Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: H8F8pu8q8lEeKu/15D9/PHpmQZmkOH5wOPBi1jnJKa8=
Subject key identifier: 41:74:D5:0B:DF:92:2E:73:06:8C:52:C1:78:96:0C:F8:5F:5A:4F:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 03D3669A8D29B198ABBDBF7E5C0CED54F5F8E82F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:d3:66:9a:8d:29:b1:98:ab:bd:bf:7e:5c:0c:ed:54:f5:f8:e8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=19b95c8593ce17dfcbe904ccd3ed497cfa3d1864f2ddace7a08573b6fff2d0ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0d:43:9f:2c:00:ad:ec:a1:66:c8:20:5d:3b:
35:ec:c5:c8:7c:8b:67:68:d6:30:75:01:06:21:a4:
26:1e:4e:2b:77:e2:4e:87:8d:b6:8f:fa:bc:d9:8c:
ff:2f:d2:fb:bf:ec:0a:bc:54:63:a8:ec:6a:6e:77:
b9:d8:98:27:57:02:22:8e:b9:60:9f:73:89:dc:3f:
4f:17:02:ae:45:c8:5f:93:d3:0f:60:d3:c6:96:c6:
ed:d8:7a:c2:3f:69:ea:db:18:57:36:88:ec:3a:02:
c8:d0:2a:3d:c4:b0:93:1b:a8:46:06:a3:18:71:6a:
64:eb:f9:8a:30:c3:1d:b8:1b:88:31:90:ea:68:c7:
c3:12:af:a6:95:10:9b:87:40:8b:b9:38:87:72:b0:
26:9e:ca:61:23:89:a8:b6:43:57:51:e1:84:47:80:
e7:15:cb:ee:63:f7:76:0b:80:d6:13:58:08:57:0f:
82:bf:80:b2:8d:b9:65:b9:86:62:8e:50:80:76:72:
d1:26:b4:12:7b:f4:bb:fc:16:c9:27:73:1b:a2:d0:
03:8d:d8:08:e1:8a:a9:9a:04:1d:26:7c:44:4a:6d:
16:46:fa:08:cb:6e:42:ac:63:df:0d:fb:14:9b:9a:
45:34:f8:aa:9e:c4:3c:f7:bb:49:85:b3:f7:32:f5:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:74:D5:0B:DF:92:2E:73:06:8C:52:C1:78:96:0C:F8:5F:5A:4F:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:6f:ca:83:b1:7b:5d:6d:7b:ce:dd:d1:1b:1b:20:5e:2a:ef:
c0:03:71:67:f7:5e:8b:c2:20:b2:0a:77:b4:d8:03:6c:aa:34:
aa:02:22:42:9e:bc:84:f0:9b:f4:f9:78:6b:18:82:8a:bf:33:
2e:1b:9a:02:f6:a1:90:81:b0:4a:ce:b3:b1:17:6d:ba:16:71:
a4:a0:b8:82:81:a1:c9:98:c5:74:05:14:66:71:06:ea:a8:85:
3a:c2:e8:e5:c6:82:ab:40:5d:99:aa:5c:b4:31:f7:58:7f:b3:
1d:30:23:6c:75:18:19:ef:3b:21:d2:f4:39:97:ec:7b:75:bd:
93:b4:eb:09:19:3e:34:8f:13:9e:99:03:e5:0a:1f:68:a5:58:
b3:3c:79:0d:d3:40:f7:3b:3e:63:42:59:ea:39:20:13:e1:51:
72:d8:7c:fa:a0:3a:6b:1e:2b:3a:76:3b:72:a0:52:69:04:e3:
e9:4c:7e:64:da:da:f4:b4:a5:88:f9:54:c8:31:b4:59:46:43:
4b:c7:50:f5:ed:05:44:e0:1c:ed:85:7c:de:dc:21:4d:90:5f:
6f:49:33:e2:9a:1e:a3:f8:d7:d0:a7:23:fe:fe:f4:11:1c:0f:
2b:f4:5a:c7:14:a2:5b:91:49:bc:11:f1:df:c3:e8:91:96:fe:
eb:ed:d3:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA9Nmmo0psZirvb9+XAztVPX46C8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5Yjk1Yzg1OTNjZTE3ZGZjYmU5MDRjY2QzZWQ0OTdjZmEzZDE4NjRmMmRk
YWNlN2EwODU3M2I2ZmZmMmQwYWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8NQ58sAK3soWbIIF07NezFyHyLZ2jWMHUBBiGkJh5OK3fiToeNto/6vNmM
/y/S+7/sCrxUY6jsam53udiYJ1cCIo65YJ9zidw/TxcCrkXIX5PTD2DTxpbG7dh6
wj9p6tsYVzaI7DoCyNAqPcSwkxuoRgajGHFqZOv5ijDDHbgbiDGQ6mjHwxKvppUQ
m4dAi7k4h3KwJp7KYSOJqLZDV1HhhEeA5xXL7mP3dguA1hNYCFcPgr+Aso25ZbmG
Yo5QgHZy0Sa0Env0u/wWySdzG6LQA43YCOGKqZoEHSZ8REptFkb6CMtuQqxj3w37
FJuaRTT4qp7EPPe7SYWz9zL1OxkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRBdNUL
35IucwaMUsF4lgz4X1pPcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQCAb8qDsXtdbXvO3dEbGyBeKu/AA3Fn916LwiCyCne0
2ANsqjSqAiJCnryE8Jv0+XhrGIKKvzMuG5oC9qGQgbBKzrOxF226FnGkoLiCgaHJ
mMV0BRRmcQbqqIU6wujlxoKrQF2Zqly0MfdYf7MdMCNsdRgZ7zsh0vQ5l+x7db2T
tOsJGT40jxOemQPlCh9opVizPHkN00D3Oz5jQlnqOSAT4VFy2Hz6oDprHis6djty
oFJpBOPpTH5k2tr0tKWI+VTIMbRZRkNLx1D17QVE4BzthXze3CFNkF9vSTPimh6j
+NfQpyP+/vQRHA8r9FrHFKJbkUm8EfHfw+iRlv7r7dPd
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:25:20 2025 by rpki-client