Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: 0t4JosvcyKump5Bh/+qr4kBQC2LFLPNe1/qLha5afr4=
Subject key identifier: 83:40:56:2F:7B:EC:B6:EF:09:1D:10:F0:A2:8E:18:7B:7F:88:53:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D39626251CE3329069F71372B5A8CF92B66FEA6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:39:62:62:51:ce:33:29:06:9f:71:37:2b:5a:8c:f9:2b:66:fe:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=cc1c8b935e269e2d5ee776dfd00ba6b6129b62bd652eabb57affecbc939efd47, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:f6:1e:2c:1b:ba:7d:47:77:4c:b2:2b:74:
86:ce:91:97:04:53:f7:bc:c7:9a:38:16:34:22:45:
38:93:36:aa:f5:9c:33:33:10:db:f3:04:01:3a:82:
ae:9a:83:36:1c:5c:71:1a:f2:c9:52:49:20:24:36:
c6:4c:2e:19:36:a4:f7:fe:51:f8:a3:d2:68:d3:32:
1c:02:0c:b6:6b:96:a1:d2:4c:f8:15:b7:79:39:0d:
89:ef:02:8b:83:8a:b2:03:94:b8:94:29:6a:a9:a9:
f8:c4:52:d0:f9:85:53:f0:85:3d:9e:c9:6e:1e:b8:
f6:1a:9e:a2:8e:ce:72:95:1d:68:8a:80:dc:75:04:
74:8a:df:47:82:86:a9:b1:d3:f7:0e:d7:7f:ee:b9:
cb:91:fa:d6:ee:e5:db:94:5d:4f:40:4f:6d:07:ae:
d5:0f:2e:7c:14:96:fb:68:db:f8:c1:b3:68:20:47:
0d:b0:ca:c9:27:ae:86:75:ee:4e:dd:5e:e9:ba:73:
74:e2:1e:71:67:d1:18:f8:ab:f2:44:c0:3c:9e:a0:
5a:46:95:45:a3:aa:67:21:2d:17:61:71:9b:1a:33:
ee:96:70:f4:ae:67:d5:4c:49:62:7d:bd:c0:77:4c:
67:59:95:5f:54:21:6d:b8:b9:c6:dd:c2:b0:2d:d8:
dc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:40:56:2F:7B:EC:B6:EF:09:1D:10:F0:A2:8E:18:7B:7F:88:53:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:e7:26:bf:a6:9e:69:18:db:f5:53:77:c9:12:40:21:38:9d:
dd:3a:1f:af:d5:4d:ba:ae:ed:2b:c4:0f:bb:5a:5e:b6:4a:ba:
4b:87:a6:0a:24:f3:fa:cf:fb:50:e1:93:f9:fe:f6:cb:be:bd:
17:d5:8f:26:7a:87:31:21:a3:84:ad:72:c7:57:f9:1b:9d:4b:
de:e9:c5:72:f0:18:fa:40:3c:a7:4c:f1:f1:42:af:4a:7d:fd:
8d:57:08:f3:c5:07:ea:38:2e:fe:65:5a:3a:a2:8c:fe:9c:0c:
1e:41:61:c9:6e:4e:1e:d2:f6:b4:88:2e:b3:bf:3f:4e:6c:c2:
b7:fd:c5:75:55:96:f1:bc:09:7e:54:50:48:05:29:89:36:20:
d0:16:98:61:82:55:de:75:18:63:11:14:da:42:14:93:15:6c:
97:f8:15:9b:91:15:77:2f:65:5c:a4:30:2b:17:8f:73:06:be:
ff:71:d7:14:5c:db:dd:aa:ba:be:02:da:7b:2b:53:41:c8:c5:
42:42:94:88:35:be:4e:62:83:5e:8a:c6:11:a8:ba:22:17:d1:
37:c6:e1:5b:9a:46:4c:f1:f9:d2:16:ae:f5:78:7a:ff:bf:f8:
e0:19:7c:90:f2:e3:9e:fc:21:d2:7a:cd:41:a3:5c:3e:51:78:
3b:02:d9:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXTliYlHOMykGn3E3K1qM+Stm/qYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMWM4YjkzNWUyNjllMmQ1ZWU3NzZkZmQwMGJhNmI2MTI5YjYyYmQ2NTJl
YWJiNTdhZmZlY2JjOTM5ZWZkNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtT9h4sG7p9R3dMsit0hs6RlwRT97zHmjgWNCJFOJM2qvWcMzMQ2/MEATqC
rpqDNhxccRryyVJJICQ2xkwuGTak9/5R+KPSaNMyHAIMtmuWodJM+BW3eTkNie8C
i4OKsgOUuJQpaqmp+MRS0PmFU/CFPZ7Jbh649hqeoo7OcpUdaIqA3HUEdIrfR4KG
qbHT9w7Xf+65y5H61u7l25RdT0BPbQeu1Q8ufBSW+2jb+MGzaCBHDbDKySeuhnXu
Tt1e6bpzdOIecWfRGPir8kTAPJ6gWkaVRaOqZyEtF2Fxmxoz7pZw9K5n1UxJYn29
wHdMZ1mVX1Qhbbi5xt3CsC3Y3CMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDQFYv
e+y27wkdEPCijhh7f4hTUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQCW5ya/pp5pGNv1U3fJEkAhOJ3dOh+v1U26ru0rxA+7
Wl62SrpLh6YKJPP6z/tQ4ZP5/vbLvr0X1Y8meocxIaOErXLHV/kbnUve6cVy8Bj6
QDynTPHxQq9Kff2NVwjzxQfqOC7+ZVo6ooz+nAweQWHJbk4e0va0iC6zvz9ObMK3
/cV1VZbxvAl+VFBIBSmJNiDQFphhglXedRhjERTaQhSTFWyX+BWbkRV3L2VcpDAr
F49zBr7/cdcUXNvdqrq+Atp7K1NByMVCQpSINb5OYoNeisYRqLoiF9E3xuFbmkZM
8fnSFq71eHr/v/jgGXyQ8uOe/CHSes1Bo1w+UXg7AtkY
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:17:24 2025 by rpki-client