Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
File: 8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa (raw, json)
Hash identifier: 2y6yhL1Dwk2EFD0xbdy752BAZ934rvA7xEA+LJOBT0E=
Subject key identifier: 17:B9:77:09:57:20:59:26:0C:B0:B6:FF:12:09:25:6F:6B:91:E3:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F0C6FEFBD0E1B4424F869D156AAF740F449700D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:0c:6f:ef:bd:0e:1b:44:24:f8:69:d1:56:aa:f7:40:f4:49:70:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e4:66:35:79:2d:fa:75:65:1d:bf:4a:ef:6e:
aa:ae:df:d1:0d:2b:8c:d0:66:df:6d:80:9f:56:58:
84:15:f0:fc:61:f1:62:d6:9a:3f:42:7d:a9:7a:da:
40:d7:01:43:d4:1e:e2:57:eb:c8:e0:24:de:25:c9:
42:e3:64:34:a7:f8:73:7b:62:6a:2e:ed:15:0c:ea:
fe:07:8e:ad:6e:8e:0f:24:e5:a0:e0:83:36:bc:81:
04:d3:26:99:8f:2c:ad:7d:29:7b:c6:49:50:a4:c9:
ae:e8:08:4e:e5:ee:3b:12:dd:4f:35:cd:d8:45:59:
2a:80:2e:99:9f:45:05:2a:06:29:b6:64:aa:6d:26:
39:a1:8b:37:47:ec:0e:95:b1:ca:fe:1e:ce:86:02:
cd:7b:b8:d1:65:ed:e7:67:74:3d:c8:bc:53:6c:01:
a4:cd:92:3e:ae:84:58:ad:58:02:b1:d8:3b:35:ba:
4c:30:8c:d0:64:4d:d2:3c:b5:f0:2b:ea:2f:3a:5d:
08:ef:a2:5b:68:46:4b:38:bc:2e:5f:e2:90:76:ba:
65:73:f2:52:45:b9:fb:b0:cb:31:0c:28:ca:6a:1b:
e0:67:f0:69:46:69:ab:11:99:29:a4:f3:b7:d6:4a:
42:e5:c8:ea:d1:87:a6:5a:f9:a6:4b:29:12:e5:2b:
5a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B9:77:09:57:20:59:26:0C:B0:B6:FF:12:09:25:6F:6B:91:E3:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e5dcc27-9bc3-4b82-8be2-a41315c61b33.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:10:08:62:36:75:0e:af:80:b4:93:17:b8:91:32:d5:e1:34:
16:63:00:fe:de:70:9d:23:b5:fa:5c:2d:f9:5e:b5:1a:e2:38:
02:49:54:78:b6:12:d7:05:09:59:25:c0:57:1a:43:a8:19:c1:
b7:cc:00:12:34:36:7a:1a:75:bf:71:57:2e:ce:19:e3:88:d1:
77:98:1f:78:bd:f1:10:09:88:b0:eb:6e:41:b9:75:08:a2:0d:
1c:70:4a:19:8f:fc:14:c4:ca:18:dd:41:2c:88:a8:d2:fc:76:
43:1f:7c:58:0a:dc:55:3d:e0:1b:45:fa:a4:7a:f6:98:86:32:
7e:9c:88:4d:ef:fb:0f:31:ba:dc:1c:48:00:7e:da:e9:28:34:
e0:00:53:69:5d:49:10:70:ff:d1:44:6c:a8:2b:1e:63:0b:60:
27:0d:97:2a:51:cf:f3:81:ac:cb:a4:0a:58:b6:ff:49:b4:7e:
27:ab:a8:ff:ff:29:f8:04:56:75:61:0b:2d:69:e0:2a:c3:c2:
26:a2:85:03:bc:1d:35:a7:88:d4:41:0f:9d:93:2a:3c:0b:62:
3f:8e:a9:1a:94:75:13:7e:e4:56:28:37:83:59:40:ec:d4:04:
b2:bf:d6:52:03:df:42:a2:a4:9f:42:b8:46:4f:15:30:80:2d:
c9:ce:c8:a5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTwxv770OG0Qk+GnRVqr3QPRJcA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmYTcyYjhkOWQzNDhjMGYyNGNjMjdiODFhYjVlMDk3ODEzY2JhNDJmNDVj
MGJjOGZmMDU5NjlhM2JkNzRhZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDkZjV5Lfp1ZR2/Su9uqq7f0Q0rjNBm322An1ZYhBXw/GHxYtaaP0J9qXra
QNcBQ9Qe4lfryOAk3iXJQuNkNKf4c3tiai7tFQzq/geOrW6ODyTloOCDNryBBNMm
mY8srX0pe8ZJUKTJrugITuXuOxLdTzXN2EVZKoAumZ9FBSoGKbZkqm0mOaGLN0fs
DpWxyv4ezoYCzXu40WXt52d0Pci8U2wBpM2SPq6EWK1YArHYOzW6TDCM0GRN0jy1
8CvqLzpdCO+iW2hGSzi8Ll/ikHa6ZXPyUkW5+7DLMQwoymob4GfwaUZpqxGZKaTz
t9ZKQuXI6tGHplr5pkspEuUrWm8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXuXcJ
VyBZJgywtv8SCSVva5HjbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU1ZGNjMjctOWJjMy00YjgyLThiZTItYTQxMzE1YzYxYjMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBtEAhiNnUOr4C0kxe4kTLV4TQWYwD+3nCdI7X6XC35
XrUa4jgCSVR4thLXBQlZJcBXGkOoGcG3zAASNDZ6GnW/cVcuzhnjiNF3mB94vfEQ
CYiw625BuXUIog0ccEoZj/wUxMoY3UEsiKjS/HZDH3xYCtxVPeAbRfqkevaYhjJ+
nIhN7/sPMbrcHEgAftrpKDTgAFNpXUkQcP/RRGyoKx5jC2AnDZcqUc/zgazLpApY
tv9JtH4nq6j//yn4BFZ1YQstaeAqw8ImooUDvB01p4jUQQ+dkyo8C2I/jqkalHUT
fuRWKDeDWUDs1ASyv9ZSA99CoqSfQrhGTxUwgC3Jzsil
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:41 2025 by rpki-client