Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: w6nUSWpiCMZU7iDyBUIqc3uWUJrmy3l9yJEKEOjm8CE=
Subject key identifier: 54:3F:5D:05:CE:2F:94:98:36:3D:29:87:B5:F3:18:9B:83:38:69:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AB1E241D375756F20F8A8B11698DFB7793845DC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:b1:e2:41:d3:75:75:6f:20:f8:a8:b1:16:98:df:b7:79:38:45:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=9032f6170bdb848734a7b5e7287bf812071cad0c39f06815d89133c2dbd8f999, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a4:4f:96:1a:48:92:03:b2:a0:74:33:bb:81:
41:14:80:e7:56:62:71:10:25:02:2b:78:1c:e8:7e:
41:a1:19:37:06:f0:26:45:cb:c8:e3:68:bc:06:41:
3f:70:0d:e0:14:9f:4a:50:82:f1:10:a7:f3:6c:84:
80:15:12:53:f1:04:ff:6c:35:44:4f:3f:64:2d:71:
73:1c:5c:6c:f2:58:7c:df:ff:2e:e2:80:f4:f6:3a:
8f:4d:f0:61:b3:d4:a6:74:29:11:cd:16:4a:70:48:
5a:de:3a:14:f2:c4:07:90:41:fa:c6:c1:20:f7:fa:
09:7d:b6:ca:1a:c3:0c:e9:33:ec:00:79:84:53:b2:
62:46:70:92:a2:fe:0c:db:cb:28:4f:3b:0e:32:7f:
89:76:0e:93:96:36:ca:41:b3:ba:da:4f:a1:10:b2:
2e:d6:20:0b:0d:a5:0b:c0:a9:82:bf:e8:5c:53:af:
9d:6c:cf:a5:ed:32:15:55:34:8e:99:a5:c2:3f:bd:
9c:76:a8:f5:65:fd:e2:af:15:84:59:ab:e7:6c:db:
9d:cf:b6:f4:5d:07:81:0f:77:82:ca:3a:5b:fe:e4:
1f:0f:b7:c8:d6:fc:29:3d:dd:a5:a8:c2:da:0a:d0:
15:00:ca:56:c8:20:b2:86:ce:00:10:68:1e:cd:71:
a0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3F:5D:05:CE:2F:94:98:36:3D:29:87:B5:F3:18:9B:83:38:69:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:fa:cf:b5:5b:61:03:fa:fc:8a:8b:b4:cc:4a:0c:df:67:e2:
02:58:9f:41:c0:ce:5b:bc:97:b4:54:9c:8e:d7:3b:ef:1e:c4:
af:a5:4b:95:1b:cc:3e:7e:28:2e:ca:a4:5d:f9:51:f1:4b:00:
2a:ee:14:c8:d1:34:fc:0c:f4:ce:65:af:41:8e:12:00:59:1a:
5c:3a:f3:68:5a:ef:f9:c0:1f:59:24:76:63:9e:03:c5:2c:77:
4f:67:61:43:80:44:ac:14:86:58:09:2d:ce:11:8c:3b:15:32:
06:be:db:1d:d3:a8:5d:19:39:d1:c1:2d:b0:8b:45:e2:7b:22:
69:0c:fe:8f:db:ac:38:18:b0:41:d6:dc:87:b7:d2:62:11:7d:
c6:02:a4:be:19:78:29:ea:40:67:61:fe:41:07:58:db:4b:2f:
d1:26:51:96:f4:1f:30:c0:b2:08:0f:44:dc:23:75:54:9d:8d:
43:d9:c8:75:1b:71:2c:e5:0c:51:96:d4:bb:28:3c:57:c8:68:
24:21:35:e8:e8:1e:da:65:91:db:5c:cf:0c:be:6b:8a:f8:e8:
80:cc:b4:e6:b7:ac:48:fb:7a:4b:a4:7e:1e:0b:4f:de:2b:9b:
53:eb:57:a9:53:e5:7e:ed:ba:d4:41:6d:71:35:7d:c7:1d:56:
54:a8:3b:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCrHiQdN1dW8g+KixFpjft3k4RdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwMzJmNjE3MGJkYjg0ODczNGE3YjVlNzI4N2JmODEyMDcxY2FkMGMzOWYw
NjgxNWQ4OTEzM2MyZGJkOGY5OTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKekT5YaSJIDsqB0M7uBQRSA51ZicRAlAit4HOh+QaEZNwbwJkXLyONovAZB
P3AN4BSfSlCC8RCn82yEgBUSU/EE/2w1RE8/ZC1xcxxcbPJYfN//LuKA9PY6j03w
YbPUpnQpEc0WSnBIWt46FPLEB5BB+sbBIPf6CX22yhrDDOkz7AB5hFOyYkZwkqL+
DNvLKE87DjJ/iXYOk5Y2ykGzutpPoRCyLtYgCw2lC8Cpgr/oXFOvnWzPpe0yFVU0
jpmlwj+9nHao9WX94q8VhFmr52zbnc+29F0HgQ93gso6W/7kHw+3yNb8KT3dpajC
2grQFQDKVsggsobOABBoHs1xoIUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUP10F
zi+UmDY9KYe18xibgzhpljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQBL+s+1W2ED+vyKi7TMSgzfZ+ICWJ9BwM5bvJe0VJyO
1zvvHsSvpUuVG8w+figuyqRd+VHxSwAq7hTI0TT8DPTOZa9BjhIAWRpcOvNoWu/5
wB9ZJHZjngPFLHdPZ2FDgESsFIZYCS3OEYw7FTIGvtsd06hdGTnRwS2wi0XieyJp
DP6P26w4GLBB1tyHt9JiEX3GAqS+GXgp6kBnYf5BB1jbSy/RJlGW9B8wwLIID0Tc
I3VUnY1D2ch1G3Es5QxRltS7KDxXyGgkITXo6B7aZZHbXM8MvmuK+OiAzLTmt6xI
+3pLpH4eC0/eK5tT61epU+V+7brUQW1xNX3HHVZUqDs+
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:54 2025 by rpki-client