Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: 4UwBGMtnrWnzhZbB/sfFwH+FYhtygkQ8A32WFbkjKkU=
Subject key identifier: 59:4B:E0:1E:B4:06:49:4D:29:8D:37:4C:83:4A:F4:B5:2C:F9:4E:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47950F20F4727B4B5CE1E6F28ABA632FA554E255
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Wed 05 Mar 2025 17:51:48 +0000
ROA not before: Wed 05 Mar 2025 17:51:48 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:95:0f:20:f4:72:7b:4b:5c:e1:e6:f2:8a:ba:63:2f:a5:54:e2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:48 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b5:43:7e:26:e9:4a:a7:bd:d2:e4:1a:36:1f:
ad:2f:54:ce:38:57:03:bb:0a:b7:7a:0e:79:cc:b6:
a8:00:3b:35:aa:3e:62:69:77:7c:23:67:c7:89:64:
db:a4:b2:32:fe:e1:3e:07:82:d8:bc:5a:5c:95:a3:
7a:fb:de:04:a3:be:9f:07:07:e1:f5:ce:69:d2:28:
16:64:40:7d:5e:3b:0e:ad:8a:fa:54:3a:a9:1e:5d:
07:e4:ad:74:fe:b8:d5:d1:f6:0c:66:f7:d9:ff:c7:
40:74:34:71:c9:d0:74:7a:e0:d5:32:50:ca:66:81:
3f:6a:92:cd:cc:0f:71:41:c8:56:13:4a:37:20:57:
8e:cc:12:0a:f6:45:4c:d8:31:5c:5b:ed:c0:80:f8:
2d:c7:28:4d:a3:bf:b0:95:63:17:47:ec:21:69:5d:
f9:f2:46:b2:75:97:24:46:6f:39:8f:18:37:b4:6f:
97:95:48:c0:b8:02:14:96:6c:8a:cf:4d:bd:f4:26:
d1:5b:b9:08:8f:3f:3b:9a:2d:87:60:6d:85:d5:be:
63:d4:71:b1:bf:2e:fc:af:bf:0a:d9:98:c9:ef:25:
48:8c:60:1d:8b:e5:9d:28:80:97:54:ef:3f:53:2c:
bd:36:f6:01:7c:c5:cb:70:2d:84:39:1e:b5:29:b7:
c6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4B:E0:1E:B4:06:49:4D:29:8D:37:4C:83:4A:F4:B5:2C:F9:4E:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cf:48:46:52:29:1f:0f:79:3b:70:17:75:4d:82:3b:4f:83:7d:
32:e8:7a:84:56:cc:a9:61:91:92:fb:87:78:d6:67:29:7c:98:
33:5d:17:b6:b8:68:0b:7f:d9:64:09:bd:88:80:d3:d9:dd:b5:
79:a7:2c:75:7c:7e:b4:ca:88:48:fc:0b:54:f7:16:ec:10:9b:
fe:c0:ff:dd:9e:61:64:70:05:95:c3:eb:69:20:ef:9b:dd:0e:
78:3d:cf:0b:16:ca:e1:77:32:0e:31:39:d5:f5:68:a8:23:25:
d6:dd:99:06:a7:a3:a9:94:e0:ee:b2:4c:6a:d1:2c:48:41:67:
ac:5b:ac:0f:9a:17:7d:c8:65:63:8a:93:ec:93:36:54:50:e9:
ac:f2:b0:0f:73:4c:a4:b7:ea:3d:ae:0b:39:33:50:35:fd:eb:
92:ab:74:3e:1d:ac:75:d6:8e:fc:04:86:78:95:31:f2:83:f2:
8e:1d:c7:e1:ce:3e:56:ff:07:4e:50:a2:cf:c5:81:20:7b:20:
21:da:ac:5d:87:14:4e:89:51:b4:f1:e0:7d:b6:3d:38:b9:74:
5f:f7:5d:8e:2c:42:a2:23:2f:c0:f3:ef:ad:c7:ce:cb:11:d8:
d5:6a:6a:8c:cf:66:fe:4e:55:cd:e2:0f:ee:2c:a4:33:5b:60:
a1:22:9d:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR5UPIPRye0tc4ebyirpjL6VU4lUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNDhaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MjI0ZGIzY2VhMzJiYTAwZDIxYWEyNDkyMmZkYjg3MTA1YWJlZjdiOWQ5
OWI1Y2UxN2NkNDFiYTAwMjcxNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPG1Q34m6UqnvdLkGjYfrS9UzjhXA7sKt3oOecy2qAA7Nao+Yml3fCNnx4lk
26SyMv7hPgeC2LxaXJWjevveBKO+nwcH4fXOadIoFmRAfV47Dq2K+lQ6qR5dB+St
dP641dH2DGb32f/HQHQ0ccnQdHrg1TJQymaBP2qSzcwPcUHIVhNKNyBXjswSCvZF
TNgxXFvtwID4LccoTaO/sJVjF0fsIWld+fJGsnWXJEZvOY8YN7Rvl5VIwLgCFJZs
is9NvfQm0Vu5CI8/O5oth2BthdW+Y9Rxsb8u/K+/CtmYye8lSIxgHYvlnSiAl1Tv
P1MsvTb2AXzFy3AthDketSm3xvECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZS+Ae
tAZJTSmNN0yDSvS1LPlOMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQDPSEZSKR8PeTtwF3VNgjtPg30y6HqEVsypYZGS+4d4
1mcpfJgzXRe2uGgLf9lkCb2IgNPZ3bV5pyx1fH60yohI/AtU9xbsEJv+wP/dnmFk
cAWVw+tpIO+b3Q54Pc8LFsrhdzIOMTnV9WioIyXW3ZkGp6OplODuskxq0SxIQWes
W6wPmhd9yGVjipPskzZUUOms8rAPc0ykt+o9rgs5M1A1/euSq3Q+Hax11o78BIZ4
lTHyg/KOHcfhzj5W/wdOUKLPxYEgeyAh2qxdhxROiVG08eB9tj04uXRf912OLEKi
Iy/A8++tx87LEdjVamqMz2b+TlXN4g/uLKQzW2ChIp3g
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:09:19 2025 by rpki-client