:75:76:7e:
61:f7:8e:12:0d:d4:ce:1e:ec:8b:4c:99:da:5b:41:
1f:96:e2:4e:6b:29:7e:bd:2e:bb:76:6a:af:05:c3:
fa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C2:72:63:CA:CF:EF:B6:F2:B3:B1:0D:CE:66:1B:F6:A8:F1:44:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:7b:84:09:9e:8e:98:af:4a:c8:2b:90:07:f8:9e:15:90:77:
5c:e5:b4:ce:60:c9:1a:12:70:f9:e5:27:a0:1d:12:17:95:31:
e7:6e:c4:3f:2a:4d:51:6e:33:3e:dd:a0:16:d2:29:10:be:1a:
d3:84:09:42:5b:9f:38:73:82:9e:db:ce:b9:52:a2:8e:59:e0:
df:d9:6e:ff:b6:07:20:3a:f2:2c:70:a1:05:5d:72:6d:8f:e2:
b7:76:99:f6:29:42:88:db:30:ea:37:b2:34:8f:ff:4c:60:4e:
73:8b:fc:c7:1c:55:46:96:3a:5b:77:1d:c1:93:ec:a2:2a:31:
12:ae:10:3b:c5:99:16:f5:f0:58:1e:e7:a2:e4:a5:cb:88:63:
15:62:36:a3:43:07:25:d9:38:35:2c:27:54:14:22:54:49:2a:
69:32:eb:e2:a8:c4:77:bf:f5:8f:d2:dc:84:de:28:eb:cb:8b:
44:55:5c:ca:90:75:3e:22:1c:cc:d3:1b:ad:5e:ba:12:77:ac:
af:a6:17:e8:2f:4a:d1:07:12:64:1d:f5:75:24:55:b0:f6:6a:
12:88:1d:c0:b1:2c:de:67:a7:57:73:6d:24:69:05:66:14:4f:
c5:2d:09:9d:d8:a1:d6:88:e4:bc:56:1f:3a:09:db:a3:e1:e4:
6a:9a:c4:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS/xk6RwuG5yz6puWGupuqqCfp1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4NzAyZjM5MWNkZWU0M2VlNGZmZDA1YzgzNDYxNTYyZTAxMDk1ZWRkYmYz
NDMxNTY5MDUwYzg1NWI4NDczYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEE7PZDIiFLJ3/FiTH7GVAJdY73T3Xkxw07HvYs4xewr9aKmNlsSnIbu7qp
r/qI0xS5mPie9b62y74CMSiwj+qfQa3+qUB8VmZXR6VzI6960retfJmMjQTj/Z3C
AZSUBXNRwPpEod6cyS3JiUNpN3mlq92N0BM3gmO2CnFy9s7hYaUITXoF5+Fu1ps4
PFCUtn0tiVUOaJqvQOOiS1+mGzJ/fIzkvAIgNCxxikqR367YgIMjIXFBpvo1+JeQ
ZwsvkbbZEgaQxppaaE4b40Zvz9TwWmIDOmwX+3ffoQnQdXZ+YfeOEg3Uzh7si0yZ
2ltBH5biTmspfr0uu3ZqrwXD+osCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRvwnJj
ys/vtvKzsQ3OZhv2qPFEcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGRjNDcwNmMtNWMzOC00MTk1LWIzOTYtYzAzODEyNWU4ODc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQDGe4QJno6Yr0rIK5AH+J4VkHdc5bTOYMkaEnD55Seg
HRIXlTHnbsQ/Kk1RbjM+3aAW0ikQvhrThAlCW584c4Ke2865UqKOWeDf2W7/tgcg
OvIscKEFXXJtj+K3dpn2KUKI2zDqN7I0j/9MYE5zi/zHHFVGljpbdx3Bk+yiKjES
rhA7xZkW9fBYHuei5KXLiGMVYjajQwcl2Tg1LCdUFCJUSSppMuviqMR3v/WP0tyE
3ijry4tEVVzKkHU+IhzM0xutXroSd6yvphfoL0rRBxJkHfV1JFWw9moSiB3AsSze
Z6dXc20kaQVmFE/FLQmd2KHWiOS8Vh86Cduj4eRqmsT7
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:16:01 2025 by rpki-client