Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
File: bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa (raw, json)
Hash identifier: 3fO3j6ARrdhBDU1UZkr4M6njg6UJMKc7PHzm60rUhQU=
Subject key identifier: 2A:33:81:D6:C3:29:BA:6A:00:EF:D8:F9:3F:70:46:FD:26:D4:C1:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C5E923E7E0109B7120E132BCC5EA7D1A9050F5C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:5e:92:3e:7e:01:09:b7:12:0e:13:2b:cc:5e:a7:d1:a9:05:0f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a9:2e:62:68:e2:3b:f1:f0:91:8b:d5:0f:25:
f3:09:91:ab:0c:0c:8d:d2:b2:b2:76:3f:32:bd:84:
7b:a1:c5:ef:47:e6:64:8a:71:56:ca:21:b1:1c:e3:
15:fc:86:a0:2e:8a:6f:a2:ed:c3:bd:a4:5d:e9:45:
05:a1:49:c8:3f:12:35:c4:24:3d:13:0f:ec:08:91:
bf:94:65:30:34:9d:fd:91:30:5d:9d:34:49:37:4a:
82:4b:3d:fd:d0:73:14:a4:3c:d0:94:83:e6:88:c7:
14:98:54:0f:1a:71:2a:1f:5c:a2:e4:77:fe:91:b9:
38:b4:f9:90:7c:90:ed:6b:a5:ca:a4:d9:d6:ac:79:
f5:45:6e:94:0f:4e:d5:ea:d2:a9:54:9f:e8:f6:cc:
75:df:a4:ce:b3:16:23:24:80:fc:2d:d3:64:fc:bd:
cb:97:4c:99:da:89:da:94:4f:ec:8c:43:3a:3c:32:
7b:15:fe:11:94:7b:3d:87:25:53:64:de:c7:8c:82:
9c:9c:0d:2e:3e:8a:ee:74:c3:66:16:a1:04:d0:57:
f8:77:b9:53:52:50:51:37:16:c7:0c:0b:76:55:54:
ed:df:ab:22:1d:4c:3c:1a:9b:1e:aa:c0:79:55:2e:
8f:7d:1c:f5:59:21:cd:4c:1b:c7:a6:ac:c7:8a:fd:
b6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:33:81:D6:C3:29:BA:6A:00:EF:D8:F9:3F:70:46:FD:26:D4:C1:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:ea:86:b8:14:68:32:50:78:c6:2c:9a:84:7d:1b:a7:4a:5f:
3e:33:aa:00:d6:c3:d6:59:fd:94:91:67:e2:12:20:2e:11:3a:
86:97:8e:94:cd:c5:13:34:df:1e:61:46:bd:74:22:02:b0:c5:
5f:f6:c6:fd:fb:4a:94:6a:7d:a8:a9:b0:82:c4:48:96:d2:04:
56:bd:53:74:95:85:be:c4:bd:1c:14:97:a0:27:5c:93:4e:38:
c9:ab:d3:4a:0f:de:74:8f:a0:39:1e:9c:a7:3a:cd:43:90:92:
38:f7:9a:fd:8d:87:32:f3:d8:44:5b:42:93:8a:58:f3:2d:79:
65:01:03:cc:06:f8:06:4b:44:42:7b:0a:48:42:9d:2b:38:bb:
cc:48:77:50:8f:e0:08:b7:28:71:5a:8f:95:4e:f8:31:4c:05:
52:83:c3:00:0a:09:7e:9a:13:b4:27:e5:61:62:b2:41:2d:a1:
6c:57:2d:08:f8:02:9b:46:65:60:cb:af:09:cd:ea:2f:c4:47:
89:73:5d:c1:31:10:41:2d:62:81:8d:e8:f9:04:ce:c1:a3:16:
a0:70:2c:2e:30:23:df:95:e6:36:59:ff:55:3e:d3:84:36:62:
e5:91:7d:77:af:4d:d9:87:ae:b3:45:67:f1:08:da:f1:9c:9a:
aa:7e:58:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTF6SPn4BCbcSDhMrzF6n0akFD1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NTEyNWYzZjAwNzdjZmYwODA3MGM3ZTU3YzhlNGRjNWY2YzZiMmIxZDBl
OGRmZmZjZjk0MDRlMTQyZjFmODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCpLmJo4jvx8JGL1Q8l8wmRqwwMjdKysnY/Mr2Ee6HF70fmZIpxVsohsRzj
FfyGoC6Kb6Ltw72kXelFBaFJyD8SNcQkPRMP7AiRv5RlMDSd/ZEwXZ00STdKgks9
/dBzFKQ80JSD5ojHFJhUDxpxKh9couR3/pG5OLT5kHyQ7WulyqTZ1qx59UVulA9O
1erSqVSf6PbMdd+kzrMWIySA/C3TZPy9y5dMmdqJ2pRP7IxDOjwyexX+EZR7PYcl
U2Tex4yCnJwNLj6K7nTDZhahBNBX+He5U1JQUTcWxwwLdlVU7d+rIh1MPBqbHqrA
eVUuj30c9VkhzUwbx6asx4r9tvECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQqM4HW
wym6agDv2Pk/cEb9JtTBajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmRjMmZiMDQtZjEyYS00ODVmLWIyYjYtOGI5M2VkNzIyZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ6oa4FGgyUHjGLJqEfRunSl8+M6oA1sPWWf2UkWfi
EiAuETqGl46UzcUTNN8eYUa9dCICsMVf9sb9+0qUan2oqbCCxEiW0gRWvVN0lYW+
xL0cFJegJ1yTTjjJq9NKD950j6A5HpynOs1DkJI495r9jYcy89hEW0KTiljzLXll
AQPMBvgGS0RCewpIQp0rOLvMSHdQj+AItyhxWo+VTvgxTAVSg8MACgl+mhO0J+Vh
YrJBLaFsVy0I+AKbRmVgy68JzeovxEeJc13BMRBBLWKBjej5BM7BoxagcCwuMCPf
leY2Wf9VPtOENmLlkX13r03Zh66zRWfxCNrxnJqqflix
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:39:34 2025 by rpki-client