Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/91d57bb1-34c5-4303-9806-8e3df613475f.roa
File: 91d57bb1-34c5-4303-9806-8e3df613475f.roa (raw, json)
Hash identifier: 47x7//DfIHCEPKE1kpVOrQsngPVQANPlOxmLJ0kXk5o=
Subject key identifier: 35:48:43:92:91:9B:91:45:01:E8:85:C5:28:5A:05:E8:4A:42:22:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C055CD8DDF260A67D40E44837AB95B7136FEB68
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/91d57bb1-34c5-4303-9806-8e3df613475f.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:05:5c:d8:dd:f2:60:a6:7d:40:e4:48:37:ab:95:b7:13:6f:eb:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f0:89:77:6c:37:28:04:30:70:52:b8:25:59:
75:55:ad:76:f5:57:c3:8f:52:95:08:7f:48:ab:23:
31:51:d5:86:2a:fd:78:98:7a:5c:19:4b:1c:24:b1:
cc:52:df:17:f4:db:60:5e:e8:55:e8:bb:85:d4:f8:
5b:78:fa:2d:6b:73:6c:00:c4:e9:c4:83:ed:56:b0:
f5:b9:eb:3d:eb:d1:da:6f:53:23:d7:dc:71:12:a8:
7e:84:34:04:40:86:9d:2f:1a:37:61:d9:b3:42:fd:
ff:f6:f0:55:be:33:18:f4:3f:91:e4:02:53:8f:3c:
77:4a:72:95:b7:40:3c:c9:b2:3d:9b:41:8d:78:e5:
d4:e1:0b:82:ec:96:af:49:f7:3b:00:be:7d:95:86:
3b:b7:a7:c3:4c:62:1a:45:48:c5:7e:4a:7c:e0:d9:
9f:1d:45:81:1b:6a:3a:5e:aa:ec:2f:38:b6:46:e6:
1f:c9:ec:7d:c8:a3:0b:72:a8:a9:e9:69:eb:f4:1c:
c1:e4:68:d6:83:ff:df:71:9c:af:3d:cd:c1:85:15:
84:04:19:70:93:3c:f1:6c:24:21:6b:d7:6a:e4:3f:
af:14:f3:9b:cd:89:51:96:d9:6a:cf:d6:6f:38:1c:
63:8d:35:51:ca:6c:20:57:04:f6:08:0a:8c:45:80:
10:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:48:43:92:91:9B:91:45:01:E8:85:C5:28:5A:05:E8:4A:42:22:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/91d57bb1-34c5-4303-9806-8e3df613475f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:9a:75:4d:64:70:c3:e4:9d:cb:ae:a5:ea:92:4d:b5:59:31:
49:21:23:30:34:a0:89:a8:ae:9d:a8:68:b2:a3:f6:8d:0d:0d:
03:db:c9:b6:a0:e6:02:19:eb:a4:1c:bd:a5:9c:26:67:ad:06:
5f:ad:be:5c:9b:7d:f7:c1:12:12:1b:e0:a8:3b:ab:cb:51:82:
06:77:e8:87:d8:5f:2b:0e:ab:91:10:04:fd:1b:c1:ac:48:2e:
7e:c0:28:4f:59:ea:3a:8b:05:eb:82:78:9b:55:e1:8a:43:85:
6f:f2:61:f6:79:74:49:64:ec:b5:17:68:cf:b8:78:0b:e3:db:
10:3d:7a:1e:56:b1:ef:de:20:e2:7b:8b:a4:5b:59:db:ad:ef:
e9:93:80:ad:fc:a5:94:3f:c7:0c:40:fd:4a:d8:3a:69:9f:0d:
2c:80:38:4e:8f:d6:d4:ee:89:3a:6a:0e:a9:98:36:77:a0:80:
b2:11:20:75:aa:17:21:68:fe:2b:57:f4:b8:2c:b1:98:af:70:
ff:a2:c9:98:64:be:cc:1b:58:c7:18:76:dc:a2:ea:e6:08:b9:
c7:a8:6a:e3:9e:95:1f:3c:b5:b5:14:38:a9:96:56:ba:85:be:
41:98:ac:2c:fa:a3:8d:a7:f8:88:7e:4c:fe:73:c3:c1:bd:fc:
13:b5:be:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHAVc2N3yYKZ9QORIN6uVtxNv62gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDIwMDAwMDBaFw0yNTAxMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZTAxZTEyMGQzMzEyZDk0OWVjY2U1ZDZhNDQ2ODhmMDE5ZDUxNDZjMWZm
ODFmZWM5ODVhM2ExOTFiZGNkMDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7wiXdsNygEMHBSuCVZdVWtdvVXw49SlQh/SKsjMVHVhir9eJh6XBlLHCSx
zFLfF/TbYF7oVei7hdT4W3j6LWtzbADE6cSD7Vaw9bnrPevR2m9TI9fccRKofoQ0
BECGnS8aN2HZs0L9//bwVb4zGPQ/keQCU488d0pylbdAPMmyPZtBjXjl1OELguyW
r0n3OwC+fZWGO7enw0xiGkVIxX5KfODZnx1FgRtqOl6q7C84tkbmH8nsfcijC3Ko
qelp6/QcweRo1oP/33Gcrz3NwYUVhAQZcJM88WwkIWvXauQ/rxTzm82JUZbZas/W
bzgcY401UcpsIFcE9ggKjEWAEFMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1SEOS
kZuRRQHohcUoWgXoSkIiYTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTFkNTdiYjEtMzRjNS00MzAzLTk4MDYtOGUzZGY2MTM0NzVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQAbmnVNZHDD5J3LrqXqkk21WTFJISMwNKCJqK6dqGiy
o/aNDQ0D28m2oOYCGeukHL2lnCZnrQZfrb5cm333wRISG+CoO6vLUYIGd+iH2F8r
DquREAT9G8GsSC5+wChPWeo6iwXrgnibVeGKQ4Vv8mH2eXRJZOy1F2jPuHgL49sQ
PXoeVrHv3iDie4ukW1nbre/pk4Ct/KWUP8cMQP1K2Dppnw0sgDhOj9bU7ok6ag6p
mDZ3oICyESB1qhchaP4rV/S4LLGYr3D/osmYZL7MG1jHGHbcourmCLnHqGrjnpUf
PLW1FDiplla6hb5BmKws+qONp/iIfkz+c8PBvfwTtb6t
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:34:29 2025 by rpki-client