Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
File: 64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa (raw, json)
Hash identifier: TjO4NPvtvNrqErpz/vVToveZVxoUYusRfp2p57jz9As=
Subject key identifier: 6C:B2:5C:D0:AC:46:80:D0:F9:4E:49:3A:F7:77:80:6B:55:2A:71:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 269E117061F4A2260AC58F95BCE2CA632D430C4D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:9e:11:70:61:f4:a2:26:0a:c5:8f:95:bc:e2:ca:63:2d:43:0c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:fd:7e:71:b4:a9:3d:23:0d:de:c9:5b:35:
82:90:d2:75:bc:c7:73:d7:4a:da:4d:d8:b2:ac:80:
53:55:f4:e8:61:20:c1:c0:66:3f:29:a2:1b:36:2e:
50:f3:6c:ab:bb:96:13:d8:c7:dc:42:35:c2:3e:0d:
4f:bc:cf:4f:6c:a3:c9:2f:98:22:1a:ca:72:12:d8:
5b:d9:4a:49:c3:54:91:97:62:7d:c5:fd:04:8d:5d:
ee:4c:9e:19:b6:4f:6d:63:a9:47:95:93:be:87:eb:
4e:ee:b8:3f:c9:c3:98:ae:93:01:4b:9d:41:75:a2:
b0:12:00:de:90:b5:54:22:b8:ae:bb:a5:93:78:8c:
fe:df:e5:8d:66:9f:c5:4a:ec:d3:29:5f:8a:a1:da:
ad:50:1b:f0:6b:5a:f9:82:46:db:52:32:8b:c9:54:
11:56:bb:fd:a2:b3:28:99:00:6a:eb:ed:c1:41:79:
98:84:b7:fe:df:62:70:8b:65:ad:f1:1c:a5:d5:7e:
2e:69:0b:df:7f:f1:87:a6:12:41:84:a7:75:59:ed:
39:73:02:b3:fd:cd:fe:40:49:4b:94:0c:ae:a8:c1:
3e:66:de:f0:56:98:b7:1b:5f:10:be:e0:a1:03:05:
be:84:0a:c3:cd:07:f4:de:5f:e1:93:73:55:8e:93:
12:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B2:5C:D0:AC:46:80:D0:F9:4E:49:3A:F7:77:80:6B:55:2A:71:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
89:fe:4d:70:04:31:43:31:c8:74:5e:6d:16:92:ca:3a:03:c4:
9c:66:58:6d:c3:de:db:f8:9d:22:db:99:aa:10:e9:65:fb:ac:
d1:ad:04:7a:d7:73:aa:ad:ca:c6:1d:9b:27:27:d5:39:73:a6:
30:30:a2:6d:af:2d:db:d1:29:7c:86:1d:e4:e0:53:47:c4:c8:
07:44:69:b4:bf:da:2b:a5:f0:cd:ae:5d:43:16:7f:db:76:bd:
20:60:b8:72:f1:4d:21:7a:2f:aa:0d:9c:b6:25:23:84:ef:68:
43:40:bc:02:c9:dd:c9:9a:c2:c8:4a:33:af:65:53:df:99:d8:
08:ac:ef:0f:9e:5c:44:93:87:be:3f:6d:50:c5:0f:ba:6d:30:
5f:e9:db:11:43:a4:26:94:c2:d1:68:a9:67:18:ed:b7:97:04:
2c:4f:05:8d:61:31:01:06:81:59:0b:50:a8:fb:77:a4:ce:3b:
ef:ef:8b:0f:e9:a5:1f:d2:e8:3b:90:49:15:36:49:3a:60:06:
a3:b1:e6:5e:6e:88:b7:a2:bb:f0:1d:86:47:05:c8:13:1d:23:
27:77:b7:da:de:eb:95:06:08:8f:09:5b:eb:bc:f3:84:05:b2:
f7:6f:b0:17:8d:4f:dc:15:b0:70:4d:f0:38:37:e6:bd:ac:28:
0c:88:72:20
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJp4RcGH0oiYKxY+VvOLKYy1DDE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2Mjc3YmUzZmJkNTQ0MmFiMGVlNTI3ODQ0YmY2ZWNhOGI0MmM1YmYzZWJk
NWIyZTRjNzNiYWQ0ZDQ4NjFiYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqI/X5xtKk9Iw3eyVs1gpDSdbzHc9dK2k3YsqyAU1X06GEgwcBmPymiGzYu
UPNsq7uWE9jH3EI1wj4NT7zPT2yjyS+YIhrKchLYW9lKScNUkZdifcX9BI1d7kye
GbZPbWOpR5WTvofrTu64P8nDmK6TAUudQXWisBIA3pC1VCK4rrulk3iM/t/ljWaf
xUrs0ylfiqHarVAb8Gta+YJG21Iyi8lUEVa7/aKzKJkAauvtwUF5mIS3/t9icItl
rfEcpdV+LmkL33/xh6YSQYSndVntOXMCs/3N/kBJS5QMrqjBPmbe8FaYtxtfEL7g
oQMFvoQKw80H9N5f4ZNzVY6TEnMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsslzQ
rEaA0PlOSTr3d4BrVSpx9TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjQzNDdmMzYtZTFhMS00NzI2LThiYTItZjFhMDlkYWFiN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ/k1wBDFDMch0Xm0Wkso6A8ScZlhtw97b+J0i25mq
EOll+6zRrQR613OqrcrGHZsnJ9U5c6YwMKJtry3b0Sl8hh3k4FNHxMgHRGm0v9or
pfDNrl1DFn/bdr0gYLhy8U0hei+qDZy2JSOE72hDQLwCyd3JmsLISjOvZVPfmdgI
rO8PnlxEk4e+P21QxQ+6bTBf6dsRQ6QmlMLRaKlnGO23lwQsTwWNYTEBBoFZC1Co
+3ekzjvv74sP6aUf0ug7kEkVNkk6YAajseZeboi3orvwHYZHBcgTHSMnd7fa3uuV
BgiPCVvrvPOEBbL3b7AXjU/cFbBwTfA4N+a9rCgMiHIg
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:38:38 2025 by rpki-client