Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
File: 795bae65-e494-4497-8c64-6c78c5a4b388.roa (raw, json)
Hash identifier: h4RFhVNH3n2L1BhPzWcYIcLpUIb578yG/dP1k+hd7A4=
Subject key identifier: 12:78:6F:CA:BF:32:F4:68:4C:EC:13:30:78:AC:93:A5:6E:53:92:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51069D21D244E91110D5207D88E76D3F9B240B6F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
Signing time: Fri 07 Mar 2025 15:10:50 +0000
ROA not before: Fri 07 Mar 2025 15:10:50 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:06:9d:21:d2:44:e9:11:10:d5:20:7d:88:e7:6d:3f:9b:24:0b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:50 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bd:55:fe:e6:2c:b3:b6:6b:05:ba:5a:85:69:
4d:44:cc:b3:18:30:6a:1a:f6:5f:59:25:24:d0:93:
85:af:24:d3:42:00:36:b7:91:15:5e:76:01:c1:73:
50:0c:be:ce:a5:10:5f:10:8e:09:25:ef:45:22:cb:
cd:c1:c4:b1:45:f2:3e:54:74:03:4c:0a:e4:18:92:
63:af:2d:50:59:09:dc:f9:da:e4:00:68:3f:35:e0:
78:9a:9c:6e:26:ba:cb:99:d0:a9:6c:c8:04:32:19:
25:2f:88:49:2f:7a:a6:5e:c0:9f:29:c5:14:17:9e:
00:90:53:42:81:77:33:f1:71:32:e3:0f:68:a5:8d:
86:23:a1:08:3b:d7:1e:60:9c:a8:c6:51:20:1b:55:
7b:49:62:c8:7b:e8:0a:7e:41:35:9a:9d:2b:0d:f2:
c3:14:11:13:e0:db:e0:3f:19:b5:a5:63:45:1f:c4:
f8:1e:4c:29:a2:89:64:64:79:75:8b:a5:d7:56:97:
f4:2e:b7:3c:07:42:f6:d6:ff:b6:c4:79:c0:da:22:
07:e8:64:af:ef:d1:3a:29:f9:42:52:35:3c:82:76:
9f:2c:63:52:a0:26:77:19:b5:4f:1a:ae:90:91:80:
dd:ad:80:57:89:da:78:ab:b7:89:c6:e7:28:6e:e0:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:78:6F:CA:BF:32:F4:68:4C:EC:13:30:78:AC:93:A5:6E:53:92:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:bd:4c:c1:5a:c7:ef:35:a9:c9:12:d4:74:bd:63:01:3c:63:
56:8e:39:a1:a2:62:3c:50:72:9e:86:36:91:e8:12:fe:fd:0a:
40:4c:80:3e:56:67:76:28:15:00:c0:e4:54:67:33:13:4e:66:
50:2c:9b:d7:c5:93:1a:c6:45:0a:74:69:b0:3c:45:6f:30:1f:
bd:26:8c:99:80:50:ee:e8:9b:13:24:de:a9:c9:1f:df:a7:b9:
4c:de:86:43:a1:71:f8:b9:62:d3:23:e4:88:5d:44:fa:ae:0f:
ac:dd:14:57:15:3e:1f:a7:5f:71:f0:5f:39:45:1d:4e:42:34:
1e:5b:1a:ea:22:03:fe:a8:25:83:c9:97:24:0c:0b:68:5f:66:
84:47:0e:a4:ad:0e:e1:76:d1:63:2e:5e:96:b6:d0:49:6b:ec:
2b:58:01:aa:7d:cb:10:b9:2a:91:c0:02:19:25:52:31:34:55:
3a:9f:7a:88:c0:be:62:a5:6b:6f:a1:e2:bf:30:c9:88:88:31:
e4:ea:ba:48:4f:20:2c:66:d4:69:5c:e6:16:7f:b3:4a:3d:d0:
6b:9e:92:a9:bb:d9:21:54:23:1d:99:a6:8f:34:cf:aa:93:cc:
a4:d7:86:4c:d9:9f:55:58:f8:61:ad:c1:2a:fa:84:9a:59:c5:
9b:20:0c:c5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUQadIdJE6REQ1SB9iOdtP5skC28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwNTBaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxZTdkZWI2ZDE0YTVmOTY4MDFkNGE5YjRjYzhhY2ZiMmEwMmJhNDUyOGUz
YmFmNzdiZjdmMTBmZDg5MGJlMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANK9Vf7mLLO2awW6WoVpTUTMsxgwahr2X1klJNCTha8k00IANreRFV52AcFz
UAy+zqUQXxCOCSXvRSLLzcHEsUXyPlR0A0wK5BiSY68tUFkJ3Pna5ABoPzXgeJqc
bia6y5nQqWzIBDIZJS+ISS96pl7AnynFFBeeAJBTQoF3M/FxMuMPaKWNhiOhCDvX
HmCcqMZRIBtVe0liyHvoCn5BNZqdKw3ywxQRE+Db4D8ZtaVjRR/E+B5MKaKJZGR5
dYul11aX9C63PAdC9tb/tsR5wNoiB+hkr+/ROin5QlI1PIJ2nyxjUqAmdxm1Txqu
kJGA3a2AV4naeKu3icbnKG7ghBkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQSeG/K
vzL0aEzsEzB4rJOlblOSQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzk1YmFlNjUtZTQ5NC00NDk3LThjNjQtNmM3OGM1YTRiMzg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAHL1MwVrH7zWpyRLUdL1jATxjVo45oaJiPFBynoY2
kegS/v0KQEyAPlZndigVAMDkVGczE05mUCyb18WTGsZFCnRpsDxFbzAfvSaMmYBQ
7uibEyTeqckf36e5TN6GQ6Fx+Lli0yPkiF1E+q4PrN0UVxU+H6dfcfBfOUUdTkI0
Hlsa6iID/qglg8mXJAwLaF9mhEcOpK0O4XbRYy5elrbQSWvsK1gBqn3LELkqkcAC
GSVSMTRVOp96iMC+YqVrb6HivzDJiIgx5Oq6SE8gLGbUaVzmFn+zSj3Qa56SqbvZ
IVQjHZmmjzTPqpPMpNeGTNmfVVj4Ya3BKvqEmlnFmyAMxQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:23:45 2025 by rpki-client