Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: j20wGq99f8T+d4QStV/cT3/NbiQXyYihDqtMG56OmCY=
Subject key identifier: DF:86:27:FF:2B:57:F6:8F:AF:A5:11:F0:A8:39:99:D3:93:34:09:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EF32E8EC664017879F9C9BAE49A48478A181CEB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Wed 05 Mar 2025 17:50:26 +0000
ROA not before: Wed 05 Mar 2025 17:50:26 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:f3:2e:8e:c6:64:01:78:79:f9:c9:ba:e4:9a:48:47:8a:18:1c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:50:26 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:39:8c:4f:71:b9:56:14:0c:d4:af:9e:94:
4a:03:90:d9:48:dc:ae:55:1b:77:48:93:d3:1f:71:
dd:89:3a:70:53:67:48:fc:b5:24:b3:e0:3c:65:53:
35:c3:19:95:d0:57:2d:24:b0:37:56:47:31:15:0e:
6d:ce:d8:7f:0e:14:97:00:55:fc:bd:70:a3:30:39:
46:30:78:ca:8d:61:10:4e:02:6c:76:f0:7e:f1:f7:
3d:5c:1c:c6:43:a5:38:8c:fe:ed:79:46:ec:f6:b9:
40:19:11:60:24:3f:0b:fb:98:40:12:5b:8b:36:ba:
a5:05:5a:12:3a:b4:47:a4:14:45:e4:16:9e:fa:36:
de:04:7c:e5:bd:ea:94:43:30:8d:89:ba:a8:9c:72:
8b:57:ec:43:e4:c2:bf:13:fd:f9:e5:05:82:99:b9:
1a:d8:f3:07:46:d2:7b:5b:ce:fd:fd:c2:20:1c:3f:
f0:ef:f7:27:c5:72:43:a7:48:c4:da:db:a0:c8:59:
f1:0f:e0:da:64:57:85:86:b2:d4:d1:79:1f:78:dd:
c5:4a:e8:f5:5d:46:d5:08:04:60:94:32:78:9b:7d:
ac:f9:2d:54:11:a8:9f:cb:0e:0b:53:9e:d6:59:7b:
a7:7b:08:d8:28:f9:d2:b7:51:ca:96:cd:c6:c2:be:
0b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:86:27:FF:2B:57:F6:8F:AF:A5:11:F0:A8:39:99:D3:93:34:09:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
08:b0:ec:1a:c6:bb:81:8d:f7:3f:5e:0f:83:9e:34:0c:70:95:
90:ec:db:ba:0e:9a:67:f5:e0:c2:b8:0c:50:74:9b:05:bf:48:
17:bf:1a:13:63:1b:f0:a4:28:1e:a2:08:c4:85:3c:b3:71:5a:
41:cf:be:63:23:8c:8a:13:a5:c6:66:93:9e:5c:1d:b8:cb:d1:
04:a6:5a:df:21:27:5b:25:9f:29:79:f9:df:d2:52:bc:ed:ac:
5b:0f:45:d0:fb:c8:fc:4d:ea:34:ae:1f:06:ee:dc:a2:54:f1:
a5:75:79:83:64:2b:76:bf:78:22:35:65:6a:2d:de:ff:6a:97:
7b:2b:4d:0c:c1:31:81:69:79:be:c0:ba:8a:81:e8:6e:e0:e3:
67:4c:eb:27:87:e3:84:fc:53:94:f7:73:8b:d1:42:9a:dc:b1:
73:ad:95:f0:ea:b4:9d:69:83:fb:31:e3:22:5a:82:60:b2:41:
90:34:37:e4:89:ca:7e:8b:6f:be:21:5c:c0:e6:cd:38:95:0e:
d9:c9:8e:5d:6e:3b:5c:13:f5:fb:4e:a0:2e:d2:bf:27:c0:16:
e3:22:88:73:ac:20:2d:62:47:aa:57:3d:cb:65:aa:35:92:4d:
50:3a:95:af:d1:94:45:1e:ad:2b:7a:6d:32:4d:58:74:cb:42:
e2:fe:3d:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTvMujsZkAXh5+cm65JpIR4oYHOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUwMjZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMWFkMThiMGRmYTJlODUxYWQzNzU3ZWRiMTNhMzNhMmMxYjhiNzFkYWMy
YTA4MDVhNmY0MjJkYjBjMThmODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgjOYxPcblWFAzUr56USgOQ2UjcrlUbd0iT0x9x3Yk6cFNnSPy1JLPgPGVT
NcMZldBXLSSwN1ZHMRUObc7Yfw4UlwBV/L1wozA5RjB4yo1hEE4CbHbwfvH3PVwc
xkOlOIz+7XlG7Pa5QBkRYCQ/C/uYQBJbiza6pQVaEjq0R6QUReQWnvo23gR85b3q
lEMwjYm6qJxyi1fsQ+TCvxP9+eUFgpm5GtjzB0bSe1vO/f3CIBw/8O/3J8VyQ6dI
xNrboMhZ8Q/g2mRXhYay1NF5H3jdxUro9V1G1QgEYJQyeJt9rPktVBGon8sOC1Oe
1ll7p3sI2Cj50rdRypbNxsK+C60CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTfhif/
K1f2j6+lEfCoOZnTkzQJpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQAIsOwaxruBjfc/Xg+DnjQMcJWQ7Nu6Dppn9eDCuAxQ
dJsFv0gXvxoTYxvwpCgeogjEhTyzcVpBz75jI4yKE6XGZpOeXB24y9EEplrfISdb
JZ8pefnf0lK87axbD0XQ+8j8Teo0rh8G7tyiVPGldXmDZCt2v3giNWVqLd7/apd7
K00MwTGBaXm+wLqKgehu4ONnTOsnh+OE/FOU93OL0UKa3LFzrZXw6rSdaYP7MeMi
WoJgskGQNDfkicp+i2++IVzA5s04lQ7ZyY5dbjtcE/X7TqAu0r8nwBbjIohzrCAt
YkeqVz3LZao1kk1QOpWv0ZRFHq0rem0yTVh0y0Li/j3A
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:34 2025 by rpki-client