Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
File: 5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa (raw, json)
Hash identifier: vY6+CMXen1Fao6rJQs8RtJCRp8kdliItGQkaWhbxQqk=
Subject key identifier: 4D:2E:7F:3A:14:0E:EE:30:87:62:61:79:D7:9C:03:59:86:67:8C:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FC90F8E27155BD900612DCD6D33A83F0F6063B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:c9:0f:8e:27:15:5b:d9:00:61:2d:cd:6d:33:a8:3f:0f:60:63:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:90:a2:a3:db:ed:e2:5b:2a:f4:a6:20:47:
0f:c1:c1:1c:98:2c:b5:df:2e:fe:f9:88:3b:a5:e6:
1c:60:be:45:03:dd:94:1a:ee:e9:c2:c4:9d:28:f4:
70:d3:46:d7:bd:0a:f8:cb:7f:44:2e:bb:c1:0b:6b:
ca:84:7a:03:c1:e4:09:58:51:bf:b5:23:d4:35:f7:
69:c1:b9:77:7b:80:da:b2:62:95:b6:ce:4a:2f:2f:
85:52:9b:e4:28:40:64:26:1d:38:55:11:1e:b6:3f:
c0:f6:0b:f5:17:1b:76:1f:ec:0a:c8:8f:9b:7e:c1:
d3:75:5c:b0:cb:23:07:94:f9:f0:0d:a0:a0:dc:2f:
47:65:ca:0e:69:0d:c9:ca:1f:86:92:63:39:d7:14:
1b:0d:f2:33:4d:9a:1b:a7:0b:4a:a5:68:84:36:7d:
b5:47:7a:9c:7d:8c:29:82:8b:21:49:ab:a6:08:bb:
df:01:e8:a6:a8:f1:7a:c6:8f:2c:fd:7a:01:8f:08:
58:91:8f:4f:1b:6b:1b:70:76:65:e8:24:f1:53:71:
2b:31:1e:ab:84:39:02:20:0a:d3:2f:c0:e9:aa:cc:
4a:cc:ab:20:da:2a:92:76:3a:6d:21:9d:0a:4a:a4:
1a:65:e4:ea:b9:37:62:3f:94:7f:2c:e3:96:ee:d2:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2E:7F:3A:14:0E:EE:30:87:62:61:79:D7:9C:03:59:86:67:8C:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9e:43:d9:c4:f0:8e:a1:58:16:67:92:db:46:6b:c4:a8:3c:67:
aa:73:0a:ac:a8:ff:a1:40:48:c4:74:f6:90:80:88:29:90:c3:
28:c8:19:39:f1:a6:00:6e:cb:f9:90:d4:f3:3d:c3:4d:ea:30:
da:0b:4d:3b:9b:ea:64:fb:36:76:e4:91:b3:4b:e6:fe:65:81:
ef:b9:14:2e:e1:4e:67:53:b6:df:cf:24:3b:3c:bd:d7:cc:43:
42:cd:eb:e4:b5:1f:68:0b:34:34:11:bb:0d:8f:3a:9c:d7:df:
de:fa:86:82:36:ce:50:55:7b:05:4d:01:47:65:12:9c:8d:42:
67:40:c4:02:f2:b1:0f:95:44:9c:d2:76:57:b8:b1:96:5b:d2:
87:af:83:25:14:3c:e1:48:e6:f3:ad:e0:18:9b:77:60:89:72:
12:41:fb:f1:5a:68:64:eb:7b:9f:21:d7:5f:65:d9:3b:18:6b:
f7:3c:e2:c4:b8:28:ff:a1:06:4c:41:4e:5d:38:94:78:6b:6d:
7d:9b:5f:4d:c1:42:63:5c:ff:e3:aa:b8:3d:c8:98:ce:33:04:
09:c2:49:22:90:75:57:69:f5:e4:f7:db:c0:2a:ac:38:a2:b3:
96:b1:d2:4e:a4:a0:5e:c2:a2:4b:2e:8e:f1:28:2b:e4:4d:05:
27:7f:6b:05
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb8kPjicVW9kAYS3NbTOoPw9gY7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MjNjNGQ5ZDZhNzlmODVmZTAwMjVlZjZhNTI2ZWVjZmZmODIzYmMwNTNi
ZGVhZGZiMjhjNGZhMThhMDFiYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcKkKKj2+3iWyr0piBHD8HBHJgstd8u/vmIO6XmHGC+RQPdlBru6cLEnSj0
cNNG170K+Mt/RC67wQtryoR6A8HkCVhRv7Uj1DX3acG5d3uA2rJilbbOSi8vhVKb
5ChAZCYdOFURHrY/wPYL9Rcbdh/sCsiPm37B03VcsMsjB5T58A2goNwvR2XKDmkN
ycofhpJjOdcUGw3yM02aG6cLSqVohDZ9tUd6nH2MKYKLIUmrpgi73wHopqjxesaP
LP16AY8IWJGPTxtrG3B2Zegk8VNxKzEeq4Q5AiAK0y/A6arMSsyrINoqknY6bSGd
CkqkGmXk6rk3Yj+Ufyzjlu7SyI8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRNLn86
FA7uMIdiYXnXnANZhmeMiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTAzOGQ0ZWEtOGJiMS00NTY2LTk3NzgtNWRmY2VhZWIzNjA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCeQ9nE8I6hWBZnkttGa8SoPGeqcwqsqP+hQEjEdPaQ
gIgpkMMoyBk58aYAbsv5kNTzPcNN6jDaC007m+pk+zZ25JGzS+b+ZYHvuRQu4U5n
U7bfzyQ7PL3XzENCzevktR9oCzQ0EbsNjzqc19/e+oaCNs5QVXsFTQFHZRKcjUJn
QMQC8rEPlUSc0nZXuLGWW9KHr4MlFDzhSObzreAYm3dgiXISQfvxWmhk63ufIddf
Zdk7GGv3POLEuCj/oQZMQU5dOJR4a219m19NwUJjXP/jqrg9yJjOMwQJwkkikHVX
afXk99vAKqw4orOWsdJOpKBewqJLLo7xKCvkTQUnf2sF
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:49:41 2025 by rpki-client