Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
File: 9adb83e6-fa36-47fa-b5be-856fd7247898.roa (raw, json)
Hash identifier: VILMrSO/qW2IzvQMC2BBQCWjO5GnJzEDs1JEjX9Alyw=
Subject key identifier: 7D:80:8E:89:85:DB:5A:28:F2:BE:27:07:D2:34:31:93:42:70:5B:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7099C769AF4EE295E86A3D00534D475C8E0BD76B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
Signing time: Fri 07 Mar 2025 15:11:02 +0000
ROA not before: Fri 07 Mar 2025 15:11:02 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.104.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:99:c7:69:af:4e:e2:95:e8:6a:3d:00:53:4d:47:5c:8e:0b:d7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:11:02 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3e:3b:28:3a:70:e5:7c:f5:ae:20:7f:50:a0:
bb:ba:b7:02:8c:fe:13:3e:d8:fc:5e:51:12:54:d4:
c3:f0:bc:20:11:45:9c:de:74:63:db:58:71:17:68:
52:01:c3:98:5e:00:72:c9:8d:70:86:3c:91:94:db:
84:aa:0c:3e:74:61:50:f8:6f:3d:06:10:e8:de:8e:
ae:65:8a:71:2e:57:86:5b:fa:e9:d5:ad:99:fa:02:
5c:d0:96:72:0d:42:6b:4f:4a:60:f8:37:09:50:1c:
03:cf:58:f0:5a:ab:70:3e:62:17:2b:95:d6:ec:ed:
a5:e2:50:00:37:67:e4:bb:41:4b:9d:cd:d2:f7:6d:
12:b7:85:f2:ed:2e:4a:27:fd:1b:af:fe:a0:96:08:
b9:35:75:5f:9d:52:4d:1b:47:6d:dd:f8:b1:b0:42:
25:9e:76:78:f6:b4:41:b7:3d:8a:b7:ef:35:02:a8:
27:4b:ef:ee:e2:38:a3:7a:60:e3:22:14:17:e2:73:
44:ee:13:04:11:cf:40:54:4d:67:52:50:dd:ca:c0:
70:62:e5:83:96:4a:12:1d:f3:0f:c3:a0:bc:17:50:
7c:8c:2e:93:b1:3b:ee:fe:81:1e:d0:b3:46:b7:01:
55:a4:b7:4a:34:c2:9f:ee:ea:cc:f6:09:57:05:27:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:80:8E:89:85:DB:5A:28:F2:BE:27:07:D2:34:31:93:42:70:5B:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.104.0/23
Signature Algorithm: sha256WithRSAEncryption
50:f4:2a:92:1f:20:7d:fe:77:f1:3f:2e:44:d9:6a:85:53:82:
42:b7:1a:32:bb:61:0f:1c:db:97:d3:7d:f4:ae:27:75:51:78:
23:e5:f4:05:6d:9b:8d:50:c9:de:41:13:42:f8:7b:63:ee:ff:
82:06:28:8e:25:d2:d0:99:87:cb:91:fa:bf:9c:7d:f2:5f:89:
51:f0:39:61:2c:0d:c9:d9:ac:18:79:32:ec:57:71:55:85:43:
3d:be:41:ec:51:ca:9f:a5:31:72:ea:aa:c9:d9:db:8d:d1:0c:
b3:eb:95:0e:27:86:2a:35:8d:ef:79:b2:db:9e:a1:87:11:67:
09:e1:69:70:14:63:a5:09:3c:2a:3c:76:3f:66:ff:05:5c:03:
dd:77:19:8c:48:b1:a1:0e:3f:35:7e:cf:16:ae:43:08:aa:a1:
85:2f:6e:c7:c8:83:cf:10:69:3c:44:91:10:c4:58:05:0b:63:
13:34:3f:5f:a9:67:51:49:e7:f0:7a:ce:e6:d5:14:db:1d:64:
b9:d1:d2:e8:64:e4:41:4d:74:5b:0f:56:e2:38:a9:9d:fb:c9:
cb:1d:ac:b2:bf:e8:c5:ca:73:f9:dc:38:70:66:dc:df:fd:1f:
bb:43:35:16:50:38:12:7c:bd:1c:01:ac:51:b7:bd:68:2a:82:
77:7c:0f:d3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcJnHaa9O4pXoaj0AU01HXI4L12swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTExMDJaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNmZjOGJjZDg4OTczNjYwNjA3MGI3NTMwMmZlMjc3NDNlZGU4MTBkNGYx
YmU5OGE5MDA5ZTY0MzRkZTcwN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJk+Oyg6cOV89a4gf1Cgu7q3Aoz+Ez7Y/F5RElTUw/C8IBFFnN50Y9tYcRdo
UgHDmF4AcsmNcIY8kZTbhKoMPnRhUPhvPQYQ6N6OrmWKcS5Xhlv66dWtmfoCXNCW
cg1Ca09KYPg3CVAcA89Y8FqrcD5iFyuV1uztpeJQADdn5LtBS53N0vdtEreF8u0u
Sif9G6/+oJYIuTV1X51STRtHbd34sbBCJZ52ePa0Qbc9irfvNQKoJ0vv7uI4o3pg
4yIUF+JzRO4TBBHPQFRNZ1JQ3crAcGLlg5ZKEh3zD8OgvBdQfIwuk7E77v6BHtCz
RrcBVaS3SjTCn+7qzPYJVwUn8xMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR9gI6J
hdtaKPK+JwfSNDGTQnBbhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWFkYjgzZTYtZmEzNi00N2ZhLWI1YmUtODU2ZmQ3MjQ3ODk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQaDAN
BgkqhkiG9w0BAQsFAAOCAQEAUPQqkh8gff538T8uRNlqhVOCQrcaMrthDxzbl9N9
9K4ndVF4I+X0BW2bjVDJ3kETQvh7Y+7/ggYojiXS0JmHy5H6v5x98l+JUfA5YSwN
ydmsGHky7FdxVYVDPb5B7FHKn6UxcuqqydnbjdEMs+uVDieGKjWN73my256hhxFn
CeFpcBRjpQk8Kjx2P2b/BVwD3XcZjEixoQ4/NX7PFq5DCKqhhS9ux8iDzxBpPESR
EMRYBQtjEzQ/X6lnUUnn8HrO5tUU2x1kudHS6GTkQU10Ww9W4jipnfvJyx2ssr/o
xcpz+dw4cGbc3/0fu0M1FlA4Eny9HAGsUbe9aCqCd3wP0w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:11 2025 by rpki-client