Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
File: 7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa (raw, json)
Hash identifier: ILM8QoIlTE8cPKUYI/tj1JpOUq1HSwCzuuPF5MHT5bs=
Subject key identifier: BB:DE:B9:75:D0:85:C8:12:80:8E:18:A1:D6:CE:B6:ED:E0:51:8F:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EC67B92BFF16E2AF768FB3E86011E9AB1933D02
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:c6:7b:92:bf:f1:6e:2a:f7:68:fb:3e:86:01:1e:9a:b1:93:3d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bc:af:40:31:77:53:04:32:33:95:a7:ba:e1:
5f:57:d8:6f:ee:29:eb:69:0c:5e:e8:bf:88:b8:9c:
4c:79:94:78:ff:09:3f:3d:c8:b4:12:cd:cd:53:21:
ca:2a:8a:1c:99:b9:d8:7c:22:c0:88:d9:43:23:a5:
68:7c:4a:05:b5:d7:0d:43:23:f4:64:81:ca:d7:57:
5d:8f:a5:42:02:08:91:1e:bd:cb:1a:1d:14:d0:e2:
04:ea:e4:9d:4c:25:18:6f:b0:5d:24:41:d2:aa:d7:
f4:ac:9d:bd:33:45:25:43:ae:ba:0c:4a:e4:9e:e6:
bd:f6:f5:94:e2:6d:60:f9:17:e4:38:e5:4d:55:d2:
5b:e5:fe:a1:3b:74:bd:a0:39:d6:b6:5b:d0:3d:58:
9b:9f:b4:76:24:b3:85:7e:d3:8b:6c:16:c5:03:5a:
9f:42:16:fa:38:6c:f3:44:07:11:d9:33:b2:7a:ad:
83:58:24:6b:0b:50:e6:be:3f:02:ae:97:f7:37:a5:
6a:6e:ee:f6:bb:ab:a9:e1:17:76:07:75:43:c0:c7:
c7:10:53:14:d6:e7:9d:a5:0b:88:f9:0b:55:e8:ee:
c4:67:9c:15:a8:fd:a0:1f:8e:26:55:5f:8f:c8:d6:
38:03:2d:46:cc:2a:f0:71:ca:5d:35:12:ee:71:90:
ef:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:DE:B9:75:D0:85:C8:12:80:8E:18:A1:D6:CE:B6:ED:E0:51:8F:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:ac:8c:b5:1a:93:72:db:17:a5:7b:a2:7c:ef:5d:db:96:18:
72:2f:f7:e9:20:59:f5:d0:48:39:92:d2:4a:6d:65:b8:5e:4c:
ec:94:a8:56:d3:db:38:2f:20:bd:94:17:60:c7:43:cd:57:6e:
65:63:20:d8:15:dd:a4:b9:88:0d:f7:d7:36:95:32:16:94:b9:
fd:1b:77:67:82:04:68:de:05:e0:0f:0d:38:b8:70:2b:08:0e:
99:db:b9:06:0e:8c:46:00:1d:4d:88:3d:f9:c1:b5:57:6f:67:
bf:0c:93:db:c0:59:14:21:fc:f0:c3:64:27:99:64:0c:55:bb:
be:c6:8f:fd:a4:55:2c:8b:e5:33:43:fb:01:31:0f:e2:3a:85:
2e:85:97:44:45:f8:19:0b:fc:71:a1:04:af:0d:18:c2:ba:59:
e4:3e:f8:47:9d:d4:0c:68:f7:14:5f:d2:c8:3e:07:d5:fc:c0:
3c:82:2a:18:c7:8e:4f:ca:c6:b1:ad:7b:de:62:94:68:4f:df:
37:37:2b:ca:1e:3e:48:e8:b9:e0:b6:ad:b7:2c:f2:13:17:50:
49:af:bf:af:9b:9d:b6:71:a9:1f:b9:5f:d3:37:f0:72:1b:15:
8b:1d:96:0b:2a:12:4e:9e:bb:95:9a:ee:ab:80:6a:8f:3e:a1:
c1:f9:26:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXsZ7kr/xbir3aPs+hgEemrGTPQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkZjZiNWMyOWU1ZTA2M2Y1YTQ0N2QwMjcxZTU0NThiMDQyZjc1MTFkNDkw
NGMyNTJiNDllNjQ2OTlkMWZkNWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMy8r0Axd1MEMjOVp7rhX1fYb+4p62kMXui/iLicTHmUeP8JPz3ItBLNzVMh
yiqKHJm52HwiwIjZQyOlaHxKBbXXDUMj9GSBytdXXY+lQgIIkR69yxodFNDiBOrk
nUwlGG+wXSRB0qrX9KydvTNFJUOuugxK5J7mvfb1lOJtYPkX5DjlTVXSW+X+oTt0
vaA51rZb0D1Ym5+0diSzhX7Ti2wWxQNan0IW+jhs80QHEdkzsnqtg1gkawtQ5r4/
Aq6X9zelam7u9rurqeEXdgd1Q8DHxxBTFNbnnaULiPkLVejuxGecFaj9oB+OJlVf
j8jWOAMtRswq8HHKXTUS7nGQ78sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS73rl1
0IXIEoCOGKHWzrbt4FGPljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzE5MmU3NjEtMDVhOS00YzNlLTliMjItZWIzZWQwYzM3ZDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCzrIy1GpNy2xele6J8713blhhyL/fpIFn10Eg5ktJK
bWW4XkzslKhW09s4LyC9lBdgx0PNV25lYyDYFd2kuYgN99c2lTIWlLn9G3dnggRo
3gXgDw04uHArCA6Z27kGDoxGAB1NiD35wbVXb2e/DJPbwFkUIfzww2QnmWQMVbu+
xo/9pFUsi+UzQ/sBMQ/iOoUuhZdERfgZC/xxoQSvDRjCulnkPvhHndQMaPcUX9LI
PgfV/MA8gioYx45PysaxrXveYpRoT983NyvKHj5I6Lngtq23LPITF1BJr7+vm522
cakfuV/TN/ByGxWLHZYLKhJOnruVmu6rgGqPPqHB+SYh
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:38:59 2025 by rpki-client