Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: 4ibXkj+zUE+G3MOkDU0bq/sD+nDHLUvr1cDHLdhosU0=
Subject key identifier: CA:AC:3A:33:C3:D7:85:CD:32:F8:86:9B:E8:78:63:B6:0B:48:DD:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 031B95C560F624C98C38B89F7E57EB5E7CE87C3E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Tue 25 Mar 2025 16:22:16 +0000
ROA not before: Tue 25 Mar 2025 16:22:16 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1b:95:c5:60:f6:24:c9:8c:38:b8:9f:7e:57:eb:5e:7c:e8:7c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 25 16:22:16 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:79:8f:90:01:3e:41:b2:5f:39:f5:1b:dc:
da:21:a6:03:c1:e9:aa:a3:fe:bb:62:fa:ba:ab:2b:
60:a3:9a:65:6f:43:ca:e3:e4:00:0d:ec:62:25:b2:
a9:66:6a:91:9d:ea:6f:86:a3:44:68:9c:7d:b6:2f:
1b:bc:8c:37:95:44:a8:09:30:72:35:8c:55:0d:e3:
d0:9b:a8:14:ae:b8:82:bd:ee:58:54:3c:c7:dc:42:
42:8d:c5:25:e1:d2:83:90:3d:65:fd:c0:0b:04:f0:
5c:a6:49:76:56:7d:ee:08:a4:34:f5:df:f6:68:cc:
8c:d3:c5:85:a9:32:51:14:6a:02:6a:d2:cd:a7:12:
5c:97:44:bc:93:cf:6f:0a:36:89:db:a2:52:42:18:
65:a5:e0:2d:f2:af:f8:0f:b3:f4:49:52:48:ca:45:
c3:d0:6d:2f:8e:1a:0c:24:67:9e:dc:6c:ff:07:07:
55:ec:6a:84:50:e3:df:f9:ac:88:e5:96:3f:52:0e:
a7:e3:f1:a8:7e:5d:c0:b8:29:8c:02:2d:e5:8e:d4:
98:fa:e0:fb:d2:1f:01:64:eb:50:83:61:a1:45:16:
f0:d4:50:9c:06:01:93:1d:1c:93:0e:f5:29:dd:75:
5a:9e:27:16:6c:2d:b1:7e:c9:b2:4a:e2:e8:bf:57:
94:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AC:3A:33:C3:D7:85:CD:32:F8:86:9B:E8:78:63:B6:0B:48:DD:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d7:40:9a:a8:18:d8:3f:2c:9a:9e:eb:6c:78:35:92:5f:cf:aa:
63:4d:c8:85:b7:d2:c3:fb:3c:1a:04:86:e2:33:52:43:c2:db:
b6:ee:c2:be:aa:60:f7:c5:15:76:ba:b9:fc:8e:ec:c1:19:d8:
ca:23:dc:5c:fd:b3:10:62:0c:f8:17:d0:3b:fa:fa:dc:16:b9:
51:7d:c2:ec:40:b1:c4:e2:d7:43:ec:29:8c:af:6a:2b:52:4c:
c7:db:af:71:e4:d8:e9:29:9a:45:11:cf:18:ca:4c:c1:9a:13:
db:52:c5:4d:57:f5:32:58:32:b8:bd:5a:7f:72:2b:94:aa:8b:
f5:49:f3:ef:6f:02:5e:89:0b:8f:01:12:83:79:d2:21:65:ac:
68:98:e9:6c:59:85:ed:b6:29:5c:43:0a:6b:1f:67:2d:2a:20:
5e:dd:bb:e4:3d:67:49:94:78:9a:ca:a1:06:54:51:73:4d:3a:
77:87:92:46:c4:5a:7f:73:b7:ec:03:a6:65:96:e6:ea:db:e6:
1e:75:38:e1:43:3f:85:cc:18:51:26:63:44:d0:62:98:60:de:
69:1b:19:f6:10:6f:df:f5:82:07:71:f9:34:6b:15:89:27:dc:
ca:ee:98:9d:3b:56:8d:87:19:ed:1a:f5:28:37:9f:ba:04:6f:
f5:9c:91:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAxuVxWD2JMmMOLifflfrXnzofD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMjUxNjIyMTZaFw0yNTA0MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiZGU4ZWZmZWYxMDZmOWMxMmRlNTNiN2VhNDc2MzhlODQxN2Q3ZThkMzk0
ZWMwM2M1NzIxZDE1MmJjMTcwZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME+eY+QAT5Bsl859Rvc2iGmA8HpqqP+u2L6uqsrYKOaZW9DyuPkAA3sYiWy
qWZqkZ3qb4ajRGicfbYvG7yMN5VEqAkwcjWMVQ3j0JuoFK64gr3uWFQ8x9xCQo3F
JeHSg5A9Zf3ACwTwXKZJdlZ97gikNPXf9mjMjNPFhakyURRqAmrSzacSXJdEvJPP
bwo2iduiUkIYZaXgLfKv+A+z9ElSSMpFw9BtL44aDCRnntxs/wcHVexqhFDj3/ms
iOWWP1IOp+PxqH5dwLgpjAIt5Y7UmPrg+9IfAWTrUINhoUUW8NRQnAYBkx0ckw71
Kd11Wp4nFmwtsX7Jskri6L9XlM0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTKrDoz
w9eFzTL4hpvoeGO2C0jdJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQDXQJqoGNg/LJqe62x4NZJfz6pjTciFt9LD+zwaBIbi
M1JDwtu27sK+qmD3xRV2urn8juzBGdjKI9xc/bMQYgz4F9A7+vrcFrlRfcLsQLHE
4tdD7CmMr2orUkzH269x5NjpKZpFEc8YykzBmhPbUsVNV/UyWDK4vVp/ciuUqov1
SfPvbwJeiQuPARKDedIhZaxomOlsWYXttilcQwprH2ctKiBe3bvkPWdJlHiayqEG
VFFzTTp3h5JGxFp/c7fsA6Zllubq2+YedTjhQz+FzBhRJmNE0GKYYN5pGxn2EG/f
9YIHcfk0axWJJ9zK7pidO1aNhxntGvUoN5+6BG/1nJHi
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:24 2025 by rpki-client