Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
File: 8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa (raw, json)
Hash identifier: 1Uavzzk4D7fbNyWK8qz+Jy4x60Mvf8qae5sWxLmtoiw=
Subject key identifier: 02:1F:18:7B:C3:07:31:62:36:59:91:33:98:BA:8B:C5:72:EA:CD:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31CC94724422E9B439720913AC09282BBB78D35C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:cc:94:72:44:22:e9:b4:39:72:09:13:ac:09:28:2b:bb:78:d3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d0:44:78:d7:ac:83:bd:3f:43:a9:25:16:bf:
6e:e9:71:41:53:58:99:87:d0:d1:98:7c:74:a1:b0:
be:cf:31:77:21:a7:f5:6b:51:fb:e3:cb:52:a8:86:
23:c6:c2:1f:96:55:7d:4d:82:28:d7:b9:36:05:44:
b6:7d:6b:34:31:d5:f3:7a:c6:62:c0:e2:cd:a0:aa:
ae:35:78:af:17:df:f2:6b:c1:6c:f2:15:4c:c6:8c:
7e:24:c8:2a:74:4d:8c:f1:85:05:9a:c7:8c:23:a0:
ba:76:3b:cb:c5:82:fe:09:82:a4:43:38:fe:db:17:
c0:e0:28:6d:63:7f:4c:0e:90:5f:95:cb:8e:e1:b0:
2a:e7:ec:ae:e6:55:30:2e:fd:39:e8:8d:a6:31:b3:
c4:09:5b:68:bd:b7:05:dc:b5:db:f2:96:b0:ee:50:
bf:7e:e8:b0:02:3b:d0:83:47:e1:b4:8e:1b:78:7d:
0e:44:0d:de:aa:2c:a0:b6:0a:bf:c6:02:76:41:9d:
d2:32:82:a2:2c:bc:e5:16:dd:5e:4c:71:0d:de:14:
61:3e:45:6b:9d:b6:64:23:29:2d:c0:63:8d:95:23:
67:bb:0b:a9:3b:86:e0:c5:85:35:b9:71:91:5d:8d:
ad:69:0b:f9:66:51:d8:fd:60:7c:47:48:3e:a1:13:
63:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:1F:18:7B:C3:07:31:62:36:59:91:33:98:BA:8B:C5:72:EA:CD:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c2:99:c4:53:31:14:83:cd:2a:e3:67:56:16:21:70:d8:ff:a9:
44:fe:d6:64:64:11:c0:ee:81:16:c2:7c:7c:f2:d8:77:48:9e:
a4:47:0e:8f:f6:fa:46:64:9f:b0:4f:d5:53:a6:8b:37:23:0a:
27:08:10:38:59:84:93:50:3c:5d:6e:e8:e3:48:81:16:c7:25:
8d:94:1a:fc:b6:a4:a6:76:32:a1:cc:bb:9d:6e:c2:1b:d4:80:
52:e1:54:94:ad:4b:20:d0:00:01:9d:4a:97:5c:e9:a6:07:68:
17:31:99:40:40:cc:48:3c:26:0b:05:a8:fc:83:53:41:6d:37:
1d:b8:f9:90:56:df:b9:01:87:54:0c:97:e2:18:83:aa:fe:c4:
f5:ed:5a:66:41:d5:68:5c:b4:2c:d4:61:9b:da:67:00:54:6c:
d6:2c:6c:a0:b9:a8:d2:fc:68:fa:b5:03:c3:f9:68:9a:86:e4:
bb:c3:1a:80:80:91:a7:0e:9d:9a:b1:94:6e:e7:c4:01:f4:fe:
f9:b7:52:1c:94:7c:42:95:4c:bf:ac:1d:8b:56:02:d8:0d:23:
73:4b:4c:3c:6f:3e:dc:a3:12:9c:de:e0:cc:89:ed:cc:12:99:
b5:0a:fc:ef:05:25:c6:5a:c3:b5:25:c2:12:55:bd:d2:02:6c:
f1:04:4e:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMcyUckQi6bQ5cgkTrAkoK7t401wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwZWE0MDI2NTU0NTliYzJmZjczZjIyZGY0NDRlMTA2M2IxNzk4NDE3ZGNh
MDNmODQzMmVjZWY0MTI4MDU1NjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7QRHjXrIO9P0OpJRa/bulxQVNYmYfQ0Zh8dKGwvs8xdyGn9WtR++PLUqiG
I8bCH5ZVfU2CKNe5NgVEtn1rNDHV83rGYsDizaCqrjV4rxff8mvBbPIVTMaMfiTI
KnRNjPGFBZrHjCOgunY7y8WC/gmCpEM4/tsXwOAobWN/TA6QX5XLjuGwKufsruZV
MC79OeiNpjGzxAlbaL23Bdy12/KWsO5Qv37osAI70INH4bSOG3h9DkQN3qosoLYK
v8YCdkGd0jKCoiy85RbdXkxxDd4UYT5Fa522ZCMpLcBjjZUjZ7sLqTuG4MWFNblx
kV2NrWkL+WZR2P1gfEdIPqETY1UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCHxh7
wwcxYjZZkTOYuovFcurNHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGEyZDVmMjgtMGZjYi00MTljLWE4NzMtMzkzM2RkMzQwOWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQDCmcRTMRSDzSrjZ1YWIXDY/6lE/tZkZBHA7oEWwnx8
8th3SJ6kRw6P9vpGZJ+wT9VTpos3IwonCBA4WYSTUDxdbujjSIEWxyWNlBr8tqSm
djKhzLudbsIb1IBS4VSUrUsg0AABnUqXXOmmB2gXMZlAQMxIPCYLBaj8g1NBbTcd
uPmQVt+5AYdUDJfiGIOq/sT17VpmQdVoXLQs1GGb2mcAVGzWLGyguajS/Gj6tQPD
+WiahuS7wxqAgJGnDp2asZRu58QB9P75t1IclHxClUy/rB2LVgLYDSNzS0w8bz7c
oxKc3uDMie3MEpm1CvzvBSXGWsO1JcISVb3SAmzxBE5w
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:57 2025 by rpki-client