Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: JjVOLxIQdk+FGuNJ2km/v0oq2zJJwPa10uNEKhkemb8=
Subject key identifier: 29:95:3F:32:00:B7:39:9F:07:31:83:AD:83:95:93:6B:63:C8:95:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7813D44C55CB3BE0BBF5AEF56F4A6429BB080DE1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Wed 05 Mar 2025 17:51:50 +0000
ROA not before: Wed 05 Mar 2025 17:51:50 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:13:d4:4c:55:cb:3b:e0:bb:f5:ae:f5:6f:4a:64:29:bb:08:0d:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:50 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:52:77:4e:98:5f:0d:a0:42:c8:27:18:05:
e4:a9:56:7d:a9:0d:9d:86:6c:5b:3e:84:8d:40:22:
2f:d1:7a:be:38:47:20:60:0e:80:fc:91:87:d5:17:
5e:1c:0e:cf:4b:78:7b:81:3d:2b:20:9e:78:f3:6a:
59:03:22:46:3f:a2:18:da:76:7d:8a:c4:03:ba:6b:
b0:90:ce:02:6b:7f:d6:a5:5c:56:57:db:29:3d:2c:
bb:3f:d6:e2:a5:74:f3:a4:23:7e:af:7c:b5:88:0d:
f8:c2:bf:04:1f:c5:cf:7c:f3:8b:73:0a:78:a2:af:
cd:fe:04:5e:cb:ce:d5:6c:8a:ef:e5:ed:05:03:0a:
d7:7a:e1:cf:e8:2f:52:e3:e4:fb:7d:e6:5f:5d:51:
2b:78:eb:bd:9f:27:eb:4a:da:1b:66:83:d2:9f:46:
ec:9e:63:a8:ff:85:0e:56:9a:95:96:8c:b5:70:7f:
46:39:fb:4f:e0:bf:56:ae:15:5e:0b:0f:62:bf:ca:
2e:36:00:9b:80:35:54:51:ba:62:8f:72:2e:a2:26:
58:dd:33:76:0e:51:e8:72:8f:5b:eb:3f:b6:f9:9c:
6b:0c:ff:da:e9:0c:3d:01:8b:89:cf:58:c5:28:6d:
7f:cd:bf:1f:50:6e:57:93:f4:32:d5:11:6d:dd:a9:
3e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:95:3F:32:00:B7:39:9F:07:31:83:AD:83:95:93:6B:63:C8:95:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:b3:cf:17:a3:ca:e8:5c:3d:77:7f:e6:7c:bd:7d:17:aa:ae:
d4:08:36:60:3f:51:9f:0a:b5:2f:0d:09:f9:c7:b6:85:0e:c1:
7c:ad:47:e0:db:7d:2f:e0:fb:8f:38:cd:87:a7:d0:46:ac:bc:
09:68:a6:c7:63:a1:be:0a:b4:8c:1c:1b:92:7f:23:2c:20:29:
68:f4:9b:2b:8e:81:b1:7d:de:fc:e5:ea:f8:b4:48:e3:33:ac:
ec:a2:13:79:b2:88:33:a2:64:b5:56:8a:11:40:10:6f:2f:3d:
7d:ed:a6:e5:39:5b:6b:87:93:ff:04:2b:66:d4:28:c0:d7:13:
1b:21:e6:16:21:fd:92:82:74:c8:b8:25:13:5e:bc:88:66:3b:
a4:38:bc:b1:b9:7a:cc:08:61:0a:4d:d2:08:9f:19:37:3b:39:
50:1a:65:bc:08:18:ba:9c:d4:32:75:b6:cf:77:fe:48:9e:a0:
ad:19:1c:58:53:b7:1e:4f:06:85:d6:14:f3:fd:44:62:8d:08:
5b:b3:63:f2:da:c0:4f:e1:38:84:e6:e5:12:f2:99:83:80:65:
1c:1a:71:88:62:28:cd:b6:43:3f:e7:d6:fa:a2:10:0d:fa:6a:
47:98:e7:a7:fe:87:16:0b:60:2e:9c:fb:1b:f4:23:c2:25:e0:
ad:e1:5e:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeBPUTFXLO+C79a71b0pkKbsIDeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNTBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3NzRmZTlkNWE3MDg3MWE4YjBmNDlmZWM1MjdlZDhkNTE2M2QwZGY3ZTNh
OWM2YzBjYWEyNzlhZDgxZjdkYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANedUndOmF8NoELIJxgF5KlWfakNnYZsWz6EjUAiL9F6vjhHIGAOgPyRh9UX
XhwOz0t4e4E9KyCeePNqWQMiRj+iGNp2fYrEA7prsJDOAmt/1qVcVlfbKT0suz/W
4qV086Qjfq98tYgN+MK/BB/Fz3zzi3MKeKKvzf4EXsvO1WyK7+XtBQMK13rhz+gv
UuPk+33mX11RK3jrvZ8n60raG2aD0p9G7J5jqP+FDlaalZaMtXB/Rjn7T+C/Vq4V
XgsPYr/KLjYAm4A1VFG6Yo9yLqImWN0zdg5R6HKPW+s/tvmcawz/2ukMPQGLic9Y
xShtf82/H1BuV5P0MtURbd2pPmsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQplT8y
ALc5nwcxg62DlZNrY8iVajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQBxs88Xo8roXD13f+Z8vX0Xqq7UCDZgP1GfCrUvDQn5
x7aFDsF8rUfg230v4PuPOM2Hp9BGrLwJaKbHY6G+CrSMHBuSfyMsIClo9JsrjoGx
fd785er4tEjjM6zsohN5sogzomS1VooRQBBvLz197ablOVtrh5P/BCtm1CjA1xMb
IeYWIf2SgnTIuCUTXryIZjukOLyxuXrMCGEKTdIInxk3OzlQGmW8CBi6nNQydbbP
d/5InqCtGRxYU7ceTwaF1hTz/URijQhbs2Py2sBP4TiE5uUS8pmDgGUcGnGIYijN
tkM/59b6ohAN+mpHmOen/ocWC2AunPsb9CPCJeCt4V4J
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:15 2025 by rpki-client