Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: f0LD49dvlRi8POIVu/lHoGWJIC7NersIHnxnmMITDho=
Subject key identifier: 6C:06:B0:C7:DD:CB:E0:71:95:99:FF:F3:19:0C:C0:A3:A2:25:FA:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B4E047A74F851DCC78EA6F15D8B350F84BD6953
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:4e:04:7a:74:f8:51:dc:c7:8e:a6:f1:5d:8b:35:0f:84:bd:69:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5164f0d28ed1f2faaa3671a085acc3f6b30bd94084356bc7792afdef88bbe98b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:02:a3:28:12:a4:f0:a7:cb:99:d3:43:99:f6:
68:1a:73:21:a6:e3:74:cf:8a:23:63:8e:ca:c3:22:
e5:1a:7d:04:1c:95:83:c5:82:21:97:54:ed:f6:04:
b9:a4:19:b2:11:b4:12:e7:62:74:77:1a:e2:77:3c:
35:9e:ca:a8:d8:44:95:1e:3d:ab:bb:ce:e2:5f:d4:
01:6e:8d:3d:0c:59:4e:d5:01:ec:29:bb:58:00:83:
0d:ba:a0:50:f8:7e:05:e2:47:31:5b:85:0f:36:c9:
c2:2f:fd:0c:16:d8:c2:2e:ed:47:89:f0:d0:f3:df:
61:79:4a:d5:8c:c2:dd:d0:5c:b0:eb:66:22:9b:36:
75:8a:db:3d:05:c3:e2:93:5f:41:17:05:2e:26:19:
9e:9c:e7:45:c7:b8:10:64:6c:31:8a:11:6b:78:62:
25:da:dc:f9:a6:92:98:46:2f:65:f5:3c:49:c5:70:
9e:89:9d:87:db:05:b5:c0:01:6d:13:0e:81:30:64:
71:45:58:70:e2:c0:0e:aa:7c:36:ac:5b:83:80:14:
b5:f7:f5:cc:a9:e8:b1:e7:6d:02:07:09:27:cd:2f:
01:d5:45:54:bd:b5:f0:4b:ce:57:4a:d0:38:fc:74:
ce:14:75:31:67:77:31:86:e4:40:ff:67:f0:b2:0d:
fe:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:06:B0:C7:DD:CB:E0:71:95:99:FF:F3:19:0C:C0:A3:A2:25:FA:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:cd:88:35:4f:da:13:73:6b:fe:db:6b:e1:02:27:a0:4c:33:
ee:1e:50:4d:c8:f1:f5:9b:ff:58:33:fe:45:da:fb:00:54:5f:
c5:af:0e:0a:61:9b:50:fb:4f:2a:cf:5e:93:e3:fb:96:ec:80:
89:05:b0:95:12:91:83:ac:a4:0e:75:b7:4b:0e:e9:bb:96:71:
f3:4e:b5:dd:e6:a0:70:7d:cb:97:ce:ef:a7:44:52:0e:a2:df:
b7:c9:98:8f:05:3f:99:89:a6:01:6c:66:00:85:8b:9b:1f:3b:
1f:35:a0:dd:a7:b5:b5:43:e9:24:bc:85:85:23:af:df:c3:cf:
8f:79:11:1e:91:5c:7d:91:19:54:2a:3b:8d:ad:43:23:02:b5:
9f:9c:e2:f1:b5:cd:1b:ae:35:1f:53:39:7e:78:56:82:19:70:
09:a5:82:bd:1b:f6:02:84:70:2f:af:ba:ca:56:60:34:a8:74:
96:52:25:71:5f:96:07:f7:10:e7:d7:7a:f5:ff:1e:21:78:9a:
e8:99:75:a1:9d:b5:37:60:45:70:aa:9f:17:57:1f:f8:1d:0d:
f5:d7:4f:3c:fa:96:2f:a0:04:f3:cc:fc:42:fe:59:5a:68:fa:
99:6a:4f:25:52:79:a9:a4:03:c0:a3:3b:ee:77:f6:a9:87:ae:
cb:37:e2:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS04EenT4UdzHjqbxXYs1D4S9aVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNjRmMGQyOGVkMWYyZmFhYTM2NzFhMDg1YWNjM2Y2YjMwYmQ5NDA4NDM1
NmJjNzc5MmFmZGVmODhiYmU5OGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0CoygSpPCny5nTQ5n2aBpzIabjdM+KI2OOysMi5Rp9BByVg8WCIZdU7fYE
uaQZshG0EudidHca4nc8NZ7KqNhElR49q7vO4l/UAW6NPQxZTtUB7Cm7WACDDbqg
UPh+BeJHMVuFDzbJwi/9DBbYwi7tR4nw0PPfYXlK1YzC3dBcsOtmIps2dYrbPQXD
4pNfQRcFLiYZnpznRce4EGRsMYoRa3hiJdrc+aaSmEYvZfU8ScVwnomdh9sFtcAB
bRMOgTBkcUVYcOLADqp8Nqxbg4AUtff1zKnosedtAgcJJ80vAdVFVL218EvOV0rQ
OPx0zhR1MWd3MYbkQP9n8LIN/mECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsBrDH
3cvgcZWZ//MZDMCjoiX6YDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCizYg1T9oTc2v+22vhAiegTDPuHlBNyPH1m/9YM/5F
2vsAVF/Frw4KYZtQ+08qz16T4/uW7ICJBbCVEpGDrKQOdbdLDum7lnHzTrXd5qBw
fcuXzu+nRFIOot+3yZiPBT+ZiaYBbGYAhYubHzsfNaDdp7W1Q+kkvIWFI6/fw8+P
eREekVx9kRlUKjuNrUMjArWfnOLxtc0brjUfUzl+eFaCGXAJpYK9G/YChHAvr7rK
VmA0qHSWUiVxX5YH9xDn13r1/x4heJromXWhnbU3YEVwqp8XVx/4HQ311088+pYv
oATzzPxC/llaaPqZak8lUnmppAPAozvud/aph67LN+IV
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:58 2025 by rpki-client