Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
File: 24601d85-ac6e-46b6-a0d2-d35342ccc951.roa (raw, json)
Hash identifier: m/aZNwcRDrn8UqvhaO9+CTi/UG3Xx6SWAYoSYP4u/es=
Subject key identifier: 4C:02:A3:18:12:5E:B8:40:6A:DD:08:08:F4:90:3A:90:6F:5F:45:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CDEECBAC3CA9F8D8080B117A6368AF8E1AB279E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
Signing time: Fri 07 Mar 2025 15:10:33 +0000
ROA not before: Fri 07 Mar 2025 15:10:33 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.93.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:de:ec:ba:c3:ca:9f:8d:80:80:b1:17:a6:36:8a:f8:e1:ab:27:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:33 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9d:1f:cc:1b:52:29:8a:f0:43:31:52:60:6b:
3f:21:6b:6f:95:fb:f5:e8:2d:c9:5d:57:dc:a6:4b:
14:ba:97:f4:1d:1b:2d:03:b2:a0:1a:12:92:db:cb:
26:dc:f6:1b:8a:e5:9c:cd:84:17:73:44:81:90:f1:
a2:27:0c:e3:1e:1b:4a:16:bc:5a:ad:d2:c4:ba:81:
9c:66:df:31:d0:5a:bf:f7:cc:75:c6:a4:f7:86:60:
d6:86:cd:79:8d:c3:98:a7:6e:a8:5d:08:e2:7e:8d:
05:83:58:7b:84:a4:a4:33:b1:e2:54:70:38:08:96:
fe:aa:35:37:47:67:2a:d5:d1:45:b9:a7:c8:27:d5:
ed:4c:c5:a1:06:c6:cd:4d:61:57:f2:bf:1d:d3:77:
87:f2:13:74:38:84:be:72:a4:db:d9:d6:92:f9:66:
86:7a:01:dd:86:16:8c:8e:db:20:5b:48:4d:9c:96:
46:d3:09:6b:11:10:a9:51:28:f4:f0:9c:c0:61:f5:
57:ae:51:59:2d:68:b8:72:61:1a:ed:5a:d0:76:72:
a8:d5:c2:ec:ac:e0:d4:9a:7e:2f:38:56:8e:3f:dc:
cd:66:b3:dd:41:4a:b4:40:9a:45:61:14:8e:88:38:
3a:55:9e:82:56:e8:1d:a4:be:15:a5:de:69:d4:b3:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:02:A3:18:12:5E:B8:40:6A:DD:08:08:F4:90:3A:90:6F:5F:45:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24601d85-ac6e-46b6-a0d2-d35342ccc951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:54:ed:e6:4b:f4:41:44:11:bb:e5:74:6b:c4:8d:99:30:57:
05:c6:0b:03:f6:3e:6d:79:39:58:f9:54:7a:4a:14:fb:97:9e:
59:cc:00:3b:fb:40:01:eb:8c:3a:a2:48:d6:5c:e8:51:64:cb:
e3:27:1d:85:c9:be:fe:67:91:9b:64:39:a4:fc:f4:b4:5c:ed:
6b:00:69:a1:c5:55:43:19:a0:f8:7d:6f:76:cc:85:00:70:13:
06:b4:0f:53:95:f1:a0:1f:55:ad:f6:b0:41:9c:ec:bf:cd:72:
ff:26:c7:bd:94:e3:60:83:c7:4b:ac:06:18:87:ec:a4:5a:00:
7f:13:b6:02:6a:09:6d:41:24:b4:6d:59:32:f4:66:dd:64:04:
ec:85:b8:05:2a:97:b7:31:30:0e:52:51:84:74:9f:b4:36:a1:
76:c0:87:84:a7:bb:6b:49:96:ed:2b:a7:d6:5e:dc:08:71:3a:
2a:fe:ef:37:5e:39:60:61:6e:3f:ec:ed:26:b2:bb:78:0c:34:
e2:26:76:50:d3:e9:99:84:ef:fc:73:51:3b:a8:9d:3e:9b:22:
5d:41:a4:6a:af:fb:67:3b:ed:04:8a:9a:f0:bd:65:42:aa:2c:
1f:6b:79:bb:34:5f:29:7c:38:49:76:4e:e3:be:93:98:49:41:
f7:76:6b:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbN7susPKn42AgLEXpjaK+OGrJ54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwMzNaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5N2VlODMxYmRjMDgzZDE0YWRlMmUyZjhjMzgxYTNkNWRlMGViZWQ1M2Ew
YzQ2NGZlMzM2NWEyMjgwYzg0OTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALedH8wbUimK8EMxUmBrPyFrb5X79egtyV1X3KZLFLqX9B0bLQOyoBoSktvL
Jtz2G4rlnM2EF3NEgZDxoicM4x4bSha8Wq3SxLqBnGbfMdBav/fMdcak94Zg1obN
eY3DmKduqF0I4n6NBYNYe4SkpDOx4lRwOAiW/qo1N0dnKtXRRbmnyCfV7UzFoQbG
zU1hV/K/HdN3h/ITdDiEvnKk29nWkvlmhnoB3YYWjI7bIFtITZyWRtMJaxEQqVEo
9PCcwGH1V65RWS1ouHJhGu1a0HZyqNXC7Kzg1Jp+LzhWjj/czWaz3UFKtECaRWEU
jog4OlWeglboHaS+FaXeadSzR6ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRMAqMY
El64QGrdCAj0kDqQb19FojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ2MDFkODUtYWM2ZS00NmI2LWEwZDItZDM1MzQyY2NjOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNdMA0G
CSqGSIb3DQEBCwUAA4IBAQCHVO3mS/RBRBG75XRrxI2ZMFcFxgsD9j5teTlY+VR6
ShT7l55ZzAA7+0AB64w6okjWXOhRZMvjJx2Fyb7+Z5GbZDmk/PS0XO1rAGmhxVVD
GaD4fW92zIUAcBMGtA9TlfGgH1Wt9rBBnOy/zXL/Jse9lONgg8dLrAYYh+ykWgB/
E7YCagltQSS0bVky9GbdZATshbgFKpe3MTAOUlGEdJ+0NqF2wIeEp7trSZbtK6fW
XtwIcToq/u83XjlgYW4/7O0msrt4DDTiJnZQ0+mZhO/8c1E7qJ0+myJdQaRqr/tn
O+0EiprwvWVCqiwfa3m7NF8pfDhJdk7jvpOYSUH3dmuX
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:20 2025 by rpki-client