Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
File: 673e8a42-e7d4-46a9-8302-c771426cd407.roa (raw, json)
Hash identifier: WPNTIH7sTWeJPanRG9goQKobsUF754P7AJ2vrv0+idI=
Subject key identifier: 1A:FF:D0:13:34:5D:68:7C:9F:5C:41:D3:1E:94:9D:AA:5A:6D:19:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02EA421501FB87E871FA21A4AA9C31F247C8BC9A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ea:42:15:01:fb:87:e8:71:fa:21:a4:aa:9c:31:f2:47:c8:bc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:b5:89:23:02:f5:77:73:d4:23:51:55:04:
20:98:48:05:b3:a2:bb:ef:13:b9:e6:d4:df:24:dc:
13:f4:e5:e4:0d:33:c4:88:5c:e1:51:81:b0:fe:c7:
62:3c:40:1a:79:9b:75:59:91:50:72:2b:04:e6:32:
ce:fb:16:e2:a6:3c:54:b8:ac:9b:7e:83:c2:ba:f9:
41:6e:db:bb:8a:0d:b5:b7:bf:ff:1a:e0:f4:d5:e3:
82:3a:18:0f:bc:aa:68:0f:4b:83:8c:51:0d:f1:cd:
65:81:0c:8d:ac:ab:2e:f9:51:9e:48:b4:12:44:2d:
e6:5e:f3:97:24:13:f1:08:e0:fa:2b:89:75:44:2f:
6c:a6:40:41:04:29:bb:4a:fb:1f:88:ff:32:c5:2a:
ec:af:e6:48:ee:72:9b:51:cb:61:32:83:4a:61:46:
d0:3f:d6:d7:ea:d3:82:c6:25:c8:a6:25:91:42:9e:
af:ac:00:0c:e8:e2:ac:45:7b:6c:53:dc:1d:3e:c6:
84:a0:2d:87:4b:25:ba:2e:bc:9e:0c:8f:ee:58:b7:
80:6c:f6:50:6d:8f:ac:0f:9c:09:8f:00:34:fe:21:
85:f3:aa:7d:90:2c:db:ab:79:5a:f0:61:54:f3:6b:
74:35:7b:0d:ab:32:78:d3:3d:73:2c:3c:a1:f9:a1:
1c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FF:D0:13:34:5D:68:7C:9F:5C:41:D3:1E:94:9D:AA:5A:6D:19:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
17:c7:78:1e:3f:4a:22:de:3b:e2:d7:bb:5b:a4:66:6e:51:12:
8e:a7:f9:6e:17:ef:8f:c3:d2:48:ca:99:bf:95:a7:df:4f:f6:
ef:1b:80:d9:66:ae:b3:b8:b7:a3:7c:12:01:dd:87:3f:a1:ac:
2d:d9:f1:72:73:4c:65:69:a5:ca:4f:98:e3:89:8b:58:c4:4a:
0a:5e:ac:10:00:26:28:ab:91:f6:ed:08:e8:4a:32:36:ae:59:
63:d2:e9:fc:d3:86:fb:22:81:5b:9d:06:5c:a3:46:9b:66:25:
fc:4c:14:50:37:17:76:4e:28:6e:e3:3d:a4:98:e4:1d:85:bc:
ba:83:22:02:6b:f9:c7:4f:a6:4e:c4:42:c4:4c:a7:d9:17:61:
38:9c:d2:be:26:29:85:81:b4:53:22:5b:b0:75:7b:71:f2:5a:
6d:ce:a7:fa:ac:22:6e:f9:de:0a:73:fd:17:17:51:9f:24:d6:
79:39:d9:93:50:63:21:ab:b8:ab:25:93:71:23:55:6f:7f:2d:
85:32:cb:61:73:77:21:7f:45:37:17:d0:47:32:35:c8:66:53:
6a:b3:a1:e5:40:24:4b:02:6a:d5:13:bb:ff:04:cf:18:b9:6c:
30:bb:49:ba:f9:54:3e:2f:71:cf:d9:c2:2d:4c:ae:21:3d:14:
73:11:40:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAupCFQH7h+hx+iGkqpwx8kfIvJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5OGE2ODRkMTE0YzI1OGM0ZGVmNGEyY2ExOWQyMWUzNmQ5OTA3YTM4ZmY3
MmE4ZDNmNmFhZGM0OTY0NzA0YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR5tYkjAvV3c9QjUVUEIJhIBbOiu+8TuebU3yTcE/Tl5A0zxIhc4VGBsP7H
YjxAGnmbdVmRUHIrBOYyzvsW4qY8VLism36Dwrr5QW7bu4oNtbe//xrg9NXjgjoY
D7yqaA9Lg4xRDfHNZYEMjayrLvlRnki0EkQt5l7zlyQT8Qjg+iuJdUQvbKZAQQQp
u0r7H4j/MsUq7K/mSO5ym1HLYTKDSmFG0D/W1+rTgsYlyKYlkUKer6wADOjirEV7
bFPcHT7GhKAth0slui68ngyP7li3gGz2UG2PrA+cCY8ANP4hhfOqfZAs26t5WvBh
VPNrdDV7DasyeNM9cyw8ofmhHDsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQa/9AT
NF1ofJ9cQdMelJ2qWm0ZRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjczZThhNDItZTdkNC00NmE5LTgzMDItYzc3MTQyNmNkNDA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQAXx3geP0oi3jvi17tbpGZuURKOp/luF++Pw9JIypm/
laffT/bvG4DZZq6zuLejfBIB3Yc/oawt2fFyc0xlaaXKT5jjiYtYxEoKXqwQACYo
q5H27QjoSjI2rllj0un804b7IoFbnQZco0abZiX8TBRQNxd2Tihu4z2kmOQdhby6
gyICa/nHT6ZOxELETKfZF2E4nNK+JimFgbRTIluwdXtx8lptzqf6rCJu+d4Kc/0X
F1GfJNZ5OdmTUGMhq7irJZNxI1Vvfy2FMsthc3chf0U3F9BHMjXIZlNqs6HlQCRL
AmrVE7v/BM8YuWwwu0m6+VQ+L3HP2cItTK4hPRRzEUAj
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:19:20 2025 by rpki-client