Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: IVHEbta05XjXJBsZlF2NHlQp2S2g6DkoyK5qTShHBq4=
Subject key identifier: 94:90:0F:36:56:94:0F:D3:99:3B:EF:28:EE:CE:69:B5:9F:F9:1C:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6AA4CF7B5F7D0AF578E0A2579242729B8D2AFEE9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Wed 05 Mar 2025 17:51:54 +0000
ROA not before: Wed 05 Mar 2025 17:51:54 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:a4:cf:7b:5f:7d:0a:f5:78:e0:a2:57:92:42:72:9b:8d:2a:fe:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:54 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c5:8e:82:25:7b:85:98:e0:d2:65:b1:50:78:
f5:f7:ee:ab:11:db:68:fa:81:38:ba:e2:31:00:e1:
62:e9:d9:47:3e:7a:e6:2a:37:ab:de:33:06:e6:c2:
c0:1d:ca:d2:7d:6a:47:fc:86:82:71:cd:97:b1:60:
70:cf:65:b2:de:e1:a4:92:a5:7a:62:34:e2:4c:2f:
bc:7c:26:ba:06:bb:fb:cc:73:b2:82:d2:13:e7:50:
e1:dd:d9:2d:a8:a2:f3:1a:8f:10:94:46:a6:46:60:
41:06:29:5b:c3:9a:f9:c3:79:75:1d:b9:09:2c:5b:
81:58:09:5b:8e:28:9e:a3:d6:cb:ea:56:5f:fc:75:
81:a4:41:4a:cb:97:c7:a0:68:6c:ed:4f:bb:3d:bf:
3e:e4:44:6e:f3:ca:c8:70:1b:cc:ef:5a:27:fd:01:
92:f2:e2:ba:9a:07:71:e1:1a:92:d4:c2:d5:84:a8:
c1:86:05:66:07:45:64:7c:84:15:c5:a5:62:9f:a4:
12:36:1e:af:bc:cc:52:34:11:bc:48:2b:94:07:3b:
56:29:40:9a:ab:43:71:ac:26:c6:d0:a1:1b:10:0c:
83:b6:73:51:88:7d:a6:a1:51:9e:cf:36:d0:23:50:
c5:95:1f:72:c6:db:e8:a4:05:5d:0b:d6:fa:01:97:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:90:0F:36:56:94:0F:D3:99:3B:EF:28:EE:CE:69:B5:9F:F9:1C:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:e4:86:b9:89:10:c6:7b:cd:40:17:e5:41:e6:6a:5d:00:b4:
6b:5d:71:1c:43:33:b3:26:91:0a:ba:a3:e8:f7:5e:65:0e:2b:
7a:2b:6d:d7:14:00:9b:c7:40:4f:73:17:3a:47:79:1b:ac:0a:
09:c4:8d:9a:f4:22:3f:9b:1d:58:96:25:3c:49:90:4c:fd:f6:
9e:11:95:4d:3f:18:93:36:d6:fb:2e:e2:7a:93:e9:61:3b:7d:
33:98:46:c5:2d:1d:fe:94:59:a4:d4:a2:15:21:d8:61:83:6d:
6e:50:5d:3f:d1:73:b3:da:55:3d:76:ca:de:07:64:b1:41:3a:
8e:74:3b:ae:f9:60:95:87:83:39:06:58:9c:7c:a2:b5:e2:b5:
cd:ba:3f:3d:26:36:92:d2:ee:62:55:79:8e:98:42:26:e4:81:
6d:e1:c2:7b:b0:87:1f:e7:e9:32:aa:bc:0b:f1:9d:71:f9:f1:
41:ae:c6:9d:61:9d:4b:3c:fd:f9:7e:d5:ec:f4:40:d9:b7:dc:
a6:ca:95:50:c0:37:6d:85:33:9a:be:f6:e6:43:4c:39:09:61:
73:89:96:d5:57:f8:44:b3:e6:1a:26:f8:6b:e2:55:77:97:ba:
f6:b6:c5:fa:01:d6:a0:12:36:41:2c:67:9c:09:67:65:7a:af:
af:0b:03:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaqTPe199CvV44KJXkkJym40q/ukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNTRaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwY2I4ZDdmMTJjYmQyNTgzZTFmOTQ3ZWU4YTZjZTg4ZDdlZmFkMmY2Mjgw
YTc4ZjJlMDdmN2I5MzZmZThmMzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPFjoIle4WY4NJlsVB49ffuqxHbaPqBOLriMQDhYunZRz565io3q94zBubC
wB3K0n1qR/yGgnHNl7FgcM9lst7hpJKlemI04kwvvHwmuga7+8xzsoLSE+dQ4d3Z
Laii8xqPEJRGpkZgQQYpW8Oa+cN5dR25CSxbgVgJW44onqPWy+pWX/x1gaRBSsuX
x6BobO1Puz2/PuREbvPKyHAbzO9aJ/0BkvLiupoHceEaktTC1YSowYYFZgdFZHyE
FcWlYp+kEjYer7zMUjQRvEgrlAc7VilAmqtDcawmxtChGxAMg7ZzUYh9pqFRns82
0CNQxZUfcsbb6KQFXQvW+gGXCpcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSUkA82
VpQP05k77yjuzmm1n/kclTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQAe5Ia5iRDGe81AF+VB5mpdALRrXXEcQzOzJpEKuqPo
915lDit6K23XFACbx0BPcxc6R3kbrAoJxI2a9CI/mx1YliU8SZBM/faeEZVNPxiT
Ntb7LuJ6k+lhO30zmEbFLR3+lFmk1KIVIdhhg21uUF0/0XOz2lU9dsreB2SxQTqO
dDuu+WCVh4M5BlicfKK14rXNuj89JjaS0u5iVXmOmEIm5IFt4cJ7sIcf5+kyqrwL
8Z1x+fFBrsadYZ1LPP35ftXs9EDZt9ymypVQwDdthTOavvbmQ0w5CWFziZbVV/hE
s+YaJvhr4lV3l7r2tsX6AdagEjZBLGecCWdleq+vCwMh
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:02:24 2025 by rpki-client