Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: tAjKJNJyXpIvW1N8jTg+gC5of8xNiqbyzzdXgZJRo4Q=
Subject key identifier: 9B:60:13:E1:87:77:19:1C:A1:08:45:48:F9:C5:26:92:F8:E7:B3:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30B0210062806600CE2D02C72E5309463074E750
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Wed 05 Mar 2025 17:51:58 +0000
ROA not before: Wed 05 Mar 2025 17:51:58 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b0:21:00:62:80:66:00:ce:2d:02:c7:2e:53:09:46:30:74:e7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:51:58 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:64:2f:61:7c:ee:84:c3:7c:96:a5:23:0e:
44:0f:82:f7:66:e7:4f:4b:16:66:40:26:58:c9:e1:
cf:16:c7:da:e1:90:2b:68:10:a9:21:76:b0:8e:34:
21:f8:d6:6d:b1:f6:4a:2d:28:00:c3:42:b9:8e:fc:
ab:ca:30:16:a3:5d:a9:d1:29:28:89:0f:9e:db:12:
4d:be:66:ab:28:59:61:0a:fa:a8:99:47:6c:54:7e:
82:75:e8:2c:db:77:d8:a5:0d:04:6a:3f:4d:bf:a9:
77:0a:32:2d:10:c5:95:dd:b6:d9:a4:49:dc:38:d9:
b7:e0:fb:da:3e:20:1e:b0:b0:ab:d0:93:e9:85:c6:
2f:ca:76:8a:f2:0c:8f:e9:f9:0a:7a:ee:73:6c:7c:
a3:27:2e:bd:b0:d7:c8:c6:a0:5d:a4:81:d3:7c:6b:
98:51:c2:3d:3c:0c:e1:09:42:09:16:a9:6e:1a:2c:
96:38:5e:9a:de:69:a7:80:93:38:0f:57:16:95:a2:
36:60:cd:59:e6:31:19:5a:85:db:50:74:6e:bf:29:
33:90:9c:d5:39:28:5f:8f:a5:16:8f:33:7d:96:44:
27:d1:aa:d2:62:a4:ac:ff:79:f2:c0:ec:fe:50:85:
ab:c4:f8:14:42:b7:52:48:b9:19:e9:15:93:87:a1:
41:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:60:13:E1:87:77:19:1C:A1:08:45:48:F9:C5:26:92:F8:E7:B3:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:f5:0e:93:ee:51:72:a1:42:0a:20:ab:ba:5a:a5:d2:cd:7e:
6a:e8:3c:23:ec:5c:ec:b5:7d:79:c6:23:c6:fa:b8:72:c2:04:
95:ec:28:d1:4e:3b:a9:24:ac:22:f5:c4:bc:f6:c0:fa:cd:cb:
bf:e2:12:92:0a:90:42:c5:cf:11:c1:94:a6:c3:f1:9d:6e:0b:
6a:7a:eb:13:f7:5d:3e:27:d7:c8:d2:fd:76:25:2c:7b:01:c1:
cc:6a:30:cc:91:dd:c3:d6:a1:ab:7e:9a:48:b5:a5:7c:f5:12:
0c:b6:e0:90:01:c4:a4:a8:1d:3b:0d:2d:1b:b4:68:94:09:96:
10:76:82:02:25:69:d4:cd:8a:cc:14:df:59:4b:cb:17:1c:60:
20:e4:81:14:50:15:4b:00:e9:4b:d9:0f:76:22:97:4f:e6:73:
b5:9d:dc:47:1d:3b:8d:ed:d9:33:2f:a4:a2:38:71:3b:13:b3:
01:d8:3b:98:ee:73:05:d6:e6:e6:92:4a:83:c2:92:33:82:a0:
af:c1:16:aa:94:93:b8:90:53:7b:1a:22:9f:fe:4f:cb:c3:68:
66:7b:e6:35:ee:1f:dc:01:24:1b:85:f3:2b:5f:6d:aa:d6:d8:
69:71:19:d4:d5:cf:53:b2:61:d6:5f:75:3f:e4:cf:77:9d:51:
56:58:b8:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMLAhAGKAZgDOLQLHLlMJRjB051AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUxNThaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3NDhlZTk3YzM1ZTU5M2YxYTM4YzcwZTVhYjg3NGM0N2IxYWM3YzZiMDA2
MmE2OTA1Y2I1ZDJiYmE5NzBiN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqpZC9hfO6Ew3yWpSMORA+C92bnT0sWZkAmWMnhzxbH2uGQK2gQqSF2sI40
IfjWbbH2Si0oAMNCuY78q8owFqNdqdEpKIkPntsSTb5mqyhZYQr6qJlHbFR+gnXo
LNt32KUNBGo/Tb+pdwoyLRDFld222aRJ3DjZt+D72j4gHrCwq9CT6YXGL8p2ivIM
j+n5Cnruc2x8oycuvbDXyMagXaSB03xrmFHCPTwM4QlCCRapbhosljhemt5pp4CT
OA9XFpWiNmDNWeYxGVqF21B0br8pM5Cc1TkoX4+lFo8zfZZEJ9Gq0mKkrP958sDs
/lCFq8T4FEK3Uki5GekVk4ehQe0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbYBPh
h3cZHKEIRUj5xSaS+OezyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQCN9Q6T7lFyoUIKIKu6WqXSzX5q6Dwj7FzstX15xiPG
+rhywgSV7CjRTjupJKwi9cS89sD6zcu/4hKSCpBCxc8RwZSmw/GdbgtqeusT910+
J9fI0v12JSx7AcHMajDMkd3D1qGrfppItaV89RIMtuCQAcSkqB07DS0btGiUCZYQ
doICJWnUzYrMFN9ZS8sXHGAg5IEUUBVLAOlL2Q92IpdP5nO1ndxHHTuN7dkzL6Si
OHE7E7MB2DuY7nMF1ubmkkqDwpIzgqCvwRaqlJO4kFN7GiKf/k/Lw2hme+Y17h/c
ASQbhfMrX22q1thpcRnU1c9TsmHWX3U/5M93nVFWWLj8
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:58 2025 by rpki-client