Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: dGRuNnqmvCAZ9OpJTD3F82Iu5OqGo65txCVK7AcWK7Y=
Subject key identifier: F5:F4:6E:27:C7:57:CC:D3:23:96:D7:E5:DE:89:CA:8E:F8:35:44:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41BD2BF3A4F8F1D43832D2F56321467C196029A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:bd:2b:f3:a4:f8:f1:d4:38:32:d2:f5:63:21:46:7c:19:60:29:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=316e06e6be64a28e1f5ad471a88a420c1bcc6537b2121dc567a5a0face8db19d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:2e:00:46:12:4d:3e:31:b9:c6:8b:4e:f4:
97:e3:01:85:b3:90:3c:d7:f3:e2:93:66:69:76:74:
d1:ee:84:29:9a:8a:e3:97:47:f7:23:2a:4b:61:d8:
88:f6:d1:ef:6d:99:fe:32:46:ea:41:81:62:6a:cf:
e4:9c:82:39:bb:93:ca:a1:57:58:84:a1:ad:11:6c:
e2:ef:ea:3d:31:81:ae:a1:c3:bf:36:72:d4:74:ee:
1b:b0:d6:43:fb:be:9f:ad:51:cd:b1:bf:3f:8e:e2:
ac:b3:db:ed:4c:4a:7e:7f:f7:f5:f6:6e:34:a5:e8:
51:74:2b:e5:bd:a7:e0:93:37:14:02:3c:ca:68:58:
f7:d2:cc:f5:bc:f8:17:0f:c6:ca:45:20:10:dc:0b:
74:b1:92:81:7b:92:c3:9d:39:0f:bf:a6:15:48:6c:
3b:a9:8c:af:8b:08:d1:92:d1:69:f0:3d:7b:07:c3:
5c:83:b9:4a:1e:23:6f:2b:d5:88:af:bc:3c:58:aa:
a3:44:01:85:32:38:48:06:e9:dd:0c:81:66:cc:53:
b2:0e:ea:e5:00:e2:da:81:d4:3a:05:e2:62:f5:3d:
09:96:8f:68:88:14:0c:1e:b2:fb:1f:19:88:69:ea:
9f:48:5e:95:d9:94:92:c1:e5:95:65:a3:b7:47:6e:
99:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F4:6E:27:C7:57:CC:D3:23:96:D7:E5:DE:89:CA:8E:F8:35:44:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:2a:87:10:81:a7:d4:c6:ab:9a:e4:20:ee:99:bb:d1:d0:4f:
34:fa:6d:1d:cc:d9:b7:85:71:25:d1:5e:60:1f:c1:81:30:80:
e0:c9:bf:dc:2a:5a:1c:9f:b6:d2:38:6c:da:50:74:64:7f:90:
96:cd:2c:5c:8f:1c:ff:b0:22:28:78:3e:81:3e:99:43:d7:67:
8d:5a:e2:c9:8d:dc:a0:04:4f:25:df:54:9b:43:a1:ac:36:8d:
cc:41:39:9e:e9:cd:8e:92:75:32:fb:27:bb:07:f7:f6:15:bb:
b7:5e:99:f3:50:ff:e5:1a:6b:3b:fa:9e:ce:fe:29:2f:01:15:
49:06:80:58:11:a3:f4:b5:3e:cd:06:f6:7b:e8:5d:ee:1f:a7:
e7:93:85:6b:52:79:ee:59:4c:8f:2e:73:46:63:6f:9e:d8:f1:
19:87:ed:24:2c:78:08:2f:b5:63:2c:bc:38:44:7e:e2:fb:49:
30:3e:2e:a9:e4:0d:9f:23:7b:28:f7:fd:14:cf:7b:95:e9:3c:
23:38:f4:38:bb:d9:59:47:93:9a:8d:97:da:4a:d3:ee:54:fa:
d1:48:44:0e:e6:f7:c3:5b:77:db:8d:ba:aa:88:f0:11:10:01:
e4:ce:00:0b:61:62:eb:fd:42:c3:59:95:23:f1:98:c5:1a:1e:
12:c7:90:b5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQb0r86T48dQ4MtL1YyFGfBlgKaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxNmUwNmU2YmU2NGEyOGUxZjVhZDQ3MWE4OGE0MjBjMWJjYzY1MzdiMjEy
MWRjNTY3YTVhMGZhY2U4ZGIxOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzHLgBGEk0+MbnGi070l+MBhbOQPNfz4pNmaXZ00e6EKZqK45dH9yMqS2HY
iPbR722Z/jJG6kGBYmrP5JyCObuTyqFXWIShrRFs4u/qPTGBrqHDvzZy1HTuG7DW
Q/u+n61RzbG/P47irLPb7UxKfn/39fZuNKXoUXQr5b2n4JM3FAI8ymhY99LM9bz4
Fw/GykUgENwLdLGSgXuSw505D7+mFUhsO6mMr4sI0ZLRafA9ewfDXIO5Sh4jbyvV
iK+8PFiqo0QBhTI4SAbp3QyBZsxTsg7q5QDi2oHUOgXiYvU9CZaPaIgUDB6y+x8Z
iGnqn0heldmUksHllWWjt0dumUcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT19G4n
x1fM0yOW1+XeicqO+DVE+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAjKocQgafUxqua5CDumbvR0E80+m0dzNm3hXEl0V5g
H8GBMIDgyb/cKlocn7bSOGzaUHRkf5CWzSxcjxz/sCIoeD6BPplD12eNWuLJjdyg
BE8l31SbQ6GsNo3MQTme6c2OknUy+ye7B/f2Fbu3XpnzUP/lGms7+p7O/ikvARVJ
BoBYEaP0tT7NBvZ76F3uH6fnk4VrUnnuWUyPLnNGY2+e2PEZh+0kLHgIL7VjLLw4
RH7i+0kwPi6p5A2fI3so9/0Uz3uV6TwjOPQ4u9lZR5OajZfaStPuVPrRSEQO5vfD
W3fbjbqqiPAREAHkzgALYWLr/ULDWZUj8ZjFGh4Sx5C1
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:25:20 2025 by rpki-client