Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
File: 89aac802-59d0-4631-a004-2a1c6311b27f.roa (raw, json)
Hash identifier: WBSYa7LUPNlbdEaCBtkfa6lj/7GRYv+z57ZfZ0IpSlg=
Subject key identifier: 14:23:3B:F6:2C:31:D3:F0:D5:72:23:17:B2:66:97:91:F7:EB:3F:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64499EFE81E67CCE808AFB8D8E56C12772B4786D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:49:9e:fe:81:e6:7c:ce:80:8a:fb:8d:8e:56:c1:27:72:b4:78:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d0:04:c1:fb:54:87:73:74:e3:ab:aa:e0:b4:
45:ce:61:14:fb:37:18:7e:93:47:1b:54:78:22:9a:
68:09:fd:78:04:45:66:73:0e:a1:5c:96:a8:ca:aa:
b5:03:8b:4c:32:9b:00:3c:07:5c:5e:81:b1:e9:8d:
c4:03:b1:06:69:cb:ee:44:0b:e9:ba:6b:00:db:cc:
24:93:11:89:ea:09:b6:86:2e:70:24:81:23:95:73:
5b:86:f8:e2:bf:24:79:9b:e1:00:74:ef:d8:2d:cb:
00:5b:cd:9c:17:9a:2e:6b:f1:07:f7:de:dc:40:ce:
34:f7:fe:df:f9:6d:26:a6:f9:40:ae:9b:fa:5d:0c:
10:27:c4:b4:96:2f:7f:63:1a:90:6e:57:6e:52:68:
e6:0a:04:0e:60:6a:bb:11:51:08:de:ef:61:0d:0c:
07:de:29:a8:bf:8c:da:f4:ea:d5:87:4b:ad:fa:a1:
3a:a0:0b:cd:ad:ee:f8:a1:87:d1:9d:31:c3:7a:c4:
d1:b9:bf:d6:35:df:80:89:85:08:fe:25:cc:e4:6a:
50:5a:d4:d5:6b:7e:dd:92:cb:51:9c:38:8f:3a:19:
35:92:85:9c:52:5c:0a:68:56:29:32:f4:e3:ca:2a:
8b:28:54:75:0a:e5:95:ae:1f:a7:79:53:8c:e2:9c:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:23:3B:F6:2C:31:D3:F0:D5:72:23:17:B2:66:97:91:F7:EB:3F:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c4:f9:ff:b1:31:2e:50:11:b9:b0:c5:ee:11:db:23:9e:25:79:
05:d5:c6:85:ca:8b:51:f6:54:95:06:1b:54:05:ac:d2:77:55:
20:ab:9b:c5:63:1f:83:13:3a:4d:e1:cd:80:06:0a:a1:56:85:
f6:d0:8f:cc:ce:2d:d4:8c:c8:84:e6:41:31:a1:46:d6:71:95:
e3:14:e0:ef:90:0f:6f:86:2c:33:3b:72:7d:17:86:a9:16:d2:
a8:67:cc:17:9e:c6:3b:be:87:34:cd:11:24:60:d8:11:f1:40:
19:18:d7:0d:28:2e:ac:ab:c1:c9:28:25:49:a6:7e:5c:66:0b:
b4:59:b0:7b:7f:fd:43:b7:1c:b1:3c:f3:9b:54:d7:df:3e:5d:
c3:ac:22:9d:1d:06:88:e9:0d:c9:a5:e1:ff:c4:b2:c1:03:cd:
39:55:91:e5:55:0f:69:60:3f:7c:54:11:0f:c6:26:0c:e6:76:
0f:eb:5c:02:d6:cc:4f:b1:6d:a0:21:cf:9c:67:8b:8a:56:d4:
34:0e:69:5e:b1:1a:63:a7:f9:80:3e:2e:0e:94:43:6b:22:fb:
e4:21:3f:eb:c9:bb:2e:0d:12:f3:88:ba:d7:c5:a1:e0:77:47:
a7:ef:6b:76:07:e2:20:7d:92:3a:48:3f:8e:95:5b:0e:5e:9a:
1f:01:3a:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZEme/oHmfM6AivuNjlbBJ3K0eG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMjJkNWNiYTAyNTk2N2RkMDNmYzM0MGM1YzAzZGEyMTViYWNlODliYzYz
Zjg0YTYxOWEyYzU1MGJiYWI1ZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjQBMH7VIdzdOOrquC0Rc5hFPs3GH6TRxtUeCKaaAn9eARFZnMOoVyWqMqq
tQOLTDKbADwHXF6BsemNxAOxBmnL7kQL6bprANvMJJMRieoJtoYucCSBI5VzW4b4
4r8keZvhAHTv2C3LAFvNnBeaLmvxB/fe3EDONPf+3/ltJqb5QK6b+l0MECfEtJYv
f2MakG5XblJo5goEDmBquxFRCN7vYQ0MB94pqL+M2vTq1YdLrfqhOqALza3u+KGH
0Z0xw3rE0bm/1jXfgImFCP4lzORqUFrU1Wt+3ZLLUZw4jzoZNZKFnFJcCmhWKTL0
48oqiyhUdQrlla4fp3lTjOKc9+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUIzv2
LDHT8NVyIxeyZpeR9+s/kzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODlhYWM4MDItNTlkMC00NjMxLWEwMDQtMmExYzYzMTFiMjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQDE+f+xMS5QEbmwxe4R2yOeJXkF1caFyotR9lSVBhtU
BazSd1Ugq5vFYx+DEzpN4c2ABgqhVoX20I/Mzi3UjMiE5kExoUbWcZXjFODvkA9v
hiwzO3J9F4apFtKoZ8wXnsY7voc0zREkYNgR8UAZGNcNKC6sq8HJKCVJpn5cZgu0
WbB7f/1DtxyxPPObVNffPl3DrCKdHQaI6Q3JpeH/xLLBA805VZHlVQ9pYD98VBEP
xiYM5nYP61wC1sxPsW2gIc+cZ4uKVtQ0DmlesRpjp/mAPi4OlENrIvvkIT/rybsu
DRLziLrXxaHgd0en72t2B+IgfZI6SD+OlVsOXpofATpu
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:48 2025 by rpki-client