Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
File: e6175d79-8819-47e6-b539-4bfb28fe7389.roa (raw, json)
Hash identifier: zBNGrDsZhuEcVP7R2jjJBMmP/zzaDJ/T0OqM/zKuzjU=
Subject key identifier: 78:01:3B:A0:6D:0B:EA:96:C8:1D:6A:7C:93:91:25:7E:27:A5:22:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 397CAC151D317D5373ACC67F4FB9C1C481AB4960
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:7c:ac:15:1d:31:7d:53:73:ac:c6:7f:4f:b9:c1:c4:81:ab:49:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:78:af:df:78:d9:c2:c9:ef:cb:73:7c:1f:25:
97:69:83:85:c8:86:56:71:23:d2:6d:6e:cc:1b:4c:
78:99:44:b8:13:fc:2b:ca:f4:a7:33:b3:4a:48:62:
e8:19:06:44:97:5a:c1:40:51:9d:09:6e:ff:78:b7:
03:01:db:b7:52:d0:d0:0f:7f:f5:bc:1a:fd:2d:ca:
e6:e0:d8:7b:9f:df:89:35:37:9c:12:89:1d:ea:4f:
82:ba:20:b7:2a:88:70:50:b3:f7:8a:9d:b2:8c:73:
08:71:97:f9:8e:ba:3d:e0:b6:e9:00:a8:6e:63:0c:
6f:bd:ac:1c:b6:b5:99:c9:64:dc:e8:5a:a2:5e:c5:
6e:36:2f:15:51:f3:31:ab:e9:8c:5c:70:fa:75:dc:
a7:41:f5:9f:69:34:f8:80:c4:9b:f6:b1:00:54:60:
e0:20:4c:c9:57:70:88:cb:92:67:c5:12:82:bf:7d:
fb:eb:3f:67:b4:e2:e0:ec:ff:cd:94:c2:0d:e5:2e:
91:f8:cd:ba:5c:75:14:52:17:8c:c9:e4:f5:d4:00:
2b:f8:84:f6:0d:24:fe:9f:da:b7:6f:e5:12:e4:a7:
b6:69:94:79:ec:a5:4b:a3:d8:93:a6:10:ad:8b:56:
4c:b7:3f:ef:9a:00:d3:0d:35:b2:88:34:0f:5e:0a:
13:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:01:3B:A0:6D:0B:EA:96:C8:1D:6A:7C:93:91:25:7E:27:A5:22:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6175d79-8819-47e6-b539-4bfb28fe7389.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
72:23:b8:62:f7:72:44:3d:b6:b0:2d:b4:f0:f8:92:da:50:8c:
97:dd:82:02:61:11:b0:59:2e:2d:4e:ff:f3:99:a9:71:37:60:
2b:fa:58:39:92:69:c8:ef:98:c9:d3:3a:00:90:02:bb:12:01:
f6:c1:c4:ae:50:57:f4:ad:55:4e:57:99:33:0b:77:af:21:19:
b5:e6:86:0e:09:4b:38:9a:30:2d:09:52:3d:12:6c:14:b4:92:
80:e8:fe:5e:2e:42:d7:22:c1:ba:1b:9f:16:3f:b9:83:8a:ce:
2a:e2:c9:25:7d:7e:0d:ce:de:4d:85:10:77:7d:d5:77:f7:60:
2e:20:7f:61:a4:ff:01:27:07:e9:36:f8:ca:4c:02:79:e1:46:
c2:40:95:92:38:84:57:77:07:93:7d:ae:f6:f4:a9:e4:8b:db:
c1:3b:51:db:5b:64:7a:8c:96:00:2a:55:36:0c:54:5c:ea:c6:
43:71:9c:10:7d:01:ef:77:31:44:c3:ea:74:66:d0:15:24:65:
fb:72:a0:aa:7e:59:5d:76:67:51:dc:f9:1b:57:e4:ca:44:c2:
ee:28:59:c0:3a:1a:62:1c:16:53:14:46:a3:4e:35:56:60:28:
bf:7d:92:d7:42:f7:c6:61:d5:a3:78:54:1c:d9:de:bc:e7:8b:
23:3d:59:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOXysFR0xfVNzrMZ/T7nBxIGrSWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNDcxZTVkZTk0ZTM2NWFjNWNkNjQ0ZGU1ODY3MzE3YzRkYTkzNzA2YmMz
NGQ4MWUxZjNjOGJjNjMzZjdjNDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL94r9942cLJ78tzfB8ll2mDhciGVnEj0m1uzBtMeJlEuBP8K8r0pzOzSkhi
6BkGRJdawUBRnQlu/3i3AwHbt1LQ0A9/9bwa/S3K5uDYe5/fiTU3nBKJHepPgrog
tyqIcFCz94qdsoxzCHGX+Y66PeC26QCobmMMb72sHLa1mclk3Ohaol7FbjYvFVHz
MavpjFxw+nXcp0H1n2k0+IDEm/axAFRg4CBMyVdwiMuSZ8USgr99++s/Z7Ti4Oz/
zZTCDeUukfjNulx1FFIXjMnk9dQAK/iE9g0k/p/at2/lEuSntmmUeeylS6PYk6YQ
rYtWTLc/75oA0w01sog0D14KEwcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4ATug
bQvqlsgdanyTkSV+J6UizDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYxNzVkNzktODgxOS00N2U2LWI1MzktNGJmYjI4ZmU3Mzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQByI7hi93JEPbawLbTw+JLaUIyX3YICYRGwWS4tTv/z
malxN2Ar+lg5kmnI75jJ0zoAkAK7EgH2wcSuUFf0rVVOV5kzC3evIRm15oYOCUs4
mjAtCVI9EmwUtJKA6P5eLkLXIsG6G58WP7mDis4q4sklfX4Nzt5NhRB3fdV392Au
IH9hpP8BJwfpNvjKTAJ54UbCQJWSOIRXdweTfa729Knki9vBO1HbW2R6jJYAKlU2
DFRc6sZDcZwQfQHvdzFEw+p0ZtAVJGX7cqCqfllddmdR3PkbV+TKRMLuKFnAOhpi
HBZTFEajTjVWYCi/fZLXQvfGYdWjeFQc2d6854sjPVmT
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:38:22 2025 by rpki-client