Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
File: 7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa (raw, json)
Hash identifier: +ubArOTyN00J2eAvsL1KT6BtDRp3hTLbgUNhi5oW5mY=
Subject key identifier: A7:B5:A3:64:C7:35:CD:CE:E2:B6:34:15:E2:4F:45:E9:C8:05:F7:54
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C01C268EBFF3642C813166AC1974C8D3A91F4A4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:01:c2:68:eb:ff:36:42:c8:13:16:6a:c1:97:4c:8d:3a:91:f4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e9:18:87:bc:7b:e5:a0:40:32:e4:7e:cb:cd:
62:c4:ac:6a:7c:3b:a8:83:ab:2d:23:0a:ea:57:40:
4c:0b:ae:d0:33:80:b6:7c:62:ba:b9:02:17:a0:25:
f8:a0:f7:24:ac:60:97:71:7a:d7:8b:f4:a2:a0:10:
c4:9c:57:1f:ac:9e:74:69:dd:de:a9:35:4c:4b:bb:
0b:fa:e7:f5:eb:dd:1a:ea:77:9f:9c:6a:d8:c7:f5:
69:d0:d8:23:ee:97:bc:4e:0b:04:0c:29:ec:4e:d5:
c5:44:ad:2c:59:bf:7a:bc:bc:74:e4:10:bc:b1:80:
99:6f:0a:ce:bb:70:e9:cb:1d:c5:3b:b9:03:9b:bf:
86:8c:0d:ed:9c:32:2f:b7:d1:bb:47:71:ce:ea:e9:
7b:97:a1:d8:db:39:d6:d6:66:75:d5:ec:f2:99:23:
8a:f8:a6:8f:8b:da:fe:d5:41:47:48:f1:50:23:88:
e2:4c:ac:6e:d6:21:45:08:d8:b1:94:7b:46:8e:83:
01:e4:dd:f7:c5:a6:43:a4:c2:57:9d:0b:9f:3f:e6:
be:23:ce:20:ee:2a:47:42:f7:12:d9:f6:b5:8d:b7:
1e:db:3b:21:5f:24:55:46:66:16:a0:a0:ff:a1:14:
18:29:9b:5b:6a:bf:af:55:ef:6b:b9:ac:ee:54:ec:
62:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B5:A3:64:C7:35:CD:CE:E2:B6:34:15:E2:4F:45:E9:C8:05:F7:54
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:14:31:ff:0c:eb:7d:d2:69:fb:08:64:cf:14:51:4f:eb:93:
29:01:d0:d6:ac:bc:ca:98:8f:10:cd:0b:ea:be:e2:6d:43:10:
69:1a:df:28:3f:19:79:60:05:b7:b5:79:d2:21:02:09:68:70:
e9:f3:93:aa:c1:ad:a4:98:c8:8a:03:6d:8a:b5:4e:1f:16:fc:
33:57:22:e0:b9:1d:38:ae:b9:b7:2f:08:01:52:21:16:92:51:
36:f9:ab:2a:7d:08:22:99:54:9a:97:45:7c:24:28:dc:23:b4:
da:f5:7b:c8:36:41:ac:21:1b:1c:36:eb:02:3d:dc:82:ad:4f:
df:49:1f:07:09:e7:2e:2e:be:2f:20:3d:22:33:b2:eb:22:db:
d8:43:7c:a1:1b:0f:e2:e2:28:3c:61:53:96:e5:90:3e:6a:e0:
de:c6:13:1a:67:87:90:54:a6:41:3a:af:f8:d0:cd:03:10:3d:
28:18:9c:48:0c:d8:f8:bd:c6:00:f7:07:5f:f5:13:c4:cd:1d:
97:80:76:99:8d:99:b5:0f:cb:2a:7e:90:c0:58:59:d6:ef:b7:
75:c7:93:21:a8:7f:fd:73:c8:33:d5:1a:cf:61:11:dd:b2:e1:
2f:6e:18:f7:f1:dd:7f:aa:d3:e1:79:43:e4:0b:4a:9d:ef:47:
20:aa:d1:fa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbAHCaOv/NkLIExZqwZdMjTqR9KQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlNDBkMGVkZDRhMDhjNGQ4NzQxNDA0YmEwMjlmNDFhYjk0MmRlYzkwZjc0
NTY3NGU2YzI0ZjFiNjRhMDMwZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7pGIe8e+WgQDLkfsvNYsSsanw7qIOrLSMK6ldATAuu0DOAtnxiurkCF6Al
+KD3JKxgl3F614v0oqAQxJxXH6yedGnd3qk1TEu7C/rn9evdGup3n5xq2Mf1adDY
I+6XvE4LBAwp7E7VxUStLFm/ery8dOQQvLGAmW8Kzrtw6csdxTu5A5u/howN7Zwy
L7fRu0dxzurpe5eh2Ns51tZmddXs8pkjivimj4va/tVBR0jxUCOI4kysbtYhRQjY
sZR7Ro6DAeTd98WmQ6TCV50Lnz/mviPOIO4qR0L3Etn2tY23Hts7IV8kVUZmFqCg
/6EUGCmbW2q/r1Xva7ms7lTsYuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSntaNk
xzXNzuK2NBXiT0XpyAX3VDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Q2OWRjYTctYWFiZC00YWEwLThhZTctYTBhYmQ0MDUwZWNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQB4FDH/DOt90mn7CGTPFFFP65MpAdDWrLzKmI8QzQvq
vuJtQxBpGt8oPxl5YAW3tXnSIQIJaHDp85Oqwa2kmMiKA22KtU4fFvwzVyLguR04
rrm3LwgBUiEWklE2+asqfQgimVSal0V8JCjcI7Ta9XvINkGsIRscNusCPdyCrU/f
SR8HCecuLr4vID0iM7LrItvYQ3yhGw/i4ig8YVOW5ZA+auDexhMaZ4eQVKZBOq/4
0M0DED0oGJxIDNj4vcYA9wdf9RPEzR2XgHaZjZm1D8sqfpDAWFnW77d1x5MhqH/9
c8gz1RrPYRHdsuEvbhj38d1/qtPheUPkC0qd70cgqtH6
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:22:14 2025 by rpki-client