Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
File: 51640291-7474-4374-9081-81d0d3d47792.roa (raw, json)
Hash identifier: 96iX68wzBUF12klDkXYREozBRjid1ipScZ5k0jjaV6I=
Subject key identifier: AF:A4:9A:60:68:D5:52:FD:85:DD:01:79:10:56:B7:A7:57:65:BD:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 677D09A8FDA88784CA7629598735FFD75B0E17E4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:7d:09:a8:fd:a8:87:84:ca:76:29:59:87:35:ff:d7:5b:0e:17:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:54:b3:8d:cb:87:af:cd:97:8d:c4:89:df:e9:
71:5e:4d:62:d5:09:75:09:59:45:ad:cc:bb:f7:72:
10:bb:27:f3:82:31:de:51:83:c0:7b:ca:07:aa:96:
a4:ca:a9:cb:e0:b3:4b:33:8c:a6:6a:59:7d:35:a8:
43:c5:d5:af:92:66:32:1c:55:2c:bd:c9:a2:59:a2:
61:77:df:d3:46:71:aa:1d:bc:e9:50:34:d8:d2:86:
fb:95:e8:fd:67:a5:73:a2:81:2b:9e:cd:22:60:f1:
d4:fb:bd:a2:41:bd:04:4c:9a:d0:3e:c6:55:cb:d0:
02:d3:eb:75:cb:c1:79:d1:b2:07:11:8d:c9:b8:8f:
9e:c4:e3:1a:80:94:a4:e3:28:ff:cc:10:2c:0c:81:
80:4a:e8:ca:85:64:7a:0a:fc:49:93:55:b3:74:78:
bb:37:f0:66:04:1b:b0:0b:3c:92:34:08:e5:fd:ff:
f1:9d:ed:8b:00:89:8f:09:17:b7:56:21:e4:7e:c0:
e9:a4:94:8d:f4:94:0d:45:66:a9:d8:a7:ed:8b:09:
84:eb:40:0a:c7:6d:7f:c8:63:13:4a:c6:63:42:85:
76:6d:b6:aa:51:3b:b4:d9:09:86:0c:cb:d8:ff:a3:
f4:a1:67:42:57:09:ea:5e:30:1c:ac:b5:67:01:73:
e7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A4:9A:60:68:D5:52:FD:85:DD:01:79:10:56:B7:A7:57:65:BD:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3f:44:52:ce:4d:52:06:68:b1:9e:24:19:29:82:0e:28:33:22:
ba:88:bd:05:6c:05:88:f6:9e:5a:40:fa:a3:6f:29:ce:92:4e:
1d:04:24:b0:74:13:6d:a8:dc:e5:ae:7f:b4:04:88:6f:35:f1:
fa:28:fc:33:f6:0d:82:03:25:72:89:9b:2f:8b:cf:a4:77:c7:
f6:a0:3b:1c:53:63:5d:ee:cc:28:d8:3c:6c:20:61:12:4b:7a:
92:20:44:c3:e9:9c:9b:94:f0:92:fb:7c:4b:99:e5:75:bb:1a:
d5:28:6a:41:d7:22:1a:f7:4a:37:08:a6:cc:68:3a:05:97:a3:
08:d6:a9:72:97:ba:91:19:f6:d1:d2:dc:bb:72:e4:a3:ce:69:
28:9f:6f:d2:7b:bd:71:0e:d7:67:d8:02:44:99:e7:e5:e4:30:
39:f8:8f:16:b6:cf:9c:f5:e1:06:46:08:c3:f9:47:89:80:66:
99:a1:48:4b:5c:53:32:0a:97:10:b6:56:93:cf:03:97:c7:35:
59:8b:e0:b1:4e:6e:9d:2a:70:39:f3:63:42:0d:1c:02:6f:f7:
b5:7f:e9:09:5f:b7:cc:c5:38:13:15:1b:59:1b:6b:9e:53:af:
dd:ad:88:66:f9:1b:6b:e5:37:0b:cc:e2:ac:cf:cb:91:73:3f:
11:35:e3:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZ30JqP2oh4TKdilZhzX/11sOF+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjZjUxMjhjNTRlZTY2YmZmNjc3YTI3NjI3NzBhZjJlMjhkZWFiY2Y1ZmUx
NTg3ZmMwMmJkYjhiMzNmYmNiOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpUs43Lh6/Nl43Eid/pcV5NYtUJdQlZRa3Mu/dyELsn84Ix3lGDwHvKB6qW
pMqpy+CzSzOMpmpZfTWoQ8XVr5JmMhxVLL3JolmiYXff00Zxqh286VA02NKG+5Xo
/Welc6KBK57NImDx1Pu9okG9BEya0D7GVcvQAtPrdcvBedGyBxGNybiPnsTjGoCU
pOMo/8wQLAyBgEroyoVkegr8SZNVs3R4uzfwZgQbsAs8kjQI5f3/8Z3tiwCJjwkX
t1Yh5H7A6aSUjfSUDUVmqdin7YsJhOtACsdtf8hjE0rGY0KFdm22qlE7tNkJhgzL
2P+j9KFnQlcJ6l4wHKy1ZwFz558CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvpJpg
aNVS/YXdAXkQVrenV2W9SzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE2NDAyOTEtNzQ3NC00Mzc0LTkwODEtODFkMGQzZDQ3NzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQA/RFLOTVIGaLGeJBkpgg4oMyK6iL0FbAWI9p5aQPqj
bynOkk4dBCSwdBNtqNzlrn+0BIhvNfH6KPwz9g2CAyVyiZsvi8+kd8f2oDscU2Nd
7swo2DxsIGESS3qSIETD6ZyblPCS+3xLmeV1uxrVKGpB1yIa90o3CKbMaDoFl6MI
1qlyl7qRGfbR0ty7cuSjzmkon2/Se71xDtdn2AJEmefl5DA5+I8Wts+c9eEGRgjD
+UeJgGaZoUhLXFMyCpcQtlaTzwOXxzVZi+CxTm6dKnA582NCDRwCb/e1f+kJX7fM
xTgTFRtZG2ueU6/drYhm+Rtr5TcLzOKsz8uRcz8RNeMD
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:07:07 2025 by rpki-client