Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: pBu3hlf2U2NIcZwm2sb0EpyWwNrgDGhC898zWg/maeo=
Subject key identifier: EA:7E:24:85:EE:B9:E7:CA:D6:5D:CD:34:56:0D:36:A2:EA:65:4E:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05A98FB32B31FF2B8E6C7C5525CA3BC240DC97A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Wed 05 Mar 2025 17:51:09 +0000
ROA not before: Wed 05 Mar 2025 17:51:09 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:a9:8f:b3:2b:31:ff:2b:8e:6c:7c:55:25:ca:3b:c2:40:dc:97:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:09 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c3:00:a4:08:b3:67:71:39:19:fc:0a:a2:ee:
5f:f3:ff:f2:cb:9a:19:5d:f8:4d:14:b2:62:a9:93:
2e:d2:fc:61:46:e5:1b:07:b6:6f:f4:5a:fe:f7:ca:
9e:0f:28:7e:26:3d:95:5b:52:29:d3:0d:9d:52:04:
b0:2c:01:0b:0c:fa:f1:45:1c:06:73:f7:60:25:7e:
f3:4a:f1:75:be:00:5f:d1:11:6a:94:e8:9c:d8:6e:
19:85:37:5d:0b:70:17:cb:55:b9:b0:38:15:a9:83:
21:c7:36:31:b6:3d:75:78:5d:9f:5a:d8:9a:30:ce:
c8:6f:11:0d:d2:48:83:19:34:b5:fb:e2:61:ab:54:
9e:6a:14:1b:e3:99:a1:6a:af:98:06:7d:6e:7d:2e:
74:ca:5e:75:4a:58:22:db:af:12:7c:b2:f9:a0:94:
06:29:ee:be:06:5b:c4:4d:a6:60:bb:b0:7c:5e:64:
7e:18:48:cd:92:5e:89:63:d5:3c:88:1a:4e:8b:03:
f1:0a:ab:6c:cc:10:e3:70:51:bb:af:b3:46:27:69:
e2:4b:74:72:2d:47:29:12:01:fd:09:bf:aa:51:51:
ae:ca:3b:85:dd:e7:fa:2c:46:b3:22:49:27:b3:b6:
ae:7c:e3:a4:fb:07:95:aa:b4:b3:26:08:bd:cd:62:
b3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7E:24:85:EE:B9:E7:CA:D6:5D:CD:34:56:0D:36:A2:EA:65:4E:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:94:2c:ba:68:b2:c4:1b:0c:b8:f2:05:a8:89:4d:28:1a:32:
c7:bb:57:09:13:3b:6d:ba:64:40:a6:a0:25:69:db:27:ba:d0:
61:9a:13:2b:4c:87:6e:b1:ed:af:0d:0c:eb:7d:36:c0:08:07:
ea:b8:4a:97:82:b3:07:e2:db:f5:72:83:2d:cd:2d:75:97:64:
ec:62:aa:a8:31:08:32:b5:3d:f3:a7:63:49:a4:0a:32:15:a6:
a9:01:e2:83:b1:11:c2:d3:f1:e6:17:09:1e:84:58:07:6c:41:
e4:8d:ae:59:df:3b:7a:34:22:ef:5d:e2:da:b4:5e:50:f5:f0:
9d:ef:0b:e9:eb:77:e9:b3:b3:0e:1d:86:9b:a3:5e:a4:dd:08:
b3:eb:32:e6:8b:6a:23:e8:6e:a6:75:fd:3f:f3:e2:af:fa:48:
c6:ad:be:90:53:54:a1:4b:4b:86:2d:33:e8:1b:04:30:d1:30:
f2:df:7a:82:ca:7b:ca:cd:73:65:b2:74:bd:fe:f1:e1:e3:90:
d4:b1:d5:e3:23:8a:0f:df:c6:a3:e3:a7:36:1c:29:49:65:cb:
16:3a:13:95:0a:97:48:6f:03:5c:34:fe:78:74:4a:8b:d5:e9:
f3:95:2c:b0:c6:58:0b:ec:ac:6e:ac:92:95:67:73:68:21:84:
bb:2c:ee:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBamPsysx/yuObHxVJco7wkDcl6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxMDlaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5NWEyY2E4NDFmYmVjNjM1MDQxZGVmYmE4ODVjNTU3ZThjOTcyNTgzZmM5
NzgwNmZhNTQwZjI3Mzc2Y2E4OTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDDAKQIs2dxORn8CqLuX/P/8suaGV34TRSyYqmTLtL8YUblGwe2b/Ra/vfK
ng8ofiY9lVtSKdMNnVIEsCwBCwz68UUcBnP3YCV+80rxdb4AX9ERapTonNhuGYU3
XQtwF8tVubA4FamDIcc2MbY9dXhdn1rYmjDOyG8RDdJIgxk0tfviYatUnmoUG+OZ
oWqvmAZ9bn0udMpedUpYItuvEnyy+aCUBinuvgZbxE2mYLuwfF5kfhhIzZJeiWPV
PIgaTosD8QqrbMwQ43BRu6+zRidp4kt0ci1HKRIB/Qm/qlFRrso7hd3n+ixGsyJJ
J7O2rnzjpPsHlaq0syYIvc1is5cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqfiSF
7rnnytZdzTRWDTai6mVOozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQB0lCy6aLLEGwy48gWoiU0oGjLHu1cJEzttumRApqAl
adsnutBhmhMrTIduse2vDQzrfTbACAfquEqXgrMH4tv1coMtzS11l2TsYqqoMQgy
tT3zp2NJpAoyFaapAeKDsRHC0/HmFwkehFgHbEHkja5Z3zt6NCLvXeLatF5Q9fCd
7wvp63fps7MOHYabo16k3Qiz6zLmi2oj6G6mdf0/8+Kv+kjGrb6QU1ShS0uGLTPo
GwQw0TDy33qCynvKzXNlsnS9/vHh45DUsdXjI4oP38aj46c2HClJZcsWOhOVCpdI
bwNcNP54dEqL1enzlSywxlgL7KxurJKVZ3NoIYS7LO4K
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:04 2025 by rpki-client