Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: I5uTJJZuMTVUL0P9zc9S90SKVaIJUFaBOnE67eKuXj8=
Subject key identifier: 85:10:28:DE:7A:FC:B3:A7:99:06:08:27:E9:C0:DF:AC:F7:CE:E7:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40A14F52236B4BD950C1CFE1B646926D825CD87C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Wed 05 Mar 2025 17:51:47 +0000
ROA not before: Wed 05 Mar 2025 17:51:47 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:a1:4f:52:23:6b:4b:d9:50:c1:cf:e1:b6:46:92:6d:82:5c:d8:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:47 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c4:95:11:bb:89:aa:a0:77:8d:d7:d1:ec:10:
89:cf:95:1d:00:b5:aa:32:95:83:b8:2e:a8:5e:7a:
6e:c0:af:9c:11:6f:8d:a0:d3:ad:c0:bc:18:74:07:
57:cf:c2:d7:02:9a:b8:fa:f8:18:c8:d2:b9:7d:15:
ea:c3:1b:28:57:27:a3:31:2c:4e:10:6f:b9:06:6a:
89:f9:45:fc:30:57:0e:fb:e6:0e:5f:6e:2c:94:91:
61:58:61:c0:c2:37:fe:1c:9e:4f:34:cd:6d:de:42:
25:23:94:bf:45:6e:2c:44:ca:9b:12:4b:6e:21:33:
d8:83:1e:a8:ad:16:7b:4f:60:e3:9a:42:d1:70:66:
b0:bc:84:12:15:21:6e:3b:63:81:b9:67:1b:c1:43:
36:75:51:ac:4f:ce:a4:34:3f:e5:16:e5:ef:fc:70:
c5:4b:93:dd:39:75:68:bb:51:ce:b1:80:d4:5b:7c:
b3:af:16:a1:c8:19:47:70:07:9a:31:e5:c8:d1:41:
aa:8e:aa:51:4c:bc:03:f1:53:fe:d9:c7:54:8b:c2:
d7:12:c2:45:63:4f:27:40:58:b1:9a:27:ed:d6:d3:
a7:74:f8:2a:3a:b8:b0:89:16:b6:88:f5:83:5e:d5:
4d:10:2e:8c:e3:25:8b:8c:a8:30:ab:ce:8a:c0:ce:
0d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:10:28:DE:7A:FC:B3:A7:99:06:08:27:E9:C0:DF:AC:F7:CE:E7:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
16:dc:9d:db:ce:c2:de:04:f3:96:13:9c:f0:8f:6d:e8:7f:0e:
e8:8b:4c:d6:8a:fd:e3:7a:49:67:b2:ee:cc:72:ac:b8:64:a5:
12:28:ee:da:2c:9b:3c:49:79:4b:f1:f2:2e:1c:8a:0a:e5:0c:
ea:1f:cd:e9:60:ce:83:68:fe:e4:67:98:3d:31:51:47:67:04:
c2:d7:ce:d3:8b:1b:0c:ff:4a:84:df:02:18:e5:72:2c:6a:ad:
c6:ce:30:11:7b:20:2a:03:f9:b6:fb:54:4f:10:4c:49:6d:9f:
27:42:b2:64:66:0f:fe:a8:11:68:71:31:1b:1e:c2:1f:ce:b5:
bb:54:3e:e9:a5:81:b1:5d:09:72:3f:ed:e4:2a:2d:ec:51:a0:
db:32:1f:90:6c:8c:d6:97:7f:c1:bb:8b:ce:28:cf:50:68:f6:
f4:5a:4c:5a:6b:59:2c:b5:70:0c:0f:f6:d8:4e:bd:37:da:43:
b0:9d:b7:27:85:e5:f0:8a:ee:f6:e2:d5:f5:2f:45:32:9b:24:
18:5a:c8:55:b1:9a:98:95:90:5f:d6:78:aa:33:ee:92:75:e5:
3b:c0:0a:9c:cb:4c:d8:93:b8:76:a4:cc:90:12:c0:30:bc:33:
43:ff:99:a0:eb:1d:51:04:ed:4d:8a:3d:4f:6a:7f:9d:a8:cb:
62:23:0f:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQKFPUiNrS9lQwc/htkaSbYJc2HwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNDdaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxZTgzZDc1MTRkN2M2ZWM1ODM3MWQxMjQ1ZTlmY2NmZjYyMTYyNmNhMDYx
YzEwNmRkMTNjMzE2YTAzZmY1ZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7ElRG7iaqgd43X0ewQic+VHQC1qjKVg7guqF56bsCvnBFvjaDTrcC8GHQH
V8/C1wKauPr4GMjSuX0V6sMbKFcnozEsThBvuQZqiflF/DBXDvvmDl9uLJSRYVhh
wMI3/hyeTzTNbd5CJSOUv0VuLETKmxJLbiEz2IMeqK0We09g45pC0XBmsLyEEhUh
bjtjgblnG8FDNnVRrE/OpDQ/5Rbl7/xwxUuT3Tl1aLtRzrGA1Ft8s68WocgZR3AH
mjHlyNFBqo6qUUy8A/FT/tnHVIvC1xLCRWNPJ0BYsZon7dbTp3T4Kjq4sIkWtoj1
g17VTRAujOMli4yoMKvOisDODdMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSFECje
evyzp5kGCCfpwN+s987nojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQAW3J3bzsLeBPOWE5zwj23ofw7oi0zWiv3jeklnsu7M
cqy4ZKUSKO7aLJs8SXlL8fIuHIoK5QzqH83pYM6DaP7kZ5g9MVFHZwTC187TixsM
/0qE3wIY5XIsaq3GzjAReyAqA/m2+1RPEExJbZ8nQrJkZg/+qBFocTEbHsIfzrW7
VD7ppYGxXQlyP+3kKi3sUaDbMh+QbIzWl3/Bu4vOKM9QaPb0Wkxaa1kstXAMD/bY
Tr032kOwnbcnheXwiu724tX1L0UymyQYWshVsZqYlZBf1niqM+6SdeU7wAqcy0zY
k7h2pMyQEsAwvDND/5mg6x1RBO1Nij1Pan+dqMtiIw/Q
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:13 2025 by rpki-client