Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: aJga8gh3RipWHdMJbgC4ajmacPe6Btf1aXpL7yAnjcE=
Subject key identifier: 3A:1B:2B:3B:5B:0B:16:BB:16:D8:2E:16:58:17:AC:14:73:2B:A4:16
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 550119A6E7AE507B26775FD4E20256CCF9EEF37A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:01:19:a6:e7:ae:50:7b:26:77:5f:d4:e2:02:56:cc:f9:ee:f3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=e1a6994625b352a32917822c7d4d1c1d2f4960513e011c63299602bc4d3ea14b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:50:e6:cc:99:0b:53:18:e8:60:b5:31:30:cf:
47:ac:8a:b7:e2:7d:a2:a0:69:b1:ad:8d:a1:b9:86:
1a:83:23:9b:64:fb:51:7e:10:72:8f:1a:64:0f:36:
af:57:84:e1:0a:10:05:f8:b3:39:25:a1:91:80:28:
1a:25:8c:34:d4:00:ff:91:29:96:2f:37:60:00:f5:
0d:10:df:63:74:ad:f1:53:8b:d7:17:70:67:42:72:
94:50:3a:fd:9f:01:2b:45:32:dc:d6:62:0c:ac:a2:
fe:ee:cc:6b:c9:69:5b:bb:a3:6c:10:16:43:ef:42:
e4:d2:98:bd:fb:25:ee:4c:52:c1:f5:26:66:5f:45:
eb:56:a7:6c:f9:cd:72:7c:7c:67:8e:0b:30:cf:38:
78:50:6f:dc:09:0e:e3:a1:ef:93:1b:54:81:78:68:
53:6e:bb:23:ef:c8:cc:55:b1:00:c4:fd:65:86:24:
8b:63:9d:22:ac:d2:4d:b4:d0:24:75:07:5e:46:b9:
78:4e:56:4e:a2:36:58:51:92:4a:48:68:b6:ab:53:
95:fe:3b:15:fa:40:bc:5e:f0:05:43:4b:f1:33:66:
22:1a:49:d8:fb:7b:48:56:1d:f2:9f:c4:ec:1d:a7:
00:7e:1b:ed:ff:d4:1d:7d:6c:84:d0:26:e3:61:37:
3c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1B:2B:3B:5B:0B:16:BB:16:D8:2E:16:58:17:AC:14:73:2B:A4:16
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5b:88:4d:3c:07:c2:63:d6:62:f6:18:b6:6a:cb:8a:84:27:57:
a3:85:9f:0f:1f:e7:e1:03:e0:dc:d7:14:9f:47:66:45:80:a3:
7c:99:5a:cc:13:a7:4f:14:ad:87:7c:a8:62:51:9b:bc:13:db:
af:a1:31:05:33:81:bd:11:31:39:03:51:be:9f:eb:48:aa:04:
47:42:0d:05:6b:fe:96:10:6b:b4:05:c7:3f:55:62:2e:18:02:
a5:fc:4c:c7:80:6a:3a:4c:6c:e3:bd:25:b6:ca:23:c9:62:61:
e6:ba:9e:b9:c2:62:fc:9d:bf:de:b6:f4:d9:8c:69:71:c1:75:
67:1f:f1:01:39:81:a3:1f:32:fd:75:59:0d:9e:7a:0c:c4:26:
55:f3:a4:2c:d1:e7:8e:b1:65:aa:14:a6:c7:b0:25:09:b5:1c:
c9:da:d7:03:bf:a5:92:f9:0f:88:1d:4c:1c:72:8a:59:1b:5f:
a3:d8:43:37:9e:9b:f5:e1:b3:cd:e8:f8:56:c9:07:ba:f2:81:
58:2d:00:55:14:78:76:55:ad:3b:59:ee:6a:84:36:04:c3:3a:
c0:78:f4:e0:cc:85:ad:9f:2e:3a:8f:d5:9c:50:c6:f8:2a:f3:
26:cc:0e:79:1a:7a:16:58:ff:bc:c3:53:a2:3f:d8:90:69:a0:
6d:6c:27:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVQEZpueuUHsmd1/U4gJWzPnu83owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYTY5OTQ2MjViMzUyYTMyOTE3ODIyYzdkNGQxYzFkMmY0OTYwNTEzZTAx
MWM2MzI5OTYwMmJjNGQzZWExNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9Q5syZC1MY6GC1MTDPR6yKt+J9oqBpsa2NobmGGoMjm2T7UX4Qco8aZA82
r1eE4QoQBfizOSWhkYAoGiWMNNQA/5Epli83YAD1DRDfY3St8VOL1xdwZ0JylFA6
/Z8BK0Uy3NZiDKyi/u7Ma8lpW7ujbBAWQ+9C5NKYvfsl7kxSwfUmZl9F61anbPnN
cnx8Z44LMM84eFBv3AkO46HvkxtUgXhoU267I+/IzFWxAMT9ZYYki2OdIqzSTbTQ
JHUHXka5eE5WTqI2WFGSSkhotqtTlf47FfpAvF7wBUNL8TNmIhpJ2Pt7SFYd8p/E
7B2nAH4b7f/UHX1shNAm42E3PEkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6Gys7
WwsWuxbYLhZYF6wUcyukFjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBbiE08B8Jj1mL2GLZqy4qEJ1ejhZ8PH+fhA+Dc1xSf
R2ZFgKN8mVrME6dPFK2HfKhiUZu8E9uvoTEFM4G9ETE5A1G+n+tIqgRHQg0Fa/6W
EGu0Bcc/VWIuGAKl/EzHgGo6TGzjvSW2yiPJYmHmup65wmL8nb/etvTZjGlxwXVn
H/EBOYGjHzL9dVkNnnoMxCZV86Qs0eeOsWWqFKbHsCUJtRzJ2tcDv6WS+Q+IHUwc
copZG1+j2EM3npv14bPN6PhWyQe68oFYLQBVFHh2Va07We5qhDYEwzrAePTgzIWt
ny46j9WcUMb4KvMmzA55GnoWWP+8w1OiP9iQaaBtbCei
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:41 2025 by rpki-client