Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/637faf4e-e17d-469d-ba49-65a44716cb68.roa
File: 637faf4e-e17d-469d-ba49-65a44716cb68.roa (raw, json)
Hash identifier: jxsptWrgiLN4Lq71SdFNlZfSdcGPRMMhQVcGRp0na80=
Subject key identifier: 2B:01:60:92:7C:A2:27:26:BF:A8:C0:B4:19:C6:4D:6E:63:0E:D9:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EB68DA86ABEBDAE6DF7046814FF2C4E315CE5FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/637faf4e-e17d-469d-ba49-65a44716cb68.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:b6:8d:a8:6a:be:bd:ae:6d:f7:04:68:14:ff:2c:4e:31:5c:e5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:af:95:43:fa:7c:20:c5:0f:e7:27:9e:ef:28:
a8:80:b5:26:1b:20:40:18:bf:56:3a:13:6d:bd:bc:
52:2e:85:d5:3c:02:3f:50:bf:75:58:03:a0:1b:ce:
38:0a:be:6a:ca:c4:59:93:ac:ec:7d:66:ce:21:d5:
1c:b2:2b:40:b1:63:61:e3:80:d8:45:74:98:ce:e9:
24:73:cb:7a:25:46:ce:9c:d2:54:4b:fc:96:d8:34:
88:f8:e5:7c:a5:a4:4c:7b:3d:9f:7e:b5:27:68:e1:
67:d2:87:9f:04:a8:c7:53:68:44:9a:50:15:6f:82:
15:0f:d8:d7:e6:99:5b:a1:2a:29:e1:4c:d9:f7:17:
54:a2:ec:1a:a4:f4:a1:e1:7e:4f:e8:fe:4e:8e:41:
bd:2d:ad:5c:dc:47:a4:7f:21:3f:3f:90:38:8d:90:
26:be:05:f8:a6:6a:78:6c:13:66:f8:21:99:18:b7:
ea:26:2a:4a:a0:75:47:c4:6c:3c:d0:a9:f3:4d:25:
53:a9:ba:d9:c5:82:a6:1e:e1:b8:c4:cf:8e:74:51:
15:66:3d:97:82:29:59:f0:dd:03:3f:52:26:1a:1f:
59:b6:6c:fa:9b:88:fc:0f:42:22:a6:0c:00:a8:a5:
6b:42:7f:23:ab:f3:82:27:87:b5:06:f4:0f:7c:61:
3f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:60:92:7C:A2:27:26:BF:A8:C0:B4:19:C6:4D:6E:63:0E:D9:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/637faf4e-e17d-469d-ba49-65a44716cb68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:c3:fe:c4:f5:a3:6a:6b:4e:bc:ef:b3:f9:cc:b5:12:18:f7:
62:f6:5a:51:43:a2:88:b3:24:96:42:2c:0f:9d:56:29:8b:37:
bf:a4:5c:6e:a3:c6:19:25:ee:37:e4:12:5d:0b:84:4b:aa:f1:
0e:0e:91:87:07:ae:6c:35:03:66:89:ca:53:d1:d1:8b:01:fb:
ba:68:61:75:1d:44:0d:47:71:99:47:f5:0c:f9:de:04:d8:6e:
8f:d8:9c:ad:f2:cf:7f:58:b3:5d:d6:e9:33:df:63:08:db:cb:
ee:e8:94:26:17:0c:9a:6a:05:70:3d:f7:f0:b4:36:83:3a:45:
ae:77:46:36:ab:72:2a:8a:f0:2e:f7:90:a4:4b:c2:e9:61:55:
c4:b0:61:45:c9:3a:c1:90:7a:af:16:20:23:26:6e:88:b8:be:
67:f6:89:a3:36:ff:12:83:f8:3b:5d:0e:de:8c:ca:31:e8:fa:
2d:e3:ba:29:b9:50:08:7a:c8:dc:9d:81:87:f5:8d:7f:90:20:
fb:fa:c7:f0:14:eb:03:9c:81:a3:31:a1:39:29:09:bb:2a:63:
0d:ca:ca:76:28:32:fc:7b:bf:c2:c1:62:d5:b6:44:93:cd:d9:
4d:6b:fb:4b:44:75:5c:a7:10:10:a0:4a:92:c8:34:66:23:82:
32:34:fb:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTraNqGq+va5t9wRoFP8sTjFc5f4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMjY4NjAzNzk5YjJiMGNiNzc3ZTc3OWMwZjk5ZmZmZDk2ODdlZTM5Zjk4
MWJlOWIwNzc3ZGJlYzY3MGY2ZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6vlUP6fCDFD+cnnu8oqIC1JhsgQBi/VjoTbb28Ui6F1TwCP1C/dVgDoBvO
OAq+asrEWZOs7H1mziHVHLIrQLFjYeOA2EV0mM7pJHPLeiVGzpzSVEv8ltg0iPjl
fKWkTHs9n361J2jhZ9KHnwSox1NoRJpQFW+CFQ/Y1+aZW6EqKeFM2fcXVKLsGqT0
oeF+T+j+To5BvS2tXNxHpH8hPz+QOI2QJr4F+KZqeGwTZvghmRi36iYqSqB1R8Rs
PNCp800lU6m62cWCph7huMTPjnRRFWY9l4IpWfDdAz9SJhofWbZs+puI/A9CIqYM
AKila0J/I6vzgieHtQb0D3xhP9kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrAWCS
fKInJr+owLQZxk1uYw7ZPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjM3ZmFmNGUtZTE3ZC00NjlkLWJhNDktNjVhNDQ3MTZjYjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCxw/7E9aNqa06877P5zLUSGPdi9lpRQ6KIsySWQiwP
nVYpize/pFxuo8YZJe435BJdC4RLqvEODpGHB65sNQNmicpT0dGLAfu6aGF1HUQN
R3GZR/UM+d4E2G6P2Jyt8s9/WLNd1ukz32MI28vu6JQmFwyaagVwPffwtDaDOkWu
d0Y2q3IqivAu95CkS8LpYVXEsGFFyTrBkHqvFiAjJm6IuL5n9omjNv8Sg/g7XQ7e
jMox6Pot47opuVAIesjcnYGH9Y1/kCD7+sfwFOsDnIGjMaE5KQm7KmMNysp2KDL8
e7/CwWLVtkSTzdlNa/tLRHVcpxAQoEqSyDRmI4IyNPtL
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:44:30 2025 by rpki-client