Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json)
Hash identifier: NOZNWtJreDGG+6+ml6S+Cnwl3nizfG5FEio7OgtEqD4=
Subject key identifier: 78:49:F0:D1:5D:C5:3C:1B:41:5F:3E:E9:8F:22:4D:0D:D0:1C:25:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 081E2ACE4E6850E6D71D23116859356297B82748
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1e:2a:ce:4e:68:50:e6:d7:1d:23:11:68:59:35:62:97:b8:27:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=805ea6c8e103f1a9d342030469ebbf9372734b5a7d9ad161c44bc921824f079e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:17:52:48:12:92:9b:fd:b4:b7:19:ad:11:
1a:48:c5:5d:ee:61:9f:56:bf:61:8a:1b:b8:c4:ed:
e7:9a:d0:ec:fc:c0:f5:80:0b:34:98:8f:ac:4e:82:
91:58:31:ca:fb:8f:ef:a5:af:b3:02:40:45:f3:34:
9c:50:21:28:7f:8e:2a:6d:c2:14:88:d6:87:2c:6a:
91:8e:7d:73:b9:92:7e:3d:01:22:13:c3:fa:15:49:
05:9b:3b:14:8a:76:42:fe:78:67:7a:08:7c:66:31:
a6:c9:fd:b5:a3:36:2d:5e:54:18:8b:c3:37:80:cb:
dd:56:04:14:9a:45:66:02:cf:22:35:d9:17:58:c3:
71:29:fd:7e:1d:49:fb:35:b0:b2:32:b2:75:64:3c:
53:ce:07:63:42:f9:36:d0:32:93:7f:44:ba:ed:1b:
7e:de:d9:20:85:02:43:b8:12:6f:de:cc:ba:2c:3a:
8e:4c:17:24:e6:ae:32:f1:7f:12:be:f7:77:cf:a6:
5d:ad:23:b4:44:c4:6f:c4:83:2a:da:de:87:66:39:
c7:29:7f:68:fb:5c:d3:5c:c8:57:e4:ea:4a:9f:2e:
94:61:48:ac:93:b3:d2:8d:ba:0f:d7:b6:ae:71:f1:
20:3d:78:80:e4:7f:9b:63:c1:8c:62:a4:bf:6a:83:
b0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:49:F0:D1:5D:C5:3C:1B:41:5F:3E:E9:8F:22:4D:0D:D0:1C:25:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:86:98:20:48:29:19:bf:2f:7a:63:ab:6a:b6:4f:59:b0:0a:
16:a8:34:46:5f:1a:e7:36:7a:69:2b:00:a6:db:ef:0c:3c:15:
b4:9e:6e:7b:53:a9:2e:eb:1c:64:b3:f8:16:a9:0e:89:f3:b9:
56:5e:77:df:56:e8:59:7d:a0:71:1a:bf:68:fa:6a:ab:99:71:
cb:d4:f7:4a:2e:e9:16:77:17:58:4e:cc:00:65:35:81:b5:9b:
35:b8:96:f5:66:05:d0:51:aa:f4:81:01:31:21:94:eb:2f:e4:
c5:09:2d:53:e6:c1:89:7d:9d:3c:92:a4:4e:e2:5c:95:66:06:
56:7f:cb:59:5d:63:8c:5a:73:75:53:3f:f4:05:20:4d:ea:8b:
66:b4:90:10:9a:be:43:15:25:92:c2:27:a4:c1:a9:39:ed:1a:
4b:1d:72:cd:5d:d0:5b:24:ac:d7:51:a3:31:2c:ca:7b:02:4f:
97:bd:f5:f7:b9:16:72:d1:47:7c:25:7e:53:6c:1b:24:68:28:
11:46:33:92:23:06:d1:95:c2:b1:fd:d2:d4:0b:c4:89:d5:78:
85:8f:b3:fd:d4:43:ad:61:81:82:e9:5b:78:3f:be:6a:ca:8e:
36:7d:d6:b7:8b:9f:68:39:d2:82:4b:82:93:2f:eb:29:e1:fb:
65:27:5c:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCB4qzk5oUObXHSMRaFk1Ype4J0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNWVhNmM4ZTEwM2YxYTlkMzQyMDMwNDY5ZWJiZjkzNzI3MzRiNWE3ZDlh
ZDE2MWM0NGJjOTIxODI0ZjA3OWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJAGF1JIEpKb/bS3Ga0RGkjFXe5hn1a/YYobuMTt55rQ7PzA9YALNJiPrE6C
kVgxyvuP76WvswJARfM0nFAhKH+OKm3CFIjWhyxqkY59c7mSfj0BIhPD+hVJBZs7
FIp2Qv54Z3oIfGYxpsn9taM2LV5UGIvDN4DL3VYEFJpFZgLPIjXZF1jDcSn9fh1J
+zWwsjKydWQ8U84HY0L5NtAyk39Euu0bft7ZIIUCQ7gSb97Muiw6jkwXJOauMvF/
Er73d8+mXa0jtETEb8SDKtreh2Y5xyl/aPtc01zIV+TqSp8ulGFIrJOz0o26D9e2
rnHxID14gOR/m2PBjGKkv2qDsDECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4SfDR
XcU8G0FfPumPIk0N0Bwl/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCFhpggSCkZvy96Y6tqtk9ZsAoWqDRGXxrnNnppKwCm
2+8MPBW0nm57U6ku6xxks/gWqQ6J87lWXnffVuhZfaBxGr9o+mqrmXHL1PdKLukW
dxdYTswAZTWBtZs1uJb1ZgXQUar0gQExIZTrL+TFCS1T5sGJfZ08kqRO4lyVZgZW
f8tZXWOMWnN1Uz/0BSBN6otmtJAQmr5DFSWSwiekwak57RpLHXLNXdBbJKzXUaMx
LMp7Ak+XvfX3uRZy0Ud8JX5TbBskaCgRRjOSIwbRlcKx/dLUC8SJ1XiFj7P91EOt
YYGC6Vt4P75qyo42fda3i59oOdKCS4KTL+sp4ftlJ1xx
-----END CERTIFICATE-----
Generated at Sat May 10 01:28:36 2025 by rpki-client