Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: NaWLxTjM6QUR7uDMWHaNXac0TWxsVi6kEq+/XobUZ+4=
Subject key identifier: 0D:D7:30:5F:23:12:19:2D:3F:B9:E8:C9:5A:54:B4:87:46:FB:F4:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F224279112F70AD12142C39B32CB3F1BAC98AE1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Wed 05 Mar 2025 17:50:22 +0000
ROA not before: Wed 05 Mar 2025 17:50:22 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:22:42:79:11:2f:70:ad:12:14:2c:39:b3:2c:b3:f1:ba:c9:8a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:50:22 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d7:9b:ca:45:1c:80:c6:f7:36:67:5a:e2:a2:
63:51:f2:57:00:6e:89:12:16:a9:35:43:af:ce:82:
f4:f9:c0:c7:d5:95:88:b1:ba:80:47:93:5b:ca:b3:
0b:5a:bd:9d:0a:91:6a:d8:1a:09:05:f7:bd:96:be:
98:72:77:a1:5e:0b:14:5b:ff:93:28:0e:76:60:c5:
e1:1d:25:8e:23:f8:52:f6:90:11:3d:be:7e:d2:1b:
8c:13:32:a4:33:8d:ed:14:ea:ed:fb:ae:27:30:fa:
f9:3f:2f:01:9b:c6:4f:a9:50:36:d0:fd:c8:d9:18:
06:dc:75:be:5c:9e:8e:a6:a0:14:0f:2a:a2:8b:b6:
65:bc:8c:91:b9:6e:aa:e9:e2:61:19:08:9d:f2:f9:
3f:f0:41:af:2c:ad:23:fa:a0:86:91:38:e7:23:4a:
cd:c1:9c:ca:05:08:c6:96:b8:fa:8e:56:c6:51:75:
4c:21:38:da:5b:45:b2:71:bd:13:16:46:2a:a3:91:
bd:67:5d:32:b0:d4:79:6b:a4:a8:1a:65:76:83:45:
fc:fd:23:70:0c:0a:bc:df:b4:a8:ec:47:49:53:28:
be:3e:7c:9d:d7:16:a6:f1:5f:9d:1f:95:05:49:f2:
68:35:5a:97:2f:18:58:37:44:fd:d1:0b:bd:b7:e8:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D7:30:5F:23:12:19:2D:3F:B9:E8:C9:5A:54:B4:87:46:FB:F4:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cb:34:ea:e6:5c:c2:d7:ec:4a:36:b9:38:84:47:07:de:4c:88:
1f:6d:6a:02:20:84:4d:7f:14:07:31:bc:e3:64:89:4f:11:39:
37:44:58:44:b7:3b:0f:38:ae:28:1c:77:4e:07:ca:66:33:91:
ba:28:40:50:59:35:e3:29:cf:87:52:f1:5d:73:d3:bf:19:89:
82:ad:80:08:1a:99:c3:84:8f:55:1a:a7:69:53:72:42:ca:90:
58:be:94:fc:29:d8:ff:e2:5e:f7:49:55:27:64:6a:97:01:c7:
6b:de:53:b0:c9:c2:5b:83:c4:97:1c:a7:ea:85:98:c1:bf:6c:
70:cf:5d:c2:0b:66:87:03:a9:4a:4d:bf:4b:c2:c8:22:9d:03:
c1:64:ee:ac:8f:75:8e:ca:b4:09:08:4b:69:bd:07:38:cf:0e:
32:4a:c5:84:e1:73:24:77:84:96:85:a7:cc:83:31:64:95:84:
a1:cb:4c:39:b2:63:2a:02:0e:80:bc:08:bc:c6:7e:5c:ab:e1:
45:e6:70:8a:07:06:2a:b2:81:0d:cb:65:64:f9:c1:93:46:ef:
8c:b1:cc:5c:1e:03:e7:48:c7:e0:e5:4f:6e:b4:2b:9d:6a:a5:
00:3c:90:3d:82:14:a5:1d:7b:94:4a:51:58:a4:0d:42:f7:40:
e4:55:27:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPyJCeREvcK0SFCw5syyz8brJiuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUwMjJaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNzc5ODkyN2JiNmQwM2MyMDIzYjhlZjdhYmZlMTVhODgwYWY4MGIzZjZk
Y2ViNDgxY2YyMTU2MTA4MjE4MzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbXm8pFHIDG9zZnWuKiY1HyVwBuiRIWqTVDr86C9PnAx9WViLG6gEeTW8qz
C1q9nQqRatgaCQX3vZa+mHJ3oV4LFFv/kygOdmDF4R0ljiP4UvaQET2+ftIbjBMy
pDON7RTq7fuuJzD6+T8vAZvGT6lQNtD9yNkYBtx1vlyejqagFA8qoou2ZbyMkblu
quniYRkInfL5P/BBryytI/qghpE45yNKzcGcygUIxpa4+o5WxlF1TCE42ltFsnG9
ExZGKqORvWddMrDUeWukqBpldoNF/P0jcAwKvN+0qOxHSVMovj58ndcWpvFfnR+V
BUnyaDValy8YWDdE/dELvbfoKWECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQN1zBf
IxIZLT+56MlaVLSHRvv0KzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDLNOrmXMLX7Eo2uTiERwfeTIgfbWoCIIRNfxQHMbzj
ZIlPETk3RFhEtzsPOK4oHHdOB8pmM5G6KEBQWTXjKc+HUvFdc9O/GYmCrYAIGpnD
hI9VGqdpU3JCypBYvpT8Kdj/4l73SVUnZGqXAcdr3lOwycJbg8SXHKfqhZjBv2xw
z13CC2aHA6lKTb9LwsginQPBZO6sj3WOyrQJCEtpvQc4zw4ySsWE4XMkd4SWhafM
gzFklYShy0w5smMqAg6AvAi8xn5cq+FF5nCKBwYqsoENy2Vk+cGTRu+MscxcHgPn
SMfg5U9utCudaqUAPJA9ghSlHXuUSlFYpA1C90DkVSfT
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:19 2025 by rpki-client