Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
File: d4b4aa1a-385e-428a-9444-c44b9dd07114.roa (raw, json)
Hash identifier: ANlPjwoUgwcxuf1NEXGjxlAphpI2FF9yhc0BYoxS4AM=
Subject key identifier: CA:F9:EC:78:31:E5:5A:9F:7D:41:E2:C4:46:2D:66:3A:81:80:CC:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E840218E53EB7A71B50014CD7AAC30D70490350
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:84:02:18:e5:3e:b7:a7:1b:50:01:4c:d7:aa:c3:0d:70:49:03:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:08:22:ad:94:e5:4e:00:16:71:a5:57:61:df:
98:dc:a1:c3:13:dd:f7:fd:88:c9:58:90:15:08:fb:
4e:17:dd:4a:3b:bf:51:6c:b2:62:e1:26:39:4e:b0:
b2:10:68:11:2b:75:3e:31:86:b9:90:2e:eb:0b:48:
47:a6:b2:29:4d:46:44:2d:47:a2:1a:e5:c6:92:40:
ce:02:5f:3a:66:18:c5:e2:bc:eb:e2:cc:2e:83:bd:
7f:a9:5e:b4:87:78:bc:1c:5a:58:f1:d1:dd:cf:d2:
dd:66:72:0b:7a:f8:fa:3f:53:03:fe:ca:c2:21:dc:
7c:96:52:c6:70:e3:9d:b1:75:5b:4a:1b:cc:e9:b6:
ef:6e:7f:b0:22:61:7f:68:dc:18:1d:24:b3:af:f7:
fd:c8:20:2b:f1:86:b5:b0:5f:8a:15:6d:07:e7:0c:
d5:a7:42:eb:30:d3:e8:fb:f1:a9:df:c3:96:7a:71:
67:e8:bf:b5:46:94:5f:7a:3b:59:ff:6d:18:73:c0:
af:60:7c:c2:9f:50:ac:15:95:00:95:c9:ca:df:5c:
6c:95:bc:17:90:b1:0e:61:c8:e3:77:09:aa:ee:62:
e5:de:34:19:89:b5:d3:f3:08:40:9a:e4:66:1e:9b:
f7:9d:62:9a:4e:cb:ce:b5:40:4e:f4:f5:51:08:d6:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F9:EC:78:31:E5:5A:9F:7D:41:E2:C4:46:2D:66:3A:81:80:CC:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c7:58:47:e1:df:f9:8f:8d:2c:53:17:ad:34:f7:cb:af:8c:b1:
3a:89:e5:85:06:63:e7:b7:30:0b:3a:e6:2f:4b:40:04:52:b5:
c5:54:b3:ea:92:ec:04:31:d1:dc:8a:b8:41:e9:f2:08:1a:02:
4c:24:f7:ea:78:52:68:c4:03:f6:72:d9:5e:62:0c:40:00:56:
9a:30:db:62:1c:aa:93:b9:6f:c1:34:c7:0f:7e:fd:4e:0e:9e:
1e:21:79:e2:4e:a7:ac:ee:9d:ab:df:79:45:8b:17:99:b0:bf:
ef:52:83:82:a3:88:36:5e:60:02:c8:6f:31:e4:35:87:c1:61:
50:d2:7b:e1:e4:e0:67:83:79:26:fe:ed:43:0c:03:15:46:f5:
12:a7:3a:98:f4:2f:0f:72:1e:74:44:38:d9:01:b5:ea:56:49:
f6:20:03:1e:06:c8:0a:e0:80:b3:e2:73:4a:27:df:df:65:1c:
30:90:0f:dd:0c:53:90:84:3f:57:11:61:e5:6b:c5:08:43:6e:
b6:3a:b6:69:a9:2d:af:79:76:91:9e:b6:3a:45:cb:a9:cf:07:
6a:12:f9:32:04:46:f9:41:c8:a4:9b:a1:b8:73:e8:10:aa:10:
c7:17:0c:df:44:4b:9e:2e:12:ec:23:b5:94:9f:0d:6c:f6:d8:
5c:9a:e8:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUboQCGOU+t6cbUAFM16rDDXBJA1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjUwMDAwMDBaFw0yNDEyMzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwZWEzMDEwZDYxNGZhNWY0YzEwNDM5MDFkNjljZWNmMjlkZDdlMDYwYjk2
NTQ5ZGVmMzg2ODUwMDk2ZDQxNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgIIq2U5U4AFnGlV2HfmNyhwxPd9/2IyViQFQj7ThfdSju/UWyyYuEmOU6w
shBoESt1PjGGuZAu6wtIR6ayKU1GRC1HohrlxpJAzgJfOmYYxeK86+LMLoO9f6le
tId4vBxaWPHR3c/S3WZyC3r4+j9TA/7KwiHcfJZSxnDjnbF1W0obzOm2725/sCJh
f2jcGB0ks6/3/cggK/GGtbBfihVtB+cM1adC6zDT6Pvxqd/DlnpxZ+i/tUaUX3o7
Wf9tGHPAr2B8wp9QrBWVAJXJyt9cbJW8F5CxDmHI43cJqu5i5d40GYm10/MIQJrk
Zh6b951imk7LzrVATvT1UQjWE0ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTK+ex4
MeVan31B4sRGLWY6gYDM1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDRiNGFhMWEtMzg1ZS00MjhhLTk0NDQtYzQ0YjlkZDA3MTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQDHWEfh3/mPjSxTF60098uvjLE6ieWFBmPntzALOuYv
S0AEUrXFVLPqkuwEMdHcirhB6fIIGgJMJPfqeFJoxAP2ctleYgxAAFaaMNtiHKqT
uW/BNMcPfv1ODp4eIXniTqes7p2r33lFixeZsL/vUoOCo4g2XmACyG8x5DWHwWFQ
0nvh5OBng3km/u1DDAMVRvUSpzqY9C8Pch50RDjZAbXqVkn2IAMeBsgK4ICz4nNK
J9/fZRwwkA/dDFOQhD9XEWHla8UIQ262OrZpqS2veXaRnrY6RcupzwdqEvkyBEb5
Qcikm6G4c+gQqhDHFwzfREueLhLsI7WUnw1s9thcmuin
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:38 2025 by rpki-client