Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ef0ea6-7a32-4830-bc70-a378537a2733.roa
File: c7ef0ea6-7a32-4830-bc70-a378537a2733.roa (raw, json)
Hash identifier: D//tbCRGfSf1LMe7cBiD+lCTePN+fKgFxbDonqwRGow=
Subject key identifier: 22:64:30:42:81:BA:AA:AF:8A:F1:1E:2F:8C:03:24:42:99:08:FD:DB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F97A74BC96267084B88140D1EFADC6A22EFB888
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ef0ea6-7a32-4830-bc70-a378537a2733.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:97:a7:4b:c9:62:67:08:4b:88:14:0d:1e:fa:dc:6a:22:ef:b8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0f:a6:f8:4b:9c:58:3d:4c:fe:21:3e:c2:c7:
51:4c:1d:02:f7:d6:b9:a8:ed:46:af:be:93:21:bf:
79:10:9f:e8:91:a8:09:f4:35:df:d6:d2:00:c4:43:
55:82:b4:fc:16:8d:ea:4a:44:8e:cf:77:cc:63:e0:
0c:0d:28:5a:28:7d:9a:2d:38:eb:5f:51:e3:5c:e4:
37:36:ca:d9:ea:62:a8:36:a2:3b:f5:11:b2:e9:f3:
bb:18:6d:b8:ef:82:95:3e:54:83:d9:8e:f6:63:b7:
56:6f:50:1c:fa:89:1b:72:45:19:85:c5:98:4f:84:
5b:73:cd:d0:e7:b6:c7:1c:8f:7e:42:61:86:ad:40:
42:b0:cf:8b:87:05:68:e6:28:6a:df:7d:00:28:63:
81:6b:98:88:6d:30:aa:ef:8d:de:ec:94:1e:3d:9a:
04:b9:06:07:df:0c:92:f5:50:32:0f:f1:55:ff:a7:
ce:01:0b:72:f4:d0:68:09:c0:da:7d:ee:29:f6:45:
9f:61:10:bb:ff:32:28:5f:85:23:69:60:7f:9c:a4:
29:60:ca:1f:91:1d:63:99:70:24:be:d3:8e:7c:74:
55:fa:bd:61:fd:8f:fa:90:ea:14:20:2c:cd:51:d2:
94:ec:60:a7:e2:7b:1a:00:24:ba:01:43:69:89:4a:
07:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:64:30:42:81:BA:AA:AF:8A:F1:1E:2F:8C:03:24:42:99:08:FD:DB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ef0ea6-7a32-4830-bc70-a378537a2733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:e7:ff:3e:ef:0d:9b:3a:ff:f6:30:fd:dc:61:dc:95:c1:d8:
13:5c:80:97:a3:d6:7d:d1:b4:b3:af:21:93:6b:68:d1:0d:40:
46:f0:fb:7d:43:65:ee:a7:01:4b:a9:31:8e:42:64:3d:0b:c5:
ee:75:95:49:f4:d6:67:b2:94:c8:94:4e:2e:d3:62:4d:88:d2:
0f:bc:7b:36:b3:21:39:50:e8:a9:dd:f7:ac:7d:14:f2:66:f5:
59:b0:93:25:ff:b6:04:ef:81:36:29:aa:3a:12:65:18:cb:14:
51:1d:5b:8b:56:66:cc:9a:5c:2f:b7:3e:b0:20:88:8e:c4:78:
98:d2:84:32:0e:35:7d:90:e9:d5:21:d1:ae:80:3d:2e:91:b6:
b3:28:c5:13:44:a0:87:85:a5:bb:7d:e4:53:6c:ce:48:99:d2:
ba:aa:3c:76:21:02:87:41:4b:c3:b9:1a:96:31:3d:9c:13:b9:
a2:7c:59:b5:f4:0f:8a:4a:7e:25:63:62:65:ec:5b:34:e7:e5:
01:a4:d6:cd:a9:a0:3d:1f:76:23:d5:c4:43:5e:1d:6e:7b:cc:
c7:9a:78:ae:08:38:dd:2f:63:84:32:db:37:5a:a7:54:c1:28:
de:0d:74:1c:d2:01:47:42:88:ee:6b:ab:2e:40:c1:e6:52:e0:
82:53:76:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL5enS8liZwhLiBQNHvrcaiLvuIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMTA5YWJlOTAyMzNmZDRlYmM5OTQ3ZWZkZTQ4YzhkZTZkMTcwMDc3MWI0
NTNiODQ0OWI1YjFlOGVjYmQyZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAPpvhLnFg9TP4hPsLHUUwdAvfWuajtRq++kyG/eRCf6JGoCfQ139bSAMRD
VYK0/BaN6kpEjs93zGPgDA0oWih9mi04619R41zkNzbK2epiqDaiO/URsunzuxht
uO+ClT5Ug9mO9mO3Vm9QHPqJG3JFGYXFmE+EW3PN0Oe2xxyPfkJhhq1AQrDPi4cF
aOYoat99AChjgWuYiG0wqu+N3uyUHj2aBLkGB98MkvVQMg/xVf+nzgELcvTQaAnA
2n3uKfZFn2EQu/8yKF+FI2lgf5ykKWDKH5EdY5lwJL7Tjnx0Vfq9Yf2P+pDqFCAs
zVHSlOxgp+J7GgAkugFDaYlKByMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQiZDBC
gbqqr4rxHi+MAyRCmQj92zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzdlZjBlYTYtN2EzMi00ODMwLWJjNzAtYTM3ODUzN2EyNzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQA05/8+7w2bOv/2MP3cYdyVwdgTXICXo9Z90bSzryGT
a2jRDUBG8Pt9Q2XupwFLqTGOQmQ9C8XudZVJ9NZnspTIlE4u02JNiNIPvHs2syE5
UOip3fesfRTyZvVZsJMl/7YE74E2Kao6EmUYyxRRHVuLVmbMmlwvtz6wIIiOxHiY
0oQyDjV9kOnVIdGugD0ukbazKMUTRKCHhaW7feRTbM5ImdK6qjx2IQKHQUvDuRqW
MT2cE7mifFm19A+KSn4lY2Jl7Fs05+UBpNbNqaA9H3Yj1cRDXh1ue8zHmniuCDjd
L2OEMts3WqdUwSjeDXQc0gFHQojua6suQMHmUuCCU3Yw
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:09 2025 by rpki-client