Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: GqzbtWq4lz9B26WDf9IF48AaKMPeGgJe61uJl1DMHBg=
Subject key identifier: 1A:66:39:8F:30:56:EB:2F:71:EC:25:63:A9:8B:9C:99:AC:9A:0F:22
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3190A8CA8DF00588D341BA09D966A21E2D1233B1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Fri 07 Mar 2025 15:10:53 +0000
ROA not before: Fri 07 Mar 2025 15:10:53 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:90:a8:ca:8d:f0:05:88:d3:41:ba:09:d9:66:a2:1e:2d:12:33:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:53 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b4:7a:c8:39:95:9d:28:ce:4c:56:79:e6:74:
c2:e3:e4:ad:3e:11:27:ba:3e:92:95:b5:66:dd:13:
96:88:d3:02:f6:3a:95:8e:7b:01:42:c5:35:d6:f5:
2d:9e:1e:c2:52:e5:53:ce:d5:2a:6e:e1:99:61:df:
49:aa:28:d7:7f:71:86:22:86:b1:bc:4e:14:b4:84:
eb:95:b6:87:a3:21:08:7b:33:36:45:3c:a7:b2:69:
7a:2a:a2:6b:2b:ec:8c:bc:76:2d:ac:fc:af:e2:0a:
a0:be:f8:c0:a8:03:d1:88:b1:19:e2:40:8b:35:c8:
50:56:36:b4:0b:fd:98:e5:4b:63:45:93:1c:08:9b:
19:e0:65:bb:47:42:39:b6:06:df:6e:34:ea:36:de:
d9:cc:2a:df:43:fb:c2:64:bd:a5:bc:24:00:20:91:
fb:12:d9:34:bf:34:6e:6f:7c:fc:ce:9a:33:fb:f1:
37:ce:35:76:3e:47:30:fe:07:6e:86:ac:36:56:b2:
93:6a:83:d0:fb:c7:fd:67:3f:b8:6a:21:5f:95:a6:
2c:41:bc:38:51:80:14:f0:ea:c4:13:7f:ac:12:f2:
53:34:fd:02:0b:0d:72:5e:42:52:68:dc:34:aa:b8:
56:aa:21:18:ec:92:e3:f0:13:b5:eb:fa:f2:f5:25:
89:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:66:39:8F:30:56:EB:2F:71:EC:25:63:A9:8B:9C:99:AC:9A:0F:22
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:c3:58:5d:7a:6b:b7:79:75:44:55:3f:28:ff:2c:46:5c:57:
bc:41:11:19:a1:3e:60:46:e6:24:55:eb:fc:1b:9f:cc:d9:f1:
2b:ed:7f:21:c3:4e:9d:e8:2b:b0:7c:94:11:a3:3e:8a:6d:a7:
17:3f:cf:7b:f1:21:b6:0e:b5:4f:1b:88:db:48:21:d2:78:4b:
1f:30:b4:73:85:8a:89:75:cc:0b:e1:64:c2:62:1e:19:e9:ef:
9f:ca:28:70:2b:35:a2:a1:68:5b:d9:5b:a6:f7:7d:3c:80:0f:
97:40:c5:69:76:d7:aa:05:33:b6:15:73:9d:ff:35:6e:52:45:
cb:5d:52:b2:a9:eb:9e:1e:5a:4c:7b:94:d3:ef:22:67:5f:bd:
98:5d:13:fa:96:c5:db:4f:f6:a8:c8:15:8d:3f:b1:ac:b0:a9:
63:ed:6e:5c:54:7d:38:02:b2:16:84:d1:0e:45:64:76:74:11:
95:11:10:7d:85:1b:15:e6:5c:a5:bd:9a:c9:d8:7e:f6:d8:75:
65:c1:8c:78:97:e3:ba:9f:ac:a4:ec:e6:6a:20:e3:fa:da:46:
a9:0c:a0:0c:51:c2:6f:f9:32:2b:7a:0f:71:7f:d4:9f:d4:21:
02:f2:7a:ed:15:f3:42:00:0e:3f:e8:e5:1b:37:0e:63:67:df:
bd:79:b2:ab
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMZCoyo3wBYjTQboJ2WaiHi0SM7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwNTNaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhMmUwMGYwNTM5NTM2MDI0YWM1NDgxMTVjOTM1ZTM0YjU4OTA2OGUyYmNh
YjI3M2MwMTFiZDA1NzY2NTZhN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJy0esg5lZ0ozkxWeeZ0wuPkrT4RJ7o+kpW1Zt0TlojTAvY6lY57AULFNdb1
LZ4ewlLlU87VKm7hmWHfSaoo139xhiKGsbxOFLSE65W2h6MhCHszNkU8p7Jpeiqi
ayvsjLx2Laz8r+IKoL74wKgD0YixGeJAizXIUFY2tAv9mOVLY0WTHAibGeBlu0dC
ObYG32406jbe2cwq30P7wmS9pbwkACCR+xLZNL80bm98/M6aM/vxN841dj5HMP4H
boasNlayk2qD0PvH/Wc/uGohX5WmLEG8OFGAFPDqxBN/rBLyUzT9AgsNcl5CUmjc
NKq4VqohGOyS4/ATtev68vUlidsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQaZjmP
MFbrL3HsJWOpi5yZrJoPIjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCdw1hdemu3eXVEVT8o/yxGXFe8QREZoT5gRuYkVev8
G5/M2fEr7X8hw06d6CuwfJQRoz6KbacXP8978SG2DrVPG4jbSCHSeEsfMLRzhYqJ
dcwL4WTCYh4Z6e+fyihwKzWioWhb2Vum9308gA+XQMVpdteqBTO2FXOd/zVuUkXL
XVKyqeueHlpMe5TT7yJnX72YXRP6lsXbT/aoyBWNP7GssKlj7W5cVH04ArIWhNEO
RWR2dBGVERB9hRsV5lylvZrJ2H722HVlwYx4l+O6n6yk7OZqIOP62kapDKAMUcJv
+TIreg9xf9Sf1CEC8nrtFfNCAA4/6OUbNw5jZ9+9ebKr
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:02 2025 by rpki-client