Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: MCqn4BnnEq6tG+BTmlUWtal0vi2XGQlt2bsXc+R+V84=
Subject key identifier: 93:9A:C0:3B:76:D8:13:F2:A9:3A:06:08:3D:42:E4:4C:58:B5:3D:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29FEE8DED4CCF254D457580ABD2CB355A1A6C0E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Wed 05 Mar 2025 17:51:45 +0000
ROA not before: Wed 05 Mar 2025 17:51:45 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:fe:e8:de:d4:cc:f2:54:d4:57:58:0a:bd:2c:b3:55:a1:a6:c0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:45 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:28:d3:d2:dc:8e:4d:73:ee:e5:6f:71:e1:41:
e8:2a:4e:9e:b2:86:fb:77:62:f5:d7:cb:6f:69:9b:
cd:5b:2f:93:92:12:5a:74:38:0a:b0:49:e6:dd:4a:
10:dd:47:85:af:86:4f:e1:29:10:30:da:95:97:95:
01:2f:d0:52:c8:cb:d5:14:f0:5f:d9:e1:83:4c:53:
75:e2:fa:5b:ca:2f:52:c6:a5:70:ea:61:a3:71:4d:
12:bb:a8:89:5e:e8:c7:30:e2:64:1c:c5:1b:6a:72:
10:9d:29:49:3e:e6:a2:c0:a3:0e:fe:fc:3f:4d:f2:
ad:98:8c:f1:cb:20:40:2d:fb:64:3b:5f:3a:f0:52:
ec:7e:7a:22:1c:8b:4b:2e:83:e9:d1:ee:0c:19:af:
78:9a:16:66:69:06:12:3e:fd:d2:c0:54:b4:fb:8f:
67:37:fe:a5:f6:12:66:ff:69:3b:b1:b7:28:ee:bb:
54:47:fb:e6:e7:55:67:9f:0f:08:b4:ae:fc:e3:c4:
13:13:47:15:60:94:1b:13:b6:cd:0b:2d:78:59:af:
05:70:6a:00:1d:5b:a0:e9:d1:8c:89:73:9e:8d:81:
8a:fa:b1:5e:6e:a6:88:13:bb:a2:67:9c:d2:d1:2a:
2c:f6:dc:f1:d2:7d:15:4f:74:fd:ea:96:29:d6:93:
27:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:9A:C0:3B:76:D8:13:F2:A9:3A:06:08:3D:42:E4:4C:58:B5:3D:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
42:c6:ac:30:62:5b:6e:5a:de:0b:03:ab:38:5b:d8:c5:5b:dd:
a0:a2:fc:e6:15:17:8d:38:4a:52:0e:d1:f1:7d:3a:b9:30:53:
2e:c7:6d:46:f0:2f:39:d4:8a:5b:21:61:1a:8e:5e:08:ca:28:
58:e9:69:ee:72:4d:19:36:f9:6b:87:56:bf:8f:55:a7:93:e7:
8e:16:60:a9:eb:62:1d:6f:ba:bc:0a:b9:5a:f4:c6:88:72:60:
c0:63:5e:8d:90:af:9a:73:d8:89:ee:7a:1f:35:1d:9a:15:a4:
c3:97:b1:ae:28:a7:ae:59:9f:23:bb:9d:a6:00:20:3b:5c:de:
62:2e:3a:4a:66:bf:63:de:83:2e:e2:4b:20:04:0d:59:92:0a:
da:39:35:bb:49:4d:70:32:c5:cb:c6:74:53:01:40:15:9c:95:
b7:7b:4a:b4:9a:d9:25:27:e2:e2:aa:b2:00:7e:8e:2c:ae:3b:
7d:8a:b2:93:37:f2:99:d6:a1:86:6f:6f:cd:7b:6f:ae:0c:d1:
ef:67:df:2b:ea:2c:da:1b:a0:14:42:de:1d:21:6c:f6:f5:57:
4e:82:98:2c:52:4d:b7:c7:91:c2:49:b7:22:98:d8:dc:e2:88:
f9:54:fb:5d:2f:9d:81:77:be:8f:ba:50:f5:ca:7a:9d:13:1e:
e4:91:9a:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKf7o3tTM8lTUV1gKvSyzVaGmwOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNDVaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZmI2ZmY2NDc5NDFiNmIxYTVjMzg5M2FmZjVmNWQ5OTk5NDhjZWQ5YjRh
NTM1MGM3YmY3ZTA1Nzg4YTE0NTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoo09Lcjk1z7uVvceFB6CpOnrKG+3di9dfLb2mbzVsvk5ISWnQ4CrBJ5t1K
EN1Hha+GT+EpEDDalZeVAS/QUsjL1RTwX9nhg0xTdeL6W8ovUsalcOpho3FNEruo
iV7oxzDiZBzFG2pyEJ0pST7mosCjDv78P03yrZiM8csgQC37ZDtfOvBS7H56IhyL
Sy6D6dHuDBmveJoWZmkGEj790sBUtPuPZzf+pfYSZv9pO7G3KO67VEf75udVZ58P
CLSu/OPEExNHFWCUGxO2zQsteFmvBXBqAB1boOnRjIlzno2BivqxXm6miBO7omec
0tEqLPbc8dJ9FU90/eqWKdaTJ6sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTmsA7
dtgT8qk6Bgg9QuRMWLU9LjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBCxqwwYltuWt4LA6s4W9jFW92govzmFReNOEpSDtHx
fTq5MFMux21G8C851IpbIWEajl4IyihY6Wnuck0ZNvlrh1a/j1Wnk+eOFmCp62Id
b7q8Crla9MaIcmDAY16NkK+ac9iJ7nofNR2aFaTDl7GuKKeuWZ8ju52mACA7XN5i
LjpKZr9j3oMu4ksgBA1ZkgraOTW7SU1wMsXLxnRTAUAVnJW3e0q0mtklJ+LiqrIA
fo4srjt9irKTN/KZ1qGGb2/Ne2+uDNHvZ98r6izaG6AUQt4dIWz29VdOgpgsUk23
x5HCSbcimNjc4oj5VPtdL52Bd76PulD1ynqdEx7kkZqC
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:17:43 2025 by rpki-client