Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
File: 72138391-f885-46be-9450-815e493cd6a4.roa (raw, json)
Hash identifier: qrxe1ayfndd89J/zRJxvaP8QgihbXvUhMsMMpdCyYio=
Subject key identifier: FE:DF:C7:EB:BC:26:85:46:40:92:C5:1E:51:DC:EC:FD:97:03:37:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DB20A2CCB48FD8C82582AEB8F6AEB83C32EFF3D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b2:0a:2c:cb:48:fd:8c:82:58:2a:eb:8f:6a:eb:83:c3:2e:ff:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:fb:11:33:60:08:41:23:2d:48:9e:ad:cf:
82:90:90:e5:8b:3d:b7:10:6e:94:f5:b1:de:3f:c5:
88:59:32:98:31:2a:c7:cd:df:3c:6f:44:31:12:60:
62:af:27:84:0c:07:d4:eb:47:b1:5d:3a:44:7a:0b:
ea:36:86:e2:4c:9c:f0:5d:8c:0b:67:95:20:4a:45:
7d:4f:90:5c:b8:e6:7e:57:c1:62:6b:80:76:ae:ef:
41:22:ca:8e:f7:ea:01:d7:26:18:e0:5b:c9:88:5a:
7a:85:e6:2c:9e:e0:44:12:c2:fb:92:0b:70:5e:53:
28:3b:25:e2:e1:b6:1d:d4:6f:63:66:47:4a:93:46:
f4:93:8e:59:ca:64:93:21:8c:85:13:17:3f:8b:60:
39:a0:db:78:f8:12:98:11:b7:05:d0:55:59:9b:1f:
3f:72:28:1a:52:3e:a5:e9:53:0a:9c:e3:9a:9d:16:
39:c5:ac:6c:83:c0:9c:b1:3a:d0:42:e4:a0:48:d4:
40:82:dd:07:e7:4e:dd:80:71:af:66:86:04:37:7c:
8c:bc:28:59:0f:65:6c:48:29:6d:d6:6f:02:bf:2d:
b6:60:d2:70:86:75:38:a8:63:7b:7a:6a:a9:e6:49:
0d:c8:c6:c0:ab:70:40:51:98:95:a5:2e:71:8c:42:
0c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DF:C7:EB:BC:26:85:46:40:92:C5:1E:51:DC:EC:FD:97:03:37:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cf:c9:fa:a6:e8:2c:70:57:42:15:6c:88:d4:64:6b:b2:52:6f:
38:7d:1e:c7:ba:bd:0b:27:01:6b:9c:46:1a:8c:75:a1:05:20:
c0:f4:a5:34:92:a4:fc:be:db:e6:1e:5e:24:35:81:1c:21:90:
80:84:d4:4b:bf:61:e6:e4:a4:38:67:8e:d4:d3:10:7d:b9:e7:
49:31:a7:1b:47:b5:ea:0d:59:ca:7b:1d:18:8c:5b:01:02:57:
7b:5f:1e:67:bb:20:1e:a6:55:e2:5c:ed:fe:8d:c0:71:fd:8a:
5f:03:fe:83:77:94:86:13:c9:70:d7:6c:5e:78:c0:11:2c:ab:
64:7c:c3:16:91:9c:c6:ea:cb:fa:b6:e3:10:0f:5b:08:ea:5c:
b4:a7:c3:86:81:89:bc:af:e6:e6:18:42:1c:3c:21:9e:3f:63:
34:e5:cb:79:7a:03:1b:22:d0:1a:9c:fc:35:06:4a:b2:a0:85:
c6:39:e8:fe:20:8a:a6:73:e7:fc:e0:f8:46:86:50:dd:1c:a8:
96:23:50:27:24:e8:8a:b0:e6:2a:d7:54:48:b5:6e:06:3d:c2:
0f:39:02:ed:14:36:b4:ef:19:11:90:29:43:94:72:41:92:9a:
2f:b8:66:75:eb:62:d2:de:7f:ff:bb:b9:be:70:54:24:9c:25:
d6:c1:5d:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDbIKLMtI/YyCWCrrj2rrg8Mu/z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwODI3ZmE5MDFkMGM2NDFmY2Y1M2VlNTIzMGE5ZWUzYTcyOWUwMDc4MWJk
ODljMjNmYmM0M2UwMzIzYTVhNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI8+xEzYAhBIy1Inq3PgpCQ5Ys9txBulPWx3j/FiFkymDEqx83fPG9EMRJg
Yq8nhAwH1OtHsV06RHoL6jaG4kyc8F2MC2eVIEpFfU+QXLjmflfBYmuAdq7vQSLK
jvfqAdcmGOBbyYhaeoXmLJ7gRBLC+5ILcF5TKDsl4uG2HdRvY2ZHSpNG9JOOWcpk
kyGMhRMXP4tgOaDbePgSmBG3BdBVWZsfP3IoGlI+pelTCpzjmp0WOcWsbIPAnLE6
0ELkoEjUQILdB+dO3YBxr2aGBDd8jLwoWQ9lbEgpbdZvAr8ttmDScIZ1OKhje3pq
qeZJDcjGwKtwQFGYlaUucYxCDHECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+38fr
vCaFRkCSxR5R3Oz9lwM3JzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzIxMzgzOTEtZjg4NS00NmJlLTk0NTAtODE1ZTQ5M2NkNmE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQDPyfqm6CxwV0IVbIjUZGuyUm84fR7Hur0LJwFrnEYa
jHWhBSDA9KU0kqT8vtvmHl4kNYEcIZCAhNRLv2Hm5KQ4Z47U0xB9uedJMacbR7Xq
DVnKex0YjFsBAld7Xx5nuyAeplXiXO3+jcBx/YpfA/6Dd5SGE8lw12xeeMARLKtk
fMMWkZzG6sv6tuMQD1sI6ly0p8OGgYm8r+bmGEIcPCGeP2M05ct5egMbItAanPw1
BkqyoIXGOej+IIqmc+f84PhGhlDdHKiWI1AnJOiKsOYq11RItW4GPcIPOQLtFDa0
7xkRkClDlHJBkpovuGZ162LS3n//u7m+cFQknCXWwV3k
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:25:09 2025 by rpki-client