Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: RsLIabjIzYD5B1F2p0XGyDm3uf0bAhXnk9ejIpEfGa4=
Subject key identifier: 40:76:A4:B6:EE:9B:5B:64:B7:AD:12:DA:41:C9:0E:C4:16:B9:94:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A82176DA00955D7511F4FD1050456984411EE98
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Wed 05 Mar 2025 17:50:10 +0000
ROA not before: Wed 05 Mar 2025 17:50:10 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:82:17:6d:a0:09:55:d7:51:1f:4f:d1:05:04:56:98:44:11:ee:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 17:50:10 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:18:7a:18:50:08:88:5b:18:9a:df:2c:8b:
d1:e2:41:60:01:e6:3e:e1:65:b6:5e:ce:ac:12:53:
5c:5b:75:03:74:57:6a:58:6a:da:c5:aa:09:0a:d0:
44:1a:7c:d1:de:5f:05:55:4d:b5:48:03:56:6c:6a:
41:50:b4:f5:7e:7c:0c:5e:8c:f7:a8:47:23:ae:28:
3f:cc:1a:3b:e0:f4:ee:ee:f4:22:95:70:1b:76:4e:
82:c0:cf:37:ce:ae:96:9d:53:c2:95:8f:a4:ba:3a:
7b:c1:bc:62:d0:c7:aa:ee:0a:a9:6a:78:24:14:74:
24:00:61:30:84:72:a4:0a:03:2a:81:6e:c3:89:d9:
cf:c3:22:9b:75:34:c3:58:02:5b:79:b0:5f:6f:a2:
e3:db:07:7d:d8:9f:df:ba:a6:7a:0c:0b:f2:ab:01:
e8:9f:52:2d:5f:7e:90:c4:5e:be:1f:dd:a0:7b:d8:
3d:eb:6f:f2:34:71:17:c9:e1:2d:eb:56:8e:f9:dc:
25:9a:fc:ed:30:15:f0:55:9c:e3:6c:af:c4:0f:2b:
0b:f9:63:5b:c3:41:fa:ae:29:8d:1b:80:42:69:ad:
93:a7:cd:fe:20:9a:b9:65:5b:51:2d:50:ec:ac:73:
45:95:90:f7:a9:29:1a:35:11:b8:08:52:49:ad:47:
d7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:76:A4:B6:EE:9B:5B:64:B7:AD:12:DA:41:C9:0E:C4:16:B9:94:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:cc:05:14:d5:7d:39:7a:b7:dc:6c:ee:29:9f:01:60:e0:c2:
55:74:0c:31:a0:d0:ae:6a:02:f0:f1:66:2d:cd:d6:88:4f:25:
ab:f0:05:18:be:1e:a9:83:1d:6a:da:37:ad:47:55:58:e9:fc:
68:b6:55:07:4d:05:ae:f9:a4:00:47:13:ad:cd:fa:cd:c6:33:
90:4d:24:4c:45:51:86:58:58:94:8a:a9:3f:e0:ac:72:a4:9e:
6f:f1:86:12:9a:09:9e:12:f3:bb:98:41:b2:9e:9d:f6:ea:37:
9f:0d:7a:82:34:65:aa:90:40:f5:8a:01:4c:fc:05:53:77:b9:
9b:90:cf:8d:e5:56:6f:3d:f6:f6:0a:d5:c9:6f:ea:dd:a6:16:
9d:51:08:99:8b:03:aa:9e:84:a0:fd:bc:a4:9a:94:25:93:57:
eb:d1:b0:b8:f8:3c:e4:ed:4b:5f:c0:f4:33:76:0a:67:89:97:
2c:55:39:32:a4:45:5c:d1:f7:b4:43:89:69:a8:fd:af:be:49:
46:ab:f3:cc:e5:bd:cf:e5:07:36:9e:59:89:61:c2:c3:79:e9:
ef:dc:58:56:b7:ac:d4:f4:86:b8:b8:f5:32:3b:70:74:98:dd:
27:e3:d7:0f:23:fc:c1:cb:3b:56:fc:22:bc:65:92:1d:e2:18:
3c:c9:87:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGoIXbaAJVddRH0/RBQRWmEQR7pgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDUxNzUwMTBaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MTBhNGUyZjYzYzFlOWIwNGMzZWRmY2RhYWIwYTVlNDk4MzIyZmM0ZmI1
MGQ1ODFiY2Y2MjYxODZkNmQ2MjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6pGHoYUAiIWxia3yyL0eJBYAHmPuFltl7OrBJTXFt1A3RXalhq2sWqCQrQ
RBp80d5fBVVNtUgDVmxqQVC09X58DF6M96hHI64oP8waO+D07u70IpVwG3ZOgsDP
N86ulp1TwpWPpLo6e8G8YtDHqu4KqWp4JBR0JABhMIRypAoDKoFuw4nZz8Mim3U0
w1gCW3mwX2+i49sHfdif37qmegwL8qsB6J9SLV9+kMRevh/doHvYPetv8jRxF8nh
LetWjvncJZr87TAV8FWc42yvxA8rC/ljW8NB+q4pjRuAQmmtk6fN/iCauWVbUS1Q
7KxzRZWQ96kpGjURuAhSSa1H19kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRAdqS2
7ptbZLetEtpByQ7EFrmUnzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQAlzAUU1X05erfcbO4pnwFg4MJVdAwxoNCuagLw8WYt
zdaITyWr8AUYvh6pgx1q2jetR1VY6fxotlUHTQWu+aQARxOtzfrNxjOQTSRMRVGG
WFiUiqk/4KxypJ5v8YYSmgmeEvO7mEGynp326jefDXqCNGWqkED1igFM/AVTd7mb
kM+N5VZvPfb2CtXJb+rdphadUQiZiwOqnoSg/bykmpQlk1fr0bC4+Dzk7UtfwPQz
dgpniZcsVTkypEVc0fe0Q4lpqP2vvklGq/PM5b3P5Qc2nlmJYcLDeenv3FhWt6zU
9Ia4uPUyO3B0mN0n49cPI/zByztW/CK8ZZId4hg8yYfF
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:00:24 2025 by rpki-client