Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: I03VZOUFU8b37dVGsVuoifLv7+N8JgrZJSKIyTdRw/w=
Subject key identifier: 2C:8F:D4:5F:59:B7:FF:37:B9:02:C3:9F:D6:86:43:7E:85:10:D1:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AF4B1209CA1AD6F1796215516384457E9EB7FB5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Fri 07 Mar 2025 15:10:16 +0000
ROA not before: Fri 07 Mar 2025 15:10:16 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:f4:b1:20:9c:a1:ad:6f:17:96:21:55:16:38:44:57:e9:eb:7f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:16 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:94:39:8d:fe:be:cc:79:10:75:7b:bd:b2:e5:
7d:0e:78:9c:d1:6c:39:07:5a:59:19:0c:79:55:a0:
68:da:ee:3c:61:f8:54:4b:13:31:d7:79:4e:73:4c:
a3:a0:3c:aa:76:02:48:24:31:09:83:5c:af:e3:b6:
8f:37:e5:ad:d7:90:ca:14:d2:f3:48:f0:97:7b:d9:
10:07:e1:11:8e:23:7f:4f:ee:4f:94:39:9f:e9:48:
84:4e:f7:36:44:4a:a4:4e:64:97:cd:4c:b5:7e:16:
47:e0:54:67:a0:6c:bf:93:06:49:d5:2c:9d:f6:96:
9f:4d:3d:9f:8e:d8:04:19:fb:79:bb:00:65:ed:c3:
21:55:e0:9c:a4:42:c8:2f:48:d1:ef:54:17:5b:15:
78:ea:e1:f0:24:4a:6b:ef:95:65:04:23:07:8f:e6:
7e:6e:b2:8a:43:f2:6d:f3:a3:87:4e:c6:28:96:f1:
6f:5f:eb:90:01:e0:1e:ce:00:2f:40:11:de:71:35:
b2:9a:cf:6c:f6:0e:ef:83:9d:11:5e:50:ba:bd:44:
42:9d:a4:33:44:f1:f1:18:b6:4b:82:79:a9:14:50:
75:25:b2:97:c4:bc:a7:5d:5e:c2:16:61:cf:b6:9e:
27:c6:66:cd:c7:ce:53:c2:eb:e2:f1:6e:fe:71:28:
12:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8F:D4:5F:59:B7:FF:37:B9:02:C3:9F:D6:86:43:7E:85:10:D1:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:94:8b:a8:b3:5a:9c:78:0d:67:7f:ed:e5:92:e9:3a:f8:7f:
f6:e7:14:0e:f5:2e:8f:07:2a:18:94:f6:20:0b:9e:e7:d2:9b:
5e:35:e8:19:81:3b:4a:db:ee:76:21:e5:c2:de:94:05:80:f1:
5b:a4:61:f1:57:90:2b:ed:1b:70:73:0e:5f:37:cc:fd:1d:ee:
de:66:8a:fb:b9:63:dc:02:b3:b5:57:6d:22:3a:53:dd:5b:64:
11:b2:29:65:07:96:a3:d5:f9:38:ad:4c:ae:f6:68:bf:7d:5a:
88:8e:8f:9b:c2:92:46:3d:49:74:30:03:da:48:35:8e:06:89:
00:7c:fc:b3:01:69:7d:1f:30:12:6b:5a:ee:6f:51:94:c3:7f:
34:a8:40:1d:88:87:95:5f:37:b3:c2:e2:dd:d8:d8:5b:68:e4:
9d:74:56:1e:d1:70:b1:d1:64:25:a1:62:df:86:5d:9d:b3:90:
b0:97:28:9f:c7:f6:21:2f:af:92:b8:c5:21:4a:ef:45:09:5e:
d5:d6:a8:8a:ab:c3:42:3d:56:7e:27:92:c9:28:6d:49:b2:d2:
e9:10:0d:ad:b7:29:dd:ff:4b:18:9f:9f:f0:c4:f2:47:06:18:
5b:cb:57:20:fd:db:df:66:db:48:d7:f3:ce:f1:e0:ef:81:3f:
6b:53:90:b9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGvSxIJyhrW8XliFVFjhEV+nrf7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwMTZaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3NmJiYjAxN2JhYTExYTNiOTc3ZGM4YzE3MGYxZjc3YzU2NTgzYzQ5N2Uz
Y2M1MmEyZjVmZDRjM2Y5YTQ1ZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6UOY3+vsx5EHV7vbLlfQ54nNFsOQdaWRkMeVWgaNruPGH4VEsTMdd5TnNM
o6A8qnYCSCQxCYNcr+O2jzflrdeQyhTS80jwl3vZEAfhEY4jf0/uT5Q5n+lIhE73
NkRKpE5kl81MtX4WR+BUZ6Bsv5MGSdUsnfaWn009n47YBBn7ebsAZe3DIVXgnKRC
yC9I0e9UF1sVeOrh8CRKa++VZQQjB4/mfm6yikPybfOjh07GKJbxb1/rkAHgHs4A
L0AR3nE1sprPbPYO74OdEV5Qur1EQp2kM0Tx8Ri2S4J5qRRQdSWyl8S8p11ewhZh
z7aeJ8ZmzcfOU8Lr4vFu/nEoEvkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQsj9Rf
Wbf/N7kCw5/WhkN+hRDRmTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAt5SLqLNanHgNZ3/t5ZLpOvh/9ucUDvUujwcqGJT2
IAue59KbXjXoGYE7StvudiHlwt6UBYDxW6Rh8VeQK+0bcHMOXzfM/R3u3maK+7lj
3AKztVdtIjpT3VtkEbIpZQeWo9X5OK1MrvZov31aiI6Pm8KSRj1JdDAD2kg1jgaJ
AHz8swFpfR8wEmta7m9RlMN/NKhAHYiHlV83s8Li3djYW2jknXRWHtFwsdFkJaFi
34ZdnbOQsJcon8f2IS+vkrjFIUrvRQle1daoiqvDQj1WfieSyShtSbLS6RANrbcp
3f9LGJ+f8MTyRwYYW8tXIP3b32bbSNfzzvHg74E/a1OQuQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:10 2025 by rpki-client