Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: 4kD7xlLyD6w+Tp1x90oNTl9I6aSUdJuIoP1ZnRS8gHo=
Subject key identifier: 3F:9C:BE:0F:1C:07:15:29:4D:76:A5:E9:CF:29:38:29:45:77:90:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78AA3E5321E260422E6892AD2790BDD2D89A788D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Wed 05 Mar 2025 17:50:30 +0000
ROA not before: Wed 05 Mar 2025 17:50:30 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:aa:3e:53:21:e2:60:42:2e:68:92:ad:27:90:bd:d2:d8:9a:78:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:50:30 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:07:b6:a7:3f:8d:02:23:33:03:23:36:5e:53:
a0:7f:6b:82:16:52:90:01:5d:fe:cd:53:ee:47:21:
a3:08:c9:40:63:42:2d:f3:7c:39:25:f1:93:b2:1e:
b1:82:bb:c8:a2:91:e3:0c:3e:74:c5:24:ad:ac:e4:
ed:88:62:da:85:1d:9a:79:88:a5:b1:ff:7b:59:25:
aa:3b:14:02:cb:30:7d:73:bd:0f:d4:38:08:bc:3d:
90:d4:ee:62:24:b1:be:a1:15:39:71:44:f6:c7:9c:
c2:ae:08:83:a6:60:af:4a:bd:a5:e3:81:fb:e0:ee:
90:78:cf:1b:60:b0:c6:f6:aa:24:bf:f8:6f:ec:6e:
75:f7:25:32:41:f4:6d:79:f4:25:83:a7:9b:11:18:
ec:e4:47:4a:71:91:b6:68:f7:86:e7:19:d2:65:e3:
b9:24:40:0c:6b:0b:4a:99:31:e8:cd:7f:62:46:df:
52:fc:06:f4:40:d6:12:c6:e5:2b:1d:df:de:fa:9f:
00:25:53:41:53:15:28:54:b2:af:de:e1:6d:3d:b3:
ef:89:b5:e1:44:73:a6:a8:d2:8c:66:d2:9e:68:76:
4c:b8:39:03:a7:5c:5b:c3:2d:34:45:b1:bd:05:a3:
f3:78:3d:b9:ae:15:03:45:93:d3:b3:08:39:a4:69:
2f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9C:BE:0F:1C:07:15:29:4D:76:A5:E9:CF:29:38:29:45:77:90:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0e:9f:2a:04:b4:43:f1:6f:8c:85:87:7c:1b:6e:06:35:de:1a:
9c:f6:f7:df:2a:3f:7a:7a:f8:bf:69:fa:cc:b8:b6:59:95:97:
06:1b:2a:5e:ee:00:5d:85:15:58:b6:72:b7:ea:e2:bb:2c:7f:
54:30:d7:a8:d5:9c:d6:03:c7:92:47:15:7d:74:24:32:0a:b1:
1d:85:cd:9c:b7:b4:eb:47:45:a0:37:1c:56:25:a7:da:d6:d5:
e4:c6:a9:0e:10:12:90:70:52:b9:74:72:78:1f:4b:43:55:3f:
4b:ff:8a:3c:da:ba:90:06:d0:31:c4:b2:c3:44:ae:8d:d0:ad:
df:36:91:fa:c2:02:8a:2b:94:b4:7a:80:45:ee:4f:8d:68:be:
2a:ba:d8:16:49:28:3d:74:36:4b:dd:aa:b1:d2:b7:37:39:66:
43:76:03:5c:4c:78:7d:f1:b7:05:41:c1:13:0f:f8:fe:8d:20:
dd:2a:6a:77:4d:38:fb:ad:3a:a1:57:7e:dc:05:ae:6e:64:91:
e5:38:4c:e0:6b:6b:c1:06:12:3e:25:2a:36:bc:63:eb:d6:88:
ab:ef:44:da:f7:2d:95:cb:04:39:a7:0b:51:38:5c:56:5e:fc:
ed:07:ee:6d:9c:ab:dd:7f:8e:45:c8:5a:90:b5:16:89:2b:9d:
1d:98:d1:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeKo+UyHiYEIuaJKtJ5C90tiaeI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUwMzBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3ZTZlY2VmYTA3OTk1ZDYxYzY2ZDUwNWViNDE1MTJmMGZhYmIxN2JmYTJi
MDJkMDBhNDNmYjk4MmViOTQ1MDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwHtqc/jQIjMwMjNl5ToH9rghZSkAFd/s1T7kchowjJQGNCLfN8OSXxk7Ie
sYK7yKKR4ww+dMUkrazk7Yhi2oUdmnmIpbH/e1klqjsUAsswfXO9D9Q4CLw9kNTu
YiSxvqEVOXFE9secwq4Ig6Zgr0q9peOB++DukHjPG2CwxvaqJL/4b+xudfclMkH0
bXn0JYOnmxEY7ORHSnGRtmj3hucZ0mXjuSRADGsLSpkx6M1/YkbfUvwG9EDWEsbl
Kx3f3vqfACVTQVMVKFSyr97hbT2z74m14URzpqjSjGbSnmh2TLg5A6dcW8MtNEWx
vQWj83g9ua4VA0WT07MIOaRpL+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ/nL4P
HAcVKU12penPKTgpRXeQOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOnyoEtEPxb4yFh3wbbgY13hqc9vffKj96evi/afrM
uLZZlZcGGype7gBdhRVYtnK36uK7LH9UMNeo1ZzWA8eSRxV9dCQyCrEdhc2ct7Tr
R0WgNxxWJafa1tXkxqkOEBKQcFK5dHJ4H0tDVT9L/4o82rqQBtAxxLLDRK6N0K3f
NpH6wgKKK5S0eoBF7k+NaL4qutgWSSg9dDZL3aqx0rc3OWZDdgNcTHh98bcFQcET
D/j+jSDdKmp3TTj7rTqhV37cBa5uZJHlOEzga2vBBhI+JSo2vGPr1oir70Ta9y2V
ywQ5pwtROFxWXvztB+5tnKvdf45FyFqQtRaJK50dmNHj
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:49 2025 by rpki-client