Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa
File: ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa (raw, json)
Hash identifier: xQha76xbP7V8e0n5Nyt1K3O/NgAVFWlSN0GsY9PQCbg=
Subject key identifier: 0C:B7:28:61:D5:E6:AD:0A:78:AC:2E:66:2D:FB:44:48:3C:00:90:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20CB9A2BC9A5C0A88691E9E7996442EF49CBE43E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:cb:9a:2b:c9:a5:c0:a8:86:91:e9:e7:99:64:42:ef:49:cb:e4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ff:00:ff:70:0f:d9:0f:7a:26:b3:60:6c:39:
48:da:f4:b2:ad:df:cd:6d:11:2f:09:c4:e7:86:69:
68:ae:aa:f4:55:ba:45:e4:d7:a0:51:b0:11:c5:2e:
79:3e:9f:e2:8f:ea:2e:1b:e8:88:4a:ba:a8:62:6e:
2a:3d:e6:3e:6a:d2:c3:21:fd:bc:ba:ba:55:80:1d:
d3:0d:fc:ad:43:ae:3e:29:d6:93:d5:b8:8d:60:59:
bb:ab:dd:91:13:a0:a6:5a:47:9e:93:33:02:fd:bd:
6d:80:e0:79:ad:22:47:b8:9f:83:ed:69:e7:98:4e:
83:92:f2:0d:f6:1e:a4:f5:cb:12:04:f7:17:00:3f:
92:34:e4:9f:fe:41:d9:f4:02:dc:48:e3:7f:81:39:
b8:ff:bc:bc:49:71:73:e4:03:e9:dd:5d:fe:58:44:
c0:58:d0:c7:d8:ff:cf:c0:19:43:77:fe:4d:03:62:
bd:20:ca:c2:6b:67:91:b0:6d:e9:0e:3c:be:c2:f2:
26:47:89:ff:44:9a:f6:ab:9b:f5:a1:a7:c3:ad:84:
6b:f9:32:42:51:63:5f:44:cd:c0:04:a6:05:9e:e8:
d4:b7:57:cc:01:f7:7c:b6:c9:43:d5:36:e7:ed:83:
29:37:f9:63:eb:a1:eb:bf:33:16:4d:24:04:1f:1a:
54:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B7:28:61:D5:E6:AD:0A:78:AC:2E:66:2D:FB:44:48:3C:00:90:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf9de9c-f37f-4256-bcd9-c7bf26e83e9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:19:8d:11:b1:03:cb:33:a7:fc:97:d6:fc:90:17:2c:cc:1f:
a8:b0:f7:1c:bd:1c:37:0e:a3:5b:07:0d:eb:d4:d3:7b:43:32:
eb:cf:00:7c:15:7d:f7:ab:ab:6b:ea:bd:8b:51:32:08:a7:3c:
76:04:60:de:94:5b:ca:02:49:05:c6:d0:9a:84:9f:73:01:42:
f2:a4:db:cf:af:05:a6:25:a7:f0:7c:56:13:c5:55:a0:37:fb:
29:b0:f6:3b:de:5b:e4:99:24:6e:6d:36:9d:61:18:71:1d:8b:
98:04:4f:01:e8:9a:45:f8:a9:45:90:9c:76:4f:ce:bc:2f:62:
70:69:59:d6:9c:e2:e1:ae:ec:a8:b7:bd:f4:4d:09:93:b6:a3:
a2:aa:98:64:d4:32:3b:9f:97:88:f3:06:39:9e:d2:fb:00:9f:
c4:36:43:25:d4:af:cb:0c:c0:d7:64:a8:7c:d3:fa:38:a8:34:
94:e9:27:4f:25:55:2b:0b:80:11:1d:91:8a:4a:e2:72:fd:e5:
47:fe:ff:b3:59:95:dd:2f:99:78:6b:b5:c6:2e:12:46:7d:2f:
a7:2c:13:8e:f6:47:b6:ba:98:05:df:c2:67:7e:82:07:6f:6c:
be:2c:ab:40:da:e6:62:b4:01:05:d6:3a:17:07:8c:ea:d6:dc:
09:31:73:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIMuaK8mlwKiGkennmWRC70nL5D4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlYjQ1NWQxYzMyMjEwMjRkZjg5MTUxOWU3MjAxMTNhOGM2MTMzYjkzNmZk
YWY1YmQxODRhM2RhMmZhMWU5YzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJr/AP9wD9kPeiazYGw5SNr0sq3fzW0RLwnE54ZpaK6q9FW6ReTXoFGwEcUu
eT6f4o/qLhvoiEq6qGJuKj3mPmrSwyH9vLq6VYAd0w38rUOuPinWk9W4jWBZu6vd
kROgplpHnpMzAv29bYDgea0iR7ifg+1p55hOg5LyDfYepPXLEgT3FwA/kjTkn/5B
2fQC3Ejjf4E5uP+8vElxc+QD6d1d/lhEwFjQx9j/z8AZQ3f+TQNivSDKwmtnkbBt
6Q48vsLyJkeJ/0Sa9qub9aGnw62Ea/kyQlFjX0TNwASmBZ7o1LdXzAH3fLbJQ9U2
5+2DKTf5Y+uh678zFk0kBB8aVGUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMtyhh
1eatCnisLmYt+0RIPACQRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmOWRlOWMtZjM3Zi00MjU2LWJjZDktYzdiZjI2ZTgzZTlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQCmGY0RsQPLM6f8l9b8kBcszB+osPccvRw3DqNbBw3r
1NN7QzLrzwB8FX33q6tr6r2LUTIIpzx2BGDelFvKAkkFxtCahJ9zAULypNvPrwWm
JafwfFYTxVWgN/spsPY73lvkmSRubTadYRhxHYuYBE8B6JpF+KlFkJx2T868L2Jw
aVnWnOLhruyot730TQmTtqOiqphk1DI7n5eI8wY5ntL7AJ/ENkMl1K/LDMDXZKh8
0/o4qDSU6SdPJVUrC4ARHZGKSuJy/eVH/v+zWZXdL5l4a7XGLhJGfS+nLBOO9ke2
upgF38JnfoIHb2y+LKtA2uZitAEF1joXB4zq1twJMXPA
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:44 2025 by rpki-client