Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
File: 60c12693-1526-46ae-aa45-d5276a0c0f79.roa (raw, json)
Hash identifier: pkprMpYyacQ6ismZBzCBk0UK+53+MK4zWYR8fiP7zaE=
Subject key identifier: 5E:91:0D:0D:A0:1E:52:CC:DF:8F:F3:F6:83:95:B7:92:82:53:AE:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1675A6ED9CD0F4020503589E02FDFA23484AF00D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:75:a6:ed:9c:d0:f4:02:05:03:58:9e:02:fd:fa:23:48:4a:f0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=ba117e4c02d5e72840852038633e0c501ee74f28ebce3a64e6e902bede9f8943, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:59:29:7c:0d:c0:a4:a5:4e:a4:78:b1:6b:70:
da:f1:03:e3:46:5b:14:9d:3c:d1:3a:09:67:f1:63:
84:79:05:bc:21:77:8f:bb:21:d8:f7:4d:48:29:69:
6d:a3:48:29:42:13:c7:00:82:39:cd:50:ce:61:7a:
06:3d:07:e2:8d:7d:9c:a1:8a:b0:c3:d2:e1:1f:70:
73:b5:d6:4f:64:b5:d0:46:99:aa:d1:c4:ba:eb:7d:
f0:20:92:1c:95:38:b7:3f:2c:9a:c2:a3:d1:e0:38:
ee:92:3b:5b:99:b2:94:b9:09:c7:9d:a2:90:d8:25:
9e:b8:75:91:2a:01:9e:e5:5f:c6:ba:b4:2d:b6:d8:
1f:04:5e:a2:d0:2a:73:38:4c:41:4b:c4:70:f1:ba:
53:c0:b6:af:65:58:f9:86:ba:5c:77:5c:09:ae:00:
a5:ee:2a:55:c0:e9:9c:d1:b8:f7:66:5b:b6:75:7f:
92:10:d7:fb:2d:61:15:96:cd:3f:14:44:6b:01:44:
01:a8:3f:e2:ec:45:59:a0:c0:2d:6f:fd:d1:b6:02:
d1:20:69:d1:50:da:e3:a1:97:5f:89:c2:4e:d3:b0:
65:80:75:01:9a:0b:85:0f:9b:fd:5b:67:6a:e4:7b:
66:78:4e:1e:aa:eb:24:66:e0:8f:b2:cd:09:ac:48:
f8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:91:0D:0D:A0:1E:52:CC:DF:8F:F3:F6:83:95:B7:92:82:53:AE:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c12693-1526-46ae-aa45-d5276a0c0f79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bb:e9:6d:74:75:83:08:06:c1:95:e8:8b:8d:f2:8d:c4:72:28:
dd:f0:21:09:bf:df:8e:ee:09:67:47:c9:ac:58:ec:29:2f:b8:
75:3a:94:ea:ca:2b:3e:0f:9e:86:b9:ab:a8:82:67:c6:2f:76:
e3:f4:6d:67:0e:e8:a7:b3:d5:dc:12:ed:73:1b:67:b8:ab:23:
f6:d4:5c:67:4e:c5:d1:88:4f:90:b1:87:a0:2e:ad:23:42:a6:
e6:fb:78:a1:21:7e:ac:6d:0f:6b:32:53:78:36:9e:83:9b:07:
a3:2f:42:4c:15:29:64:06:f4:f5:f2:a0:a2:63:17:53:1b:f9:
1f:6a:0e:32:dc:e1:72:5b:32:67:7e:9b:99:e8:a8:8e:ca:0c:
5a:e4:f3:6c:94:66:bb:6e:f5:3b:13:f9:81:39:48:43:95:20:
39:cb:a8:12:54:2a:a6:a4:97:f9:a9:8f:03:62:5b:58:29:3b:
84:d1:82:27:0c:67:ca:19:bd:41:92:d1:68:cd:ea:08:a4:fd:
2f:51:f6:e9:db:26:0e:68:8e:bf:3a:8b:e5:a0:f4:12:51:1b:
3c:ce:cf:60:9d:05:cb:a1:6c:86:57:37:0b:7f:a2:d0:81:ee:
1b:1e:56:ca:d2:ac:ba:8c:43:fe:1f:33:7d:fb:48:76:90:5f:
7e:92:9c:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFnWm7ZzQ9AIFA1ieAv36I0hK8A0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhMTE3ZTRjMDJkNWU3Mjg0MDg1MjAzODYzM2UwYzUwMWVlNzRmMjhlYmNl
M2E2NGU2ZTkwMmJlZGU5Zjg5NDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZZKXwNwKSlTqR4sWtw2vED40ZbFJ080ToJZ/FjhHkFvCF3j7sh2PdNSClp
baNIKUITxwCCOc1QzmF6Bj0H4o19nKGKsMPS4R9wc7XWT2S10EaZqtHEuut98CCS
HJU4tz8smsKj0eA47pI7W5mylLkJx52ikNglnrh1kSoBnuVfxrq0LbbYHwReotAq
czhMQUvEcPG6U8C2r2VY+Ya6XHdcCa4Ape4qVcDpnNG492ZbtnV/khDX+y1hFZbN
PxREawFEAag/4uxFWaDALW/90bYC0SBp0VDa46GXX4nCTtOwZYB1AZoLhQ+b/Vtn
auR7ZnhOHqrrJGbgj7LNCaxI+BsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRekQ0N
oB5SzN+P8/aDlbeSglOu+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjMTI2OTMtMTUyNi00NmFlLWFhNDUtZDUyNzZhMGMwZjc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQC76W10dYMIBsGV6IuN8o3Ecijd8CEJv9+O7glnR8ms
WOwpL7h1OpTqyis+D56GuauogmfGL3bj9G1nDuins9XcEu1zG2e4qyP21FxnTsXR
iE+QsYegLq0jQqbm+3ihIX6sbQ9rMlN4Np6DmwejL0JMFSlkBvT18qCiYxdTG/kf
ag4y3OFyWzJnfpuZ6KiOygxa5PNslGa7bvU7E/mBOUhDlSA5y6gSVCqmpJf5qY8D
YltYKTuE0YInDGfKGb1BktFozeoIpP0vUfbp2yYOaI6/OovloPQSURs8zs9gnQXL
oWyGVzcLf6LQge4bHlbK0qy6jEP+HzN9+0h2kF9+kpw3
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:16:03 2025 by rpki-client