Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
File: b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa (raw, json)
Hash identifier: dSEBbRR7qaKjYYcZhEI+OA6/2htEz9j3Xu5ee2DjQyU=
Subject key identifier: F9:81:64:FE:C1:FD:6C:E1:9E:95:40:00:AC:11:34:69:BF:2A:23:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43EA10B8B6B27436250CE179CF3985A4988DA331
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:ea:10:b8:b6:b2:74:36:25:0c:e1:79:cf:39:85:a4:98:8d:a3:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:08:04:31:bd:c3:13:0e:f4:44:7e:5e:d9:4b:
32:c8:51:ea:eb:13:81:dc:79:c3:40:ec:61:a3:8c:
c4:16:1c:22:94:41:2e:65:20:e2:76:1a:23:5f:7d:
78:cd:11:f0:8d:9f:7c:4b:5d:d6:2c:b6:a9:16:72:
a6:80:d9:7d:2d:ba:f3:b3:b3:0d:0c:15:ce:96:37:
97:68:c6:e6:41:29:93:36:4d:84:d2:5b:53:33:db:
36:45:1c:1e:20:bb:4b:36:4b:1d:40:d4:33:f5:7a:
72:57:70:62:ee:98:94:f9:bc:b1:36:d9:03:90:14:
86:a9:29:7c:a1:2f:cf:ff:42:1c:53:12:87:59:d1:
fe:97:a2:79:73:b6:4d:0a:c2:20:90:a9:3e:e7:7a:
8f:c8:ee:83:3c:20:7f:54:68:99:b0:f0:e4:e4:db:
88:50:0d:32:6f:d4:02:78:4c:9d:bf:5f:a8:92:80:
77:8d:bd:7e:5b:04:d5:62:a9:76:b5:89:51:71:53:
f2:59:cd:e0:8c:7a:e4:97:77:0d:ce:31:3e:6d:73:
a0:95:3c:01:f0:76:f1:95:dc:d2:76:86:44:08:8f:
8d:72:9f:ec:c1:63:e2:27:1e:be:62:99:e9:ee:f1:
c4:b5:f6:c5:32:2d:8a:3b:7f:a2:a2:97:a5:7c:77:
5c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:81:64:FE:C1:FD:6C:E1:9E:95:40:00:AC:11:34:69:BF:2A:23:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4d:91:99:42:0a:2b:1c:cb:7f:f6:2e:23:8d:84:e2:6f:c8:67:
03:35:15:12:9d:98:07:7c:92:50:6b:6e:68:4c:5c:21:46:e1:
22:d2:b4:8a:f8:b0:e6:8d:95:eb:c9:ab:79:3d:66:59:e2:d3:
75:60:e1:34:07:67:4b:31:7a:15:b5:78:ab:21:b5:65:ef:04:
ec:9d:ff:25:02:37:df:45:c1:4b:7a:6e:55:c7:b6:1e:e0:1b:
3f:63:9a:b3:b4:90:a6:11:36:ce:c7:71:17:83:89:39:1a:b2:
85:fc:47:90:32:9a:dc:5f:79:0f:f1:47:21:7e:5a:4c:80:44:
bc:da:bc:ca:1f:f8:8e:06:5b:02:69:45:4e:ab:22:a5:63:02:
9e:eb:d0:5c:49:85:6f:fd:e3:16:3b:19:3b:cb:6d:20:61:cc:
78:fc:5a:02:f2:28:cb:8c:d2:57:4f:bd:f9:f9:c2:06:0e:eb:
b3:80:62:1a:a3:43:60:10:4e:32:79:02:e5:13:32:b8:4d:51:
7e:a1:1a:54:b4:aa:1b:41:d6:b9:c2:00:46:6d:ac:3e:0f:e1:
14:2b:95:a4:93:76:56:d4:6e:12:07:b0:aa:ab:e1:96:34:55:
66:fa:50:fc:55:7f:1b:0a:59:fb:3b:88:40:d3:ee:45:ea:b9:
af:85:2e:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ+oQuLaydDYlDOF5zzmFpJiNozEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmM2M2MTNhZDk1MmQzMTNjOTQyNjBiMmQwMDM5MjkwM2NhYWE1ZTQ2NzY2
ZTVhYTcwMmMzYjExZjgyNGQ1ZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUIBDG9wxMO9ER+XtlLMshR6usTgdx5w0DsYaOMxBYcIpRBLmUg4nYaI199
eM0R8I2ffEtd1iy2qRZypoDZfS2687OzDQwVzpY3l2jG5kEpkzZNhNJbUzPbNkUc
HiC7SzZLHUDUM/V6cldwYu6YlPm8sTbZA5AUhqkpfKEvz/9CHFMSh1nR/peieXO2
TQrCIJCpPud6j8jugzwgf1RombDw5OTbiFANMm/UAnhMnb9fqJKAd429flsE1WKp
drWJUXFT8lnN4Ix65Jd3Dc4xPm1zoJU8AfB28ZXc0naGRAiPjXKf7MFj4icevmKZ
6e7xxLX2xTItijt/oqKXpXx3XJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT5gWT+
wf1s4Z6VQACsETRpvyoj1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjU0MGU1OWQtYmZkMi00YTcyLTliYjAtMzdlODQ4ZDQxY2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBNkZlCCiscy3/2LiONhOJvyGcDNRUSnZgHfJJQa25o
TFwhRuEi0rSK+LDmjZXryat5PWZZ4tN1YOE0B2dLMXoVtXirIbVl7wTsnf8lAjff
RcFLem5Vx7Ye4Bs/Y5qztJCmETbOx3EXg4k5GrKF/EeQMprcX3kP8UchflpMgES8
2rzKH/iOBlsCaUVOqyKlYwKe69BcSYVv/eMWOxk7y20gYcx4/FoC8ijLjNJXT735
+cIGDuuzgGIao0NgEE4yeQLlEzK4TVF+oRpUtKobQda5wgBGbaw+D+EUK5Wkk3ZW
1G4SB7Cqq+GWNFVm+lD8VX8bCln7O4hA0+5F6rmvhS4u
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:38 2025 by rpki-client