Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json)
Hash identifier: ohGSPGxAcegoGQd7CsCZSjU8DRnZqOFL06GOd+2QBMI=
Subject key identifier: 83:8C:9B:FE:96:2C:06:F4:C7:C8:B0:6A:77:80:3B:94:88:06:C0:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0862BDBE4D7C1F85AAAE156EDBF678A8C2587CC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:62:bd:be:4d:7c:1f:85:aa:ae:15:6e:db:f6:78:a8:c2:58:7c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=b849d91012c510fa29827c8c1796109c1d87404b2c5ec34aa96d922badb60639, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5c:d0:cf:d7:fe:06:8e:c5:9c:df:3b:92:af:
3b:e5:c6:c7:c4:6e:f7:b0:13:57:d9:04:63:70:e4:
04:94:a1:f1:fc:62:f0:95:41:90:78:64:8e:36:2f:
78:65:eb:36:a6:c3:1b:af:65:b6:bb:63:3a:b5:59:
ba:9d:8e:74:96:82:23:69:7b:e2:11:1f:c8:38:73:
72:a0:bc:d8:e7:5d:bd:a9:c0:86:ff:ac:8a:e9:c9:
32:1c:24:f8:9e:cc:44:a2:b3:03:90:0b:3e:5b:bc:
09:be:01:d8:41:71:33:55:c5:d4:5e:22:a9:87:20:
ab:89:32:41:04:33:00:ee:5b:91:85:0a:2f:91:f4:
cd:6c:4a:06:b3:df:a8:8b:fb:fe:41:58:68:20:29:
68:1a:2b:cc:6d:02:a3:86:f3:c7:7f:88:23:ca:d1:
db:2f:2e:46:5a:de:2e:62:84:02:07:be:f2:b2:90:
89:51:ab:b8:5a:b0:9e:c9:ac:5b:f4:ec:a0:79:06:
60:a6:88:77:91:6b:34:aa:95:19:35:70:0e:52:04:
cc:2b:65:2f:e1:e1:92:c4:0f:d2:80:84:36:b7:cb:
9a:88:32:be:15:be:4f:47:a5:30:ce:a1:7b:08:fa:
fd:8e:4f:a8:a3:65:10:60:09:88:f0:88:1a:a5:ba:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8C:9B:FE:96:2C:06:F4:C7:C8:B0:6A:77:80:3B:94:88:06:C0:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:c0:29:db:5b:72:8c:a7:05:9b:5b:1a:c4:8a:9b:6f:d6:2b:
d6:7c:dc:76:7e:73:a3:50:26:76:42:4d:2c:d5:ea:7b:f5:89:
d9:1f:7e:c9:f5:53:ce:a3:47:99:30:56:ee:75:08:bb:cd:60:
3b:94:bb:cd:a7:9b:41:92:b6:62:c2:4f:47:c9:42:99:64:0f:
0c:9e:e2:d1:5e:5d:e5:af:c5:a5:78:f5:0f:30:84:51:d8:8c:
7e:d3:dd:bc:d6:51:8b:37:eb:58:3d:92:28:43:8b:9d:79:a9:
fa:5e:a1:e5:cc:74:41:3d:6d:07:b5:9b:0f:76:f5:ac:7d:95:
28:f3:8b:bf:89:a5:d7:8c:0f:7c:df:44:01:a0:d2:14:86:6d:
4e:d6:5e:84:4a:b2:cb:9c:28:ce:1c:4e:ef:7c:98:3c:24:a5:
db:b4:17:1f:e5:26:9f:be:6f:2a:2d:1c:63:45:73:1a:a3:5d:
7e:24:2e:43:10:b1:14:41:66:d8:85:77:6f:5c:26:50:02:c8:
74:7b:1b:a4:b1:32:51:bf:aa:eb:44:91:8a:e0:b6:aa:6d:35:
cc:63:4f:66:98:80:c3:6a:51:88:06:01:15:13:17:c9:6c:fa:
8d:f3:10:1a:20:bd:e8:18:ac:09:81:e8:88:b7:fc:5e:30:13:
52:e5:9d:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCGK9vk18H4WqrhVu2/Z4qMJYfMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NDlkOTEwMTJjNTEwZmEyOTgyN2M4YzE3OTYxMDljMWQ4NzQwNGIyYzVl
YzM0YWE5NmQ5MjJiYWRiNjA2MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBc0M/X/gaOxZzfO5KvO+XGx8Ru97ATV9kEY3DkBJSh8fxi8JVBkHhkjjYv
eGXrNqbDG69ltrtjOrVZup2OdJaCI2l74hEfyDhzcqC82OddvanAhv+siunJMhwk
+J7MRKKzA5ALPlu8Cb4B2EFxM1XF1F4iqYcgq4kyQQQzAO5bkYUKL5H0zWxKBrPf
qIv7/kFYaCApaBorzG0Co4bzx3+II8rR2y8uRlreLmKEAge+8rKQiVGruFqwnsms
W/TsoHkGYKaId5FrNKqVGTVwDlIEzCtlL+HhksQP0oCENrfLmogyvhW+T0elMM6h
ewj6/Y5PqKNlEGAJiPCIGqW66/ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDjJv+
liwG9MfIsGp3gDuUiAbANDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBdwCnbW3KMpwWbWxrEiptv1ivWfNx2fnOjUCZ2Qk0s
1ep79YnZH37J9VPOo0eZMFbudQi7zWA7lLvNp5tBkrZiwk9HyUKZZA8MnuLRXl3l
r8WlePUPMIRR2Ix+09281lGLN+tYPZIoQ4udean6XqHlzHRBPW0HtZsPdvWsfZUo
84u/iaXXjA9830QBoNIUhm1O1l6ESrLLnCjOHE7vfJg8JKXbtBcf5Safvm8qLRxj
RXMao11+JC5DELEUQWbYhXdvXCZQAsh0exuksTJRv6rrRJGK4LaqbTXMY09mmIDD
alGIBgEVExfJbPqN8xAaIL3oGKwJgeiIt/xeMBNS5Z0v
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:34:01 2025 by rpki-client