Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
File: 935d325c-d62b-4e93-873c-47222d71e32c.roa (raw, json)
Hash identifier: Wfe89lfkjWbUU2NhiYeWLau0tMdRTJZgTJpgIzYBOSk=
Subject key identifier: 7B:C0:64:53:A7:F8:F9:6F:EE:26:C7:57:49:47:69:D9:69:61:6C:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28DBB2D77CC48FD64B2BF4EA2DCCF80C0A9714C1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:db:b2:d7:7c:c4:8f:d6:4b:2b:f4:ea:2d:cc:f8:0c:0a:97:14:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a6:4c:a1:d5:13:68:6d:17:e8:76:f0:09:93:
41:5a:14:bb:62:f3:c7:cb:fe:ff:c5:36:b2:2d:48:
1a:96:8c:b7:cc:e5:d2:3e:ff:ba:97:53:26:88:d1:
a3:31:54:c1:83:fa:f6:38:2a:60:c7:3b:f8:cd:d2:
4b:83:60:2f:6e:9d:26:13:3a:b4:8a:ec:2e:0d:66:
da:7f:ed:81:65:d0:62:17:06:1a:ea:c9:0e:fd:90:
55:6e:09:41:55:85:dc:cf:87:49:dc:1c:23:d9:36:
a7:64:ac:4d:df:8b:b8:4f:9f:b7:d9:36:d6:6d:30:
64:d7:52:b8:ff:ba:55:ba:28:7c:f1:b8:0e:fa:38:
89:e0:8f:85:f6:ac:a3:b8:c1:33:4c:1b:fd:c3:02:
5f:9b:ce:19:dd:ba:8c:18:87:e8:02:38:d4:25:b5:
2e:8d:54:f7:8d:db:93:22:8c:20:91:e7:58:96:15:
70:5e:5e:c3:4c:b6:2a:b3:ca:ae:c9:4a:20:01:c2:
95:14:59:0f:39:ac:09:3b:14:56:d6:e3:ef:9f:13:
cd:93:62:4f:c1:39:d3:86:5c:28:70:02:c5:73:69:
a2:6b:a1:d8:77:b4:b4:f6:84:7f:64:29:9b:51:75:
29:87:96:74:06:97:c5:35:da:f5:48:fd:c6:35:f5:
56:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C0:64:53:A7:F8:F9:6F:EE:26:C7:57:49:47:69:D9:69:61:6C:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
79:22:dc:91:a0:b6:44:52:1c:6f:04:af:7b:2c:e6:65:9a:2a:
c0:8d:14:10:0f:ac:2a:3d:ce:e4:8e:3f:84:7f:e3:f7:ec:fd:
1e:86:e4:27:e0:2e:ec:c0:be:62:cc:da:34:63:35:7c:3d:49:
3d:f1:c2:61:1c:f1:9d:0b:2a:2b:d8:f4:6c:61:a0:71:8b:d2:
d4:12:42:12:89:0a:29:9b:88:4d:e6:b9:45:0b:59:a2:2f:52:
89:81:9c:d3:10:50:6c:e9:0a:0d:19:58:e8:7c:4e:20:87:f7:
48:82:0f:21:7e:bc:a8:c1:d9:90:86:79:9b:75:95:7f:b4:82:
b6:53:5b:a9:47:fe:b1:38:4d:6d:d9:40:bd:d6:84:af:ff:d0:
e4:c4:b2:e9:ab:4c:b0:3d:76:44:65:d6:a7:76:3c:a2:94:fe:
4a:d2:73:db:03:14:11:27:0a:3e:60:86:59:30:66:fa:9a:01:
65:af:48:2f:f1:6f:98:6c:22:d1:ab:97:96:b2:d2:dd:14:76:
fb:9d:69:06:69:1b:99:68:f8:75:e3:e0:c8:62:58:0c:95:f4:
0c:30:d5:b8:8b:93:21:2a:78:6b:2a:f0:b1:c7:e4:20:16:d1:
36:32:38:44:d0:33:cf:b6:5e:8b:1b:39:8e:1f:7a:6e:02:40:
b1:c2:4f:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKNuy13zEj9ZLK/TqLcz4DAqXFMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzZGViZDk0MjVjZTgwYTI3MTczOWRjZTY5MzI2MGVlMTRjYTA4OTQyZjgw
MjBiODhmOWQyYzExNjk3Y2JiOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCmTKHVE2htF+h28AmTQVoUu2Lzx8v+/8U2si1IGpaMt8zl0j7/updTJojR
ozFUwYP69jgqYMc7+M3SS4NgL26dJhM6tIrsLg1m2n/tgWXQYhcGGurJDv2QVW4J
QVWF3M+HSdwcI9k2p2SsTd+LuE+ft9k21m0wZNdSuP+6VboofPG4Dvo4ieCPhfas
o7jBM0wb/cMCX5vOGd26jBiH6AI41CW1Lo1U943bkyKMIJHnWJYVcF5ew0y2KrPK
rslKIAHClRRZDzmsCTsUVtbj758TzZNiT8E504ZcKHACxXNpomuh2He0tPaEf2Qp
m1F1KYeWdAaXxTXa9Uj9xjX1Vv8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7wGRT
p/j5b+4mx1dJR2nZaWFs8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTM1ZDMyNWMtZDYyYi00ZTkzLTg3M2MtNDcyMjJkNzFlMzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQB5ItyRoLZEUhxvBK97LOZlmirAjRQQD6wqPc7kjj+E
f+P37P0ehuQn4C7swL5izNo0YzV8PUk98cJhHPGdCyor2PRsYaBxi9LUEkISiQop
m4hN5rlFC1miL1KJgZzTEFBs6QoNGVjofE4gh/dIgg8hfryowdmQhnmbdZV/tIK2
U1upR/6xOE1t2UC91oSv/9DkxLLpq0ywPXZEZdandjyilP5K0nPbAxQRJwo+YIZZ
MGb6mgFlr0gv8W+YbCLRq5eWstLdFHb7nWkGaRuZaPh14+DIYlgMlfQMMNW4i5Mh
KnhrKvCxx+QgFtE2MjhE0DPPtl6LGzmOH3puAkCxwk/4
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:00:37 2025 by rpki-client