Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json)
Hash identifier: OKPMY5pzNFkky3lKM55YpcKJOV7dlWXyy3E64vsM5DM=
Subject key identifier: 5F:E3:B4:AB:24:2A:C7:38:0F:C7:87:19:8F:DE:8F:3D:09:B1:E1:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67BC0CE93485554DC39FFF5F3B80C7F00A6D495F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:bc:0c:e9:34:85:55:4d:c3:9f:ff:5f:3b:80:c7:f0:0a:6d:49:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=1a287ef98c85f0db94c936f84b24fc63427e0e508822693654639ea5b2e19927, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f4:cf:4c:d0:63:25:ff:f3:66:07:8f:60:70:
8e:34:2c:5f:b3:39:77:e3:9c:0a:e6:3e:21:74:f6:
d3:e5:12:93:df:d1:82:80:60:9c:0e:78:17:d9:9a:
50:7b:0d:86:b9:58:c3:25:fa:a5:7f:28:40:12:32:
97:42:ca:e5:08:7c:1e:d0:53:77:4f:a2:57:0a:86:
b6:9e:5f:9e:2c:1f:cf:1f:a6:37:a5:ab:f5:97:f3:
82:b9:87:7f:5b:38:71:d7:d3:6a:8a:9c:7c:0b:b9:
11:fc:ef:28:e1:b7:7a:0e:9b:a6:db:69:0b:4a:35:
ab:83:f6:4c:93:14:2d:75:32:ec:b6:2a:62:63:92:
3d:c7:c8:13:31:fc:56:c0:15:da:0d:f4:54:a8:ab:
79:b0:56:76:bc:88:7f:c9:10:d7:0d:bb:74:56:65:
a2:cf:10:b1:3c:28:64:95:36:fd:67:82:2c:cc:6e:
bb:1b:39:33:b2:95:13:32:40:58:48:38:4a:d2:90:
1b:17:ad:40:e7:32:d7:65:d2:12:8f:f8:a5:85:11:
4b:fd:d1:d0:16:0d:70:b1:c3:f4:fe:1a:5b:8d:ea:
8d:da:73:60:4f:fd:cf:58:6c:b4:34:a0:b1:a6:25:
31:75:5f:e1:15:d9:dc:ac:bd:39:89:1d:44:e3:53:
ed:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E3:B4:AB:24:2A:C7:38:0F:C7:87:19:8F:DE:8F:3D:09:B1:E1:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:24:e5:b9:07:63:26:5e:46:1a:4b:1f:d7:65:f0:1a:e6:33:
76:3b:69:a3:15:c1:47:35:8f:1f:66:9f:b5:76:4e:2e:73:d3:
6e:10:36:86:97:e8:a6:93:56:7b:b6:47:88:44:c4:83:fc:5c:
d7:3f:6a:90:58:8f:7a:12:a5:8b:4c:06:0d:f7:6e:1b:5e:77:
5c:87:22:0d:8c:79:c7:a5:07:97:3c:8c:88:19:41:c5:78:05:
b1:94:b7:b6:9a:8f:a6:33:c1:3d:81:39:8d:f6:6b:a0:bf:7e:
39:ba:79:a0:ad:e9:a3:ee:e4:44:02:f9:e8:b3:5e:bf:56:a5:
79:5f:e9:60:e1:11:b6:57:a9:18:1b:ba:01:f8:3b:31:1e:53:
fe:0f:66:a2:0d:8f:1f:0a:25:80:dd:69:33:01:58:bc:b8:f8:
f1:57:10:16:49:65:3f:9f:80:87:00:a5:96:88:71:24:cc:30:
78:f1:c5:5f:6f:1f:e8:d4:77:63:31:99:4f:51:81:f1:0b:7d:
63:1b:d8:96:ae:a0:74:09:29:2e:19:07:2e:0c:7d:6b:74:53:
b6:10:40:ca:ee:e7:19:25:05:15:8e:d7:4b:f5:d3:77:70:f0:
b6:ea:4b:6a:5b:7d:b3:41:1c:36:f0:3f:9e:cb:50:b9:c1:b7:
23:2c:4f:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZ7wM6TSFVU3Dn/9fO4DH8AptSV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhMjg3ZWY5OGM4NWYwZGI5NGM5MzZmODRiMjRmYzYzNDI3ZTBlNTA4ODIy
NjkzNjU0NjM5ZWE1YjJlMTk5MjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb0z0zQYyX/82YHj2BwjjQsX7M5d+OcCuY+IXT20+USk9/RgoBgnA54F9ma
UHsNhrlYwyX6pX8oQBIyl0LK5Qh8HtBTd0+iVwqGtp5fniwfzx+mN6Wr9ZfzgrmH
f1s4cdfTaoqcfAu5EfzvKOG3eg6bpttpC0o1q4P2TJMULXUy7LYqYmOSPcfIEzH8
VsAV2g30VKirebBWdryIf8kQ1w27dFZlos8QsTwoZJU2/WeCLMxuuxs5M7KVEzJA
WEg4StKQGxetQOcy12XSEo/4pYURS/3R0BYNcLHD9P4aW43qjdpzYE/9z1hstDSg
saYlMXVf4RXZ3Ky9OYkdRONT7asCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRf47Sr
JCrHOA/HhxmP3o89CbHhazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQArJOW5B2MmXkYaSx/XZfAa5jN2O2mjFcFHNY8fZp+1
dk4uc9NuEDaGl+imk1Z7tkeIRMSD/FzXP2qQWI96EqWLTAYN924bXndchyINjHnH
pQeXPIyIGUHFeAWxlLe2mo+mM8E9gTmN9mugv345unmgremj7uREAvnos16/VqV5
X+lg4RG2V6kYG7oB+DsxHlP+D2aiDY8fCiWA3WkzAVi8uPjxVxAWSWU/n4CHAKWW
iHEkzDB48cVfbx/o1HdjMZlPUYHxC31jG9iWrqB0CSkuGQcuDH1rdFO2EEDK7ucZ
JQUVjtdL9dN3cPC26ktqW32zQRw28D+ey1C5wbcjLE9g
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:27:34 2025 by rpki-client