Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
File: c090963d-9d8d-49a3-960b-b36e1309eb76.roa (raw, json)
Hash identifier: 9zgoe/y9HoPZPf0so8jVmeaM1W4btPzGOsJ2i1PTa0o=
Subject key identifier: 3B:2B:1D:83:FC:C9:4C:4C:EF:DF:CA:1B:F2:FA:A2:41:93:70:EA:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 316EE4E95D87F92A430297165636B1432CE5F706
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:6e:e4:e9:5d:87:f9:2a:43:02:97:16:56:36:b1:43:2c:e5:f7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:99:f7:bb:8d:4d:0a:90:ff:f3:18:01:6a:
60:27:2a:fa:ff:1f:40:2a:bf:f2:4f:24:eb:21:bb:
63:94:23:8d:70:dc:55:ab:f8:69:b9:97:f0:9e:b5:
b7:17:1b:73:16:8c:68:c3:ad:6f:49:18:d9:5a:12:
38:2b:3f:4c:68:66:7c:68:c3:2f:ae:58:68:4a:78:
fa:40:93:7d:be:f0:c0:47:17:00:6f:4d:7b:ce:f1:
89:20:9c:90:04:08:9d:d9:00:ce:7f:b4:40:f3:06:
d8:e0:ce:c7:8f:00:e6:18:0e:29:f3:8d:6d:66:fb:
8b:aa:5f:82:ca:5a:87:f3:c7:aa:d6:54:8a:8c:9f:
85:17:3d:4c:e0:f6:e2:3c:d7:73:f7:e9:7b:e8:fa:
10:83:a2:24:21:03:09:9d:52:be:87:e9:1a:ba:21:
0f:81:1a:21:b3:f6:4a:de:c9:30:58:6a:94:2d:73:
05:c5:53:57:18:ab:6b:4d:b5:8f:06:3b:55:3f:94:
2e:7f:10:da:1b:26:1a:a4:7a:5c:a1:de:df:fe:2b:
34:2c:82:f9:eb:09:e1:08:82:8f:7f:87:98:70:4d:
8c:19:ca:3b:37:fc:f0:14:1b:f2:db:03:f8:19:d2:
6d:a9:71:85:14:e8:61:43:6b:24:3d:f3:fa:36:8a:
0e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2B:1D:83:FC:C9:4C:4C:EF:DF:CA:1B:F2:FA:A2:41:93:70:EA:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c090963d-9d8d-49a3-960b-b36e1309eb76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:9e:95:f4:37:21:ae:74:05:a6:30:70:b0:9b:d7:79:ca:25:
20:e9:bc:9c:bb:26:63:32:10:52:15:86:f4:48:b0:dc:66:11:
f3:8e:65:e2:25:e2:37:2a:1f:eb:b4:20:f4:97:3c:43:29:f5:
56:50:9c:39:c7:ab:ad:9f:3a:70:82:26:16:bd:0c:9a:fc:cf:
51:e6:48:96:77:62:1e:6a:34:4d:d6:1a:63:04:1a:7a:88:d7:
dd:76:db:76:7b:72:7d:31:df:0f:01:1d:69:88:01:3e:fe:7b:
23:45:d4:e3:f0:a5:71:cd:ae:e6:94:e4:e0:9f:f7:24:50:9e:
79:51:2a:eb:f5:95:37:a9:5a:55:97:83:67:9b:dc:f6:99:1a:
f2:7b:e8:7d:af:c1:0f:1c:4d:56:41:13:1f:79:ad:a3:a0:94:
80:dd:93:79:ec:1a:84:87:3e:1d:28:27:61:18:06:b4:ec:a6:
b6:62:0c:7d:45:9c:ef:17:5a:d4:eb:fb:34:e8:dc:51:a5:c9:
fa:fd:fd:0b:94:d8:d4:a3:60:4d:9a:39:2f:bc:eb:ec:08:de:
2d:42:be:8a:d7:52:1f:85:bc:66:3e:d2:aa:45:e8:e2:f4:c8:
bd:09:60:f8:dc:39:05:a6:fe:c1:9d:0e:63:63:a7:38:03:0d:
5e:a4:12:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMW7k6V2H+SpDApcWVjaxQyzl9wYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjOTYyMjRjNGFjNDkyMGFiYmY3MzIwYzAwYTdmN2MwZGRjYzkzMmMzY2Q4
NTRiNmVmMTkwM2NmZDc0YWExYjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPLmfe7jU0KkP/zGAFqYCcq+v8fQCq/8k8k6yG7Y5QjjXDcVav4abmX8J61
txcbcxaMaMOtb0kY2VoSOCs/TGhmfGjDL65YaEp4+kCTfb7wwEcXAG9Ne87xiSCc
kAQIndkAzn+0QPMG2ODOx48A5hgOKfONbWb7i6pfgspah/PHqtZUioyfhRc9TOD2
4jzXc/fpe+j6EIOiJCEDCZ1SvofpGrohD4EaIbP2St7JMFhqlC1zBcVTVxira021
jwY7VT+ULn8Q2hsmGqR6XKHe3/4rNCyC+esJ4QiCj3+HmHBNjBnKOzf88BQb8tsD
+BnSbalxhRToYUNrJD3z+jaKDjkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7Kx2D
/MlMTO/fyhvy+qJBk3DqizAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA5MDk2M2QtOWQ4ZC00OWEzLTk2MGItYjM2ZTEzMDllYjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQB4npX0NyGudAWmMHCwm9d5yiUg6bycuyZjMhBSFYb0
SLDcZhHzjmXiJeI3Kh/rtCD0lzxDKfVWUJw5x6utnzpwgiYWvQya/M9R5kiWd2Ie
ajRN1hpjBBp6iNfddtt2e3J9Md8PAR1piAE+/nsjRdTj8KVxza7mlOTgn/ckUJ55
USrr9ZU3qVpVl4Nnm9z2mRrye+h9r8EPHE1WQRMfea2joJSA3ZN57BqEhz4dKCdh
GAa07Ka2Ygx9RZzvF1rU6/s06NxRpcn6/f0LlNjUo2BNmjkvvOvsCN4tQr6K11If
hbxmPtKqReji9Mi9CWD43DkFpv7BnQ5jY6c4Aw1epBL0
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:36:02 2025 by rpki-client