Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ab6975-6f0b-4ac3-882f-29a8794b713d.roa
File: 88ab6975-6f0b-4ac3-882f-29a8794b713d.roa (raw, json)
Hash identifier: Mnljz8WrP4SH1CJdTJsZTQa40S7yuvIOOZXKCx4jqJ0=
Subject key identifier: 5B:61:CE:0A:72:26:02:53:11:A3:DF:8B:15:53:20:1D:51:AC:5C:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BBEEC2C5786E7E28A481745374ADA0C1B151662
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ab6975-6f0b-4ac3-882f-29a8794b713d.roa
Signing time: Mon 09 Dec 2024 00:00:00 +0000
ROA not before: Mon 09 Dec 2024 00:00:00 +0000
ROA not after: Mon 13 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:be:ec:2c:57:86:e7:e2:8a:48:17:45:37:4a:da:0c:1b:15:16:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 9 00:00:00 2024 GMT
Not After : Jan 13 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:00:7f:fc:59:c7:38:79:2a:4e:e1:4d:70:
b2:b8:9a:04:53:a2:5f:39:96:97:31:4e:66:e1:6b:
b6:bf:0a:24:5d:f7:26:0b:11:0f:f3:81:21:15:9f:
12:73:32:8f:13:c2:af:b8:14:f4:52:4e:45:3e:a3:
2f:47:56:78:17:50:7a:ae:9c:82:69:5e:38:4a:7a:
2f:49:02:3f:5c:73:e5:14:51:66:00:be:e2:3a:99:
14:42:3a:f9:63:66:26:10:45:48:f8:b1:03:e0:3b:
21:e7:08:26:de:7c:bf:e0:3f:b1:d0:29:7b:08:16:
5d:4a:07:79:36:f4:a5:32:66:f8:3e:67:5c:73:00:
4f:83:95:71:f0:29:07:00:58:23:9a:16:63:7f:78:
bf:9d:99:1e:75:14:5e:87:a6:5e:2e:18:6e:1b:d7:
ac:8f:9d:67:06:91:52:97:ec:31:79:38:1b:4b:b6:
13:7a:18:54:1b:c3:c3:1c:1d:0a:e0:f4:c9:47:11:
d5:47:09:12:6b:35:09:32:99:19:b1:ac:8d:6f:b4:
20:99:39:3e:58:11:dd:09:6a:1e:de:19:74:aa:3d:
bd:fb:ca:1d:50:39:37:ec:a4:ff:7d:44:3c:b5:c6:
09:3b:f8:f3:d5:65:b5:33:47:04:53:d9:f1:67:6f:
f2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:61:CE:0A:72:26:02:53:11:A3:DF:8B:15:53:20:1D:51:AC:5C:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ab6975-6f0b-4ac3-882f-29a8794b713d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
9d:e1:07:0b:8a:78:c5:6e:9a:3e:ba:ad:51:f8:47:b2:47:f0:
80:3a:01:27:ba:10:c1:e2:2a:a0:86:ae:66:44:43:54:1a:e1:
9e:ac:18:b6:6a:7c:40:12:bb:5a:03:cf:27:42:00:b6:6d:70:
1f:29:1c:bb:40:ea:4f:6b:b6:03:82:8e:d0:b3:37:9e:4c:bc:
0f:e3:0c:aa:08:e6:0b:0c:d3:59:33:0a:d5:73:63:a7:11:0f:
bd:23:e0:ba:b8:93:7c:c5:15:17:20:ed:13:37:16:9c:56:ce:
63:f2:13:25:30:b8:e0:2d:e2:1e:3f:38:51:e8:4a:62:cb:cd:
86:56:42:12:3b:74:46:56:a0:f2:47:c7:51:48:e6:33:51:cd:
01:a4:d7:cf:72:d5:5e:05:08:a0:10:6c:bd:1f:b6:bd:5d:a3:
5f:f9:91:15:22:81:b9:2c:a1:30:e1:db:65:65:18:4e:b7:51:
ed:47:8d:ad:71:3f:41:6b:bd:a7:85:57:7f:36:27:d7:b9:67:
ee:0d:8c:7e:2e:e3:27:76:ad:cf:41:d1:45:43:9f:d5:dc:7d:
c2:71:67:fe:bb:aa:45:4b:5b:39:aa:3e:cb:5c:ff:31:16:4f:
72:47:06:9a:36:a3:39:45:92:2e:c6:4a:dd:24:d2:67:51:49:
36:1f:a9:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC77sLFeG5+KKSBdFN0raDBsVFmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDkwMDAwMDBaFw0yNTAxMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZWMyMjZkOTQyNmZiNTVkY2YzMTU2MTJiNDU2YWY0Zjg4Yjk5YzhlZDk3
MjlkZWUyNWVlNjQyYzYyZjhlZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/qAH/8Wcc4eSpO4U1wsriaBFOiXzmWlzFOZuFrtr8KJF33JgsRD/OBIRWf
EnMyjxPCr7gU9FJORT6jL0dWeBdQeq6cgmleOEp6L0kCP1xz5RRRZgC+4jqZFEI6
+WNmJhBFSPixA+A7IecIJt58v+A/sdApewgWXUoHeTb0pTJm+D5nXHMAT4OVcfAp
BwBYI5oWY394v52ZHnUUXoemXi4YbhvXrI+dZwaRUpfsMXk4G0u2E3oYVBvDwxwd
CuD0yUcR1UcJEms1CTKZGbGsjW+0IJk5PlgR3QlqHt4ZdKo9vfvKHVA5N+yk/31E
PLXGCTv489VltTNHBFPZ8Wdv8tkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRbYc4K
ciYCUxGj34sVUyAdUaxcuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhhYjY5NzUtNmYwYi00YWMzLTg4MmYtMjlhODc5NGI3MTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQCd4QcLinjFbpo+uq1R+EeyR/CAOgEnuhDB4iqghq5m
RENUGuGerBi2anxAErtaA88nQgC2bXAfKRy7QOpPa7YDgo7QszeeTLwP4wyqCOYL
DNNZMwrVc2OnEQ+9I+C6uJN8xRUXIO0TNxacVs5j8hMlMLjgLeIePzhR6Epiy82G
VkISO3RGVqDyR8dRSOYzUc0BpNfPctVeBQigEGy9H7a9XaNf+ZEVIoG5LKEw4dtl
ZRhOt1HtR42tcT9Ba72nhVd/NifXuWfuDYx+LuMndq3PQdFFQ5/V3H3CcWf+u6pF
S1s5qj7LXP8xFk9yRwaaNqM5RZIuxkrdJNJnUUk2H6m6
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:47:36 2025 by rpki-client