Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: u9xeUIHHyhglvtUM8AI0Z6Koj0mSA70UlSVEGwD2DZw=
Subject key identifier: 56:AC:53:B5:D9:69:47:67:77:1C:E5:23:BE:DF:BA:18:A1:FC:76:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C5545EB0B3F25C5A65C95C2F420113ADEAE75F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Wed 05 Mar 2025 17:50:16 +0000
ROA not before: Wed 05 Mar 2025 17:50:16 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:55:45:eb:0b:3f:25:c5:a6:5c:95:c2:f4:20:11:3a:de:ae:75:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:50:16 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8b:a2:86:e8:8a:2f:a7:d4:c6:6a:10:49:54:
3d:b7:7a:a6:31:a5:a8:8b:6c:42:89:ed:be:b9:1b:
ac:4a:d6:b8:d0:69:0e:3b:34:43:78:53:9b:af:bb:
44:0d:b9:e0:33:df:eb:98:d2:19:47:f1:ba:8a:f4:
e1:02:c5:3b:5d:1f:42:83:1b:de:e7:86:3b:da:2c:
7e:30:2a:bc:42:01:be:b1:63:2a:d0:5b:73:43:47:
35:7e:97:61:23:79:8f:81:af:6d:14:04:86:4b:e2:
1a:1e:61:dd:cd:8f:ac:00:81:3f:4f:a6:1c:01:27:
39:8b:d7:e2:90:37:30:22:59:80:09:06:31:6e:92:
ce:a5:dd:fc:1c:be:1a:3d:0b:ad:34:65:84:21:bc:
aa:80:73:d1:e8:a0:bb:e9:d5:6c:13:d2:49:f1:eb:
97:b9:97:e6:67:e4:36:a1:c0:97:63:01:f3:c7:fd:
d1:92:f7:cb:55:75:35:45:1e:8a:ff:13:06:f2:7f:
35:0e:22:6b:d2:27:89:a6:6a:29:db:2f:67:7e:65:
7c:16:45:bc:53:8e:0b:dc:ee:e1:17:7c:e8:4f:df:
55:2a:18:3b:04:fc:43:15:5f:6a:a5:03:94:5c:71:
52:a3:cc:41:4f:91:91:16:76:e0:e6:90:8a:ac:b8:
b9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AC:53:B5:D9:69:47:67:77:1C:E5:23:BE:DF:BA:18:A1:FC:76:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:3f:83:95:a4:b2:df:5e:2a:2c:f4:ff:1d:ec:31:f4:72:80:
43:5b:c1:2c:45:79:f7:ca:7a:9d:92:bc:cc:9f:a3:d9:bf:ea:
32:bd:e6:23:32:1e:23:a5:2f:9b:ed:18:37:38:27:3d:e0:49:
78:19:d3:56:ab:e1:cb:1c:7e:96:49:22:59:81:81:31:55:17:
8b:a5:d3:11:79:cb:72:25:c6:5e:5e:6a:fa:ce:8d:72:40:f1:
7e:83:5b:27:19:6a:cc:55:06:44:ed:e7:79:7a:bd:14:99:76:
de:7a:7b:be:4d:9f:5c:6b:3d:a0:b5:4c:5f:df:0f:6b:63:6a:
79:13:67:44:5b:1c:93:41:a1:1c:1f:3c:c5:47:1b:a2:f4:e6:
db:da:cb:71:2d:68:36:1c:fd:0c:1e:9f:f5:8f:09:3c:dc:dd:
b7:c0:f0:a7:bd:a7:f1:3b:8d:35:eb:74:e7:1d:c7:f7:e5:ba:
4a:f7:0a:01:db:26:6a:77:d1:b5:eb:69:2a:61:fe:cb:fd:3b:
49:0e:ef:4a:7f:ff:65:5b:20:8f:7d:75:41:18:ec:0d:fb:8c:
44:90:44:ba:45:d0:80:f0:6f:a3:ba:25:59:61:0e:98:e6:d2:
5d:d3:16:73:37:28:fe:8b:e3:fd:3f:d8:94:97:72:6a:a6:08:
d4:95:c4:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULFVF6ws/JcWmXJXC9CAROt6udfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUwMTZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMGZjNWJjNmZmNTc3ZjliNWQ0YzhmNjFkOTYxZDExYjc4NjgwNTYzZThl
NjRjZTc3YzM3MDUwODZlNDUxOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2Looboii+n1MZqEElUPbd6pjGlqItsQontvrkbrErWuNBpDjs0Q3hTm6+7
RA254DPf65jSGUfxuor04QLFO10fQoMb3ueGO9osfjAqvEIBvrFjKtBbc0NHNX6X
YSN5j4GvbRQEhkviGh5h3c2PrACBP0+mHAEnOYvX4pA3MCJZgAkGMW6SzqXd/By+
Gj0LrTRlhCG8qoBz0eigu+nVbBPSSfHrl7mX5mfkNqHAl2MB88f90ZL3y1V1NUUe
iv8TBvJ/NQ4ia9IniaZqKdsvZ35lfBZFvFOOC9zu4Rd86E/fVSoYOwT8QxVfaqUD
lFxxUqPMQU+RkRZ24OaQiqy4ud0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRWrFO1
2WlHZ3cc5SO+37oYofx2tzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQAkP4OVpLLfXios9P8d7DH0coBDW8EsRXn3ynqdkrzM
n6PZv+oyveYjMh4jpS+b7Rg3OCc94El4GdNWq+HLHH6WSSJZgYExVReLpdMRecty
JcZeXmr6zo1yQPF+g1snGWrMVQZE7ed5er0UmXbeenu+TZ9caz2gtUxf3w9rY2p5
E2dEWxyTQaEcHzzFRxui9Obb2stxLWg2HP0MHp/1jwk83N23wPCnvafxO40163Tn
Hcf35bpK9woB2yZqd9G162kqYf7L/TtJDu9Kf/9lWyCPfXVBGOwN+4xEkES6RdCA
8G+juiVZYQ6Y5tJd0xZzNyj+i+P9P9iUl3JqpgjUlcRt
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:16 2025 by rpki-client