Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa
File: ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa (raw, json)
Hash identifier: 7Esvf3UUBnU+H9EJ/ZGCurC0gX12heypyH/lu5DUSRM=
Subject key identifier: 7B:7F:CC:01:B8:87:8D:EA:C5:33:89:E7:CC:69:50:6C:8A:E7:66:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48492FE43D15C8FB6CB9237E8146CFE0DA007032
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:49:2f:e4:3d:15:c8:fb:6c:b9:23:7e:81:46:cf:e0:da:00:70:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ac:93:c6:61:fb:aa:3e:59:50:26:a7:0d:a6:
71:8a:6f:a8:e2:84:11:85:aa:29:82:5f:34:c3:7c:
a5:bd:c4:23:6b:ac:b9:b2:fa:93:8c:6b:36:d9:95:
0b:ac:f0:40:4b:7a:7c:3e:1f:5c:ff:ce:29:e0:98:
00:11:d5:6f:55:37:a1:1a:58:f4:09:f1:90:7e:fd:
7a:21:aa:45:03:a7:3a:c1:0a:26:63:40:88:1a:5c:
82:49:5c:04:46:2c:c6:dd:2e:d6:b2:44:bd:e7:84:
fd:b4:2a:a8:d0:c6:e9:c5:07:71:c9:df:d6:9e:dd:
f9:32:3b:30:62:47:c7:c6:14:18:d9:9e:1b:83:62:
49:c0:ec:cb:67:b8:5d:f1:c3:72:75:73:49:af:83:
bd:43:ea:48:d4:ee:bb:7c:3d:62:04:34:6a:83:8d:
a4:29:09:26:78:2c:19:36:80:96:75:f5:71:85:9c:
ae:6a:66:b9:10:40:09:cd:c2:c5:39:e2:a8:2f:23:
45:d9:64:ae:c7:61:43:74:d7:8a:d5:e1:56:74:60:
9c:d3:57:1e:a5:9e:fc:1d:ae:24:98:de:88:31:f3:
e1:4e:36:d7:cb:86:38:0e:a4:2a:c0:ae:9c:44:b3:
67:af:b7:96:45:f9:12:34:2f:ab:10:93:0e:bb:11:
d1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:7F:CC:01:B8:87:8D:EA:C5:33:89:E7:CC:69:50:6C:8A:E7:66:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba68fedc-c9ae-4605-8ac5-3b7e5b85efa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:84:5b:3f:eb:0e:5a:bc:5e:7d:f7:75:dd:f7:bd:8f:98:18:
b4:84:ad:b7:d3:b3:f9:ae:b7:f2:72:27:38:2b:99:74:9a:7a:
d5:20:a2:66:9b:36:17:bc:bc:00:24:6c:93:c9:40:ad:e4:23:
ed:e6:11:a8:90:c6:9f:30:04:a4:bf:01:74:e2:a6:86:ea:81:
2b:09:06:2c:ab:d5:b2:19:03:86:17:45:c1:98:e9:c4:72:5a:
44:74:99:85:0e:5a:c1:3d:c3:6f:e6:5e:21:a0:1a:18:5e:97:
d9:0b:7c:ea:e9:84:ab:69:85:37:fe:dd:fe:0b:c4:c6:66:cc:
ac:52:ba:4d:29:8d:b2:f7:bd:ff:0e:12:28:d2:f5:5f:58:55:
0d:e7:0d:47:4d:74:0b:cf:04:7d:4c:d3:b7:62:c6:aa:7c:6e:
55:7e:d7:89:97:be:b9:a8:c1:d1:d6:e1:74:b7:d5:a1:56:98:
69:82:46:09:73:13:68:3e:58:f5:84:37:8b:b9:11:92:be:4d:
f0:2c:6b:1b:dc:20:50:7c:2c:ab:e9:72:12:af:64:c5:05:37:
18:92:56:bf:21:17:a9:de:43:eb:ec:7a:14:eb:d5:3f:25:cc:
51:e6:12:1d:c9:e4:41:a4:41:df:42:e6:61:47:ac:0d:20:81:
88:f0:ee:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSEkv5D0VyPtsuSN+gUbP4NoAcDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1YjNjYzA4MzdmYzI3YzM3YThiOWRjN2VmYzA4MzhkZjZjYTIzZDI4NDgx
ZjMwMzBhYjNjOGJkNGIxNjQ4ZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6sk8Zh+6o+WVAmpw2mcYpvqOKEEYWqKYJfNMN8pb3EI2usubL6k4xrNtmV
C6zwQEt6fD4fXP/OKeCYABHVb1U3oRpY9AnxkH79eiGqRQOnOsEKJmNAiBpcgklc
BEYsxt0u1rJEveeE/bQqqNDG6cUHccnf1p7d+TI7MGJHx8YUGNmeG4NiScDsy2e4
XfHDcnVzSa+DvUPqSNTuu3w9YgQ0aoONpCkJJngsGTaAlnX1cYWcrmpmuRBACc3C
xTniqC8jRdlkrsdhQ3TXitXhVnRgnNNXHqWe/B2uJJjeiDHz4U4218uGOA6kKsCu
nESzZ6+3lkX5EjQvqxCTDrsR0S8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7f8wB
uIeN6sUziefMaVBsiudmmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmE2OGZlZGMtYzlhZS00NjA1LThhYzUtM2I3ZTViODVlZmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQCAhFs/6w5avF5993Xd972PmBi0hK2307P5rrfycic4
K5l0mnrVIKJmmzYXvLwAJGyTyUCt5CPt5hGokMafMASkvwF04qaG6oErCQYsq9Wy
GQOGF0XBmOnEclpEdJmFDlrBPcNv5l4hoBoYXpfZC3zq6YSraYU3/t3+C8TGZsys
UrpNKY2y973/DhIo0vVfWFUN5w1HTXQLzwR9TNO3YsaqfG5VfteJl765qMHR1uF0
t9WhVphpgkYJcxNoPlj1hDeLuRGSvk3wLGsb3CBQfCyr6XISr2TFBTcYkla/IRep
3kPr7HoU69U/JcxR5hIdyeRBpEHfQuZhR6wNIIGI8O6P
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:40 2025 by rpki-client