Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: xxpiOQyAJSqtzFPQFB9iNLqaERhceG0OX3fdRqlUIXs=
Subject key identifier: 88:14:97:64:D0:60:C0:EF:8B:48:5D:FB:BC:D1:36:84:E4:9C:23:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 06E05F5AFC16D31C55CF652A0EC2A734B34B120F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e0:5f:5a:fc:16:d3:1c:55:cf:65:2a:0e:c2:a7:34:b3:4b:12:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=2ca165d094fefde3bb659be476b758a2072cd7792f1a9d0726ac6dab62ff0917, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:21:d7:b1:be:bf:8b:7e:88:47:48:d0:dc:bc:
d6:bd:55:fd:06:67:07:d1:9d:57:78:26:f0:6b:36:
dc:dc:84:96:d3:43:33:a8:e9:01:84:f8:e3:72:d0:
4e:7f:5b:4e:cc:00:b5:8d:df:36:14:7f:ae:b9:b0:
35:b7:55:f2:c3:e5:27:6f:03:e0:37:a2:0d:d8:77:
06:94:07:e7:58:e6:27:f4:48:3a:ab:c3:08:03:90:
9c:77:01:b9:f5:61:d6:f5:40:48:26:6c:2f:7c:7f:
b3:62:f4:a0:5d:bf:33:46:00:ab:a5:8c:97:01:6c:
f0:e6:97:d1:e6:37:2b:2f:5e:a3:df:8e:3d:55:f8:
fe:90:6c:fd:62:8f:a7:dd:f7:ef:2c:a6:ac:a9:4e:
89:f1:1d:b3:6c:cd:3f:b2:ce:5b:b2:cc:ba:ac:5a:
e2:ec:ca:be:d3:8b:6b:f5:46:e2:3e:98:8a:36:bb:
9d:50:e5:4c:e0:b3:bc:4c:00:50:e1:81:70:ad:29:
4d:aa:47:df:7d:10:11:c3:99:46:2c:b2:9e:3d:fd:
4b:61:7d:dc:c0:21:27:85:aa:f5:7d:6e:36:88:92:
97:5e:0a:7d:b4:9e:3c:53:b6:55:13:c0:f2:18:15:
be:7f:33:3a:56:3d:b2:1f:df:6c:37:fc:5a:45:29:
de:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:14:97:64:D0:60:C0:EF:8B:48:5D:FB:BC:D1:36:84:E4:9C:23:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
61:22:fe:d3:87:15:a8:9b:df:c9:20:ec:f6:b3:a7:2e:0a:c1:
00:5e:e4:d6:84:2c:7e:1c:ac:12:37:ae:1f:b5:b6:97:10:9d:
bd:5b:52:69:46:2b:09:81:62:6e:0c:04:03:9a:53:38:c6:44:
97:5d:72:11:e8:7c:8e:3d:61:8a:ca:03:86:e6:0c:b4:58:39:
f7:c0:0d:5a:b4:e1:2e:91:45:de:03:6b:c3:e6:e3:5b:d8:6e:
5c:79:35:a2:60:d6:b0:ef:14:92:e2:34:88:60:31:f4:05:90:
8a:d8:16:17:ea:cb:79:f5:8f:9b:81:6b:41:ca:80:b5:ae:75:
39:7d:f0:7a:c5:db:54:1b:82:df:4b:61:a6:4b:63:3c:61:d2:
a4:3c:39:87:49:15:5b:3f:50:1e:d1:f4:ba:33:e4:99:45:a8:
b0:29:6b:f3:09:60:d6:6a:92:ca:e0:0e:72:c7:ba:a7:d2:c8:
c4:63:1b:9e:03:cf:c9:c7:27:e8:50:0f:d1:1c:be:fd:65:5d:
96:c8:4d:99:ba:d0:f9:6a:9c:f1:f1:7e:17:eb:64:dd:e3:ba:
fb:71:f8:60:e2:4c:1c:43:3e:8d:eb:19:3a:a6:83:37:48:e7:
c0:f9:98:95:34:04:bd:ac:37:55:20:4a:35:76:4f:d3:06:7d:
b2:bd:1e:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBuBfWvwW0xxVz2UqDsKnNLNLEg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYTE2NWQwOTRmZWZkZTNiYjY1OWJlNDc2Yjc1OGEyMDcyY2Q3NzkyZjFh
OWQwNzI2YWM2ZGFiNjJmZjA5MTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoh17G+v4t+iEdI0Ny81r1V/QZnB9GdV3gm8Gs23NyEltNDM6jpAYT443LQ
Tn9bTswAtY3fNhR/rrmwNbdV8sPlJ28D4DeiDdh3BpQH51jmJ/RIOqvDCAOQnHcB
ufVh1vVASCZsL3x/s2L0oF2/M0YAq6WMlwFs8OaX0eY3Ky9eo9+OPVX4/pBs/WKP
p9337yymrKlOifEds2zNP7LOW7LMuqxa4uzKvtOLa/VG4j6Yija7nVDlTOCzvEwA
UOGBcK0pTapH330QEcOZRiyynj39S2F93MAhJ4Wq9X1uNoiSl14KfbSePFO2VRPA
8hgVvn8zOlY9sh/fbDf8WkUp3j0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIFJdk
0GDA74tIXfu80TaE5Jwj7TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBhIv7ThxWom9/JIOz2s6cuCsEAXuTWhCx+HKwSN64f
tbaXEJ29W1JpRisJgWJuDAQDmlM4xkSXXXIR6HyOPWGKygOG5gy0WDn3wA1atOEu
kUXeA2vD5uNb2G5ceTWiYNaw7xSS4jSIYDH0BZCK2BYX6st59Y+bgWtByoC1rnU5
ffB6xdtUG4LfS2GmS2M8YdKkPDmHSRVbP1Ae0fS6M+SZRaiwKWvzCWDWapLK4A5y
x7qn0sjEYxueA8/JxyfoUA/RHL79ZV2WyE2ZutD5apzx8X4X62Td47r7cfhg4kwc
Qz6N6xk6poM3SOfA+ZiVNAS9rDdVIEo1dk/TBn2yvR41
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:38:59 2025 by rpki-client