Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
File: 9bcb01bf-5e97-476b-b855-1bba036f903d.roa (raw, json)
Hash identifier: Bjjz7ve+TmME5MKYMTCVZQ5nR1/UG3+pvCidHvIovek=
Subject key identifier: 23:02:3D:00:A8:8B:94:A7:BA:57:AD:63:1D:BA:B5:3C:49:FA:E8:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6DC54878C67DBB54B4A7AD20D39AC40798C18AB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:c5:48:78:c6:7d:bb:54:b4:a7:ad:20:d3:9a:c4:07:98:c1:8a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:67:35:b7:4f:bf:ce:59:4b:19:3b:31:00:
f0:95:01:cc:78:f2:50:33:4f:e4:3f:cc:3f:4d:09:
eb:d1:1b:85:0d:b9:19:85:e7:5e:cf:79:64:18:3e:
6e:b6:65:0f:e5:69:36:ff:40:c3:73:31:82:71:75:
93:40:26:4b:fa:31:7b:1e:93:d7:37:b0:93:92:b2:
c1:f9:d9:9d:52:5e:97:2d:42:72:e2:fc:e6:f9:e2:
6a:a5:29:73:7d:5a:a7:f9:d0:4c:1d:3d:e4:be:16:
02:71:06:de:e7:32:c5:24:5d:d0:e0:42:4b:e0:7d:
55:f1:3f:30:b3:a9:fc:0e:7c:4c:7c:1f:85:78:09:
84:be:8f:32:99:73:cc:df:a0:e9:c3:d7:0c:d8:8e:
b9:19:d6:f6:3b:12:9d:fc:4c:ed:80:75:9a:c5:10:
40:9e:c6:9c:0d:eb:93:d1:9b:35:03:09:1e:ea:8d:
5a:aa:ba:8c:86:d6:4a:16:5b:08:e0:a9:ce:0d:49:
af:e3:de:e7:7f:28:6b:10:49:fd:c2:8b:4e:04:33:
56:8f:0e:58:d9:d3:93:79:91:b9:f3:f7:8c:24:34:
72:bc:8e:2e:98:c6:32:47:56:c5:02:cf:aa:c7:6c:
f6:87:ee:f8:ef:94:03:15:e9:9e:f2:53:9a:c7:be:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:02:3D:00:A8:8B:94:A7:BA:57:AD:63:1D:BA:B5:3C:49:FA:E8:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9bcb01bf-5e97-476b-b855-1bba036f903d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:7d:36:52:6f:7c:5f:35:c4:ed:b5:f7:68:a3:8c:ea:cc:bb:
92:26:cc:d8:99:e5:83:b4:d0:ad:66:70:a0:16:7a:9d:d9:fd:
0a:36:7c:cf:68:3a:88:57:53:ef:17:3f:6a:32:ab:54:28:7d:
c8:a5:9a:a3:69:28:e8:88:b9:88:19:8d:fe:de:f6:83:da:9a:
c4:67:9b:4f:90:6f:3c:5a:37:5a:2a:6a:c2:6b:de:14:5f:da:
d7:43:08:25:49:58:f0:c5:d5:94:0c:8e:46:bd:bc:2c:5f:9a:
82:94:9d:73:a4:78:95:fc:1b:61:40:3b:6d:9d:08:d5:d0:75:
c4:f9:33:f7:0b:98:dd:74:52:2e:f7:72:14:72:b8:84:a5:ea:
61:10:b0:4e:88:f2:95:44:7f:3c:ce:e6:94:c4:4d:54:9e:0c:
b0:33:d6:1b:3f:1c:ca:95:0a:25:de:6d:fd:68:cd:3f:a7:41:
7e:5f:88:fc:96:e4:56:6e:4c:d8:b8:ed:d3:eb:2a:9f:39:e4:
8d:ff:26:0c:4b:29:ee:a9:d8:11:e1:b1:db:2f:ca:96:f4:a3:
e1:e9:f4:17:d8:c3:65:41:b0:00:66:2e:a5:f1:a2:5f:fa:41:
cb:c6:3e:b6:6d:90:82:06:51:60:41:0b:09:6b:87:dd:c7:e5:
ff:06:83:a0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbcVIeMZ9u1S0p60g05rEB5jBirkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0N2E2YWY4M2JjMmQ2MGUyNGZiNzJmN2RlYTc5YzEzMDNmOWFkYzcwMTRj
ZmE0NGU0MGNjNzk3ZGU3MWU0OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1LZzW3T7/OWUsZOzEA8JUBzHjyUDNP5D/MP00J69EbhQ25GYXnXs95ZBg+
brZlD+VpNv9Aw3MxgnF1k0AmS/oxex6T1zewk5KywfnZnVJely1CcuL85vniaqUp
c31ap/nQTB095L4WAnEG3ucyxSRd0OBCS+B9VfE/MLOp/A58THwfhXgJhL6PMplz
zN+g6cPXDNiOuRnW9jsSnfxM7YB1msUQQJ7GnA3rk9GbNQMJHuqNWqq6jIbWShZb
COCpzg1Jr+Pe538oaxBJ/cKLTgQzVo8OWNnTk3mRufP3jCQ0cryOLpjGMkdWxQLP
qsds9ofu+O+UAxXpnvJTmse+mqkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjAj0A
qIuUp7pXrWMdurU8SfroPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWJjYjAxYmYtNWU5Ny00NzZiLWI4NTUtMWJiYTAzNmY5MDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQAifTZSb3xfNcTttfdoo4zqzLuSJszYmeWDtNCtZnCg
Fnqd2f0KNnzPaDqIV1PvFz9qMqtUKH3IpZqjaSjoiLmIGY3+3vaD2prEZ5tPkG88
WjdaKmrCa94UX9rXQwglSVjwxdWUDI5GvbwsX5qClJ1zpHiV/BthQDttnQjV0HXE
+TP3C5jddFIu93IUcriEpephELBOiPKVRH88zuaUxE1UngywM9YbPxzKlQol3m39
aM0/p0F+X4j8luRWbkzYuO3T6yqfOeSN/yYMSynuqdgR4bHbL8qW9KPh6fQX2MNl
QbAAZi6l8aJf+kHLxj62bZCCBlFgQQsJa4fdx+X/BoOg
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:00:12 2025 by rpki-client