Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
File: 87cbc454-e777-437d-a43a-911995d2a7ce.roa (raw, json)
Hash identifier: bDeIAru3dwdua9XTRr+q1TDTUOVyoAnmmK691NEKFZU=
Subject key identifier: 68:5B:8F:74:0D:1E:1B:44:35:DE:5B:9D:08:F6:7D:87:3C:C8:53:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CF2EA23E728F9ECCDD7834BD68B7A5E3EBD3AA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:f2:ea:23:e7:28:f9:ec:cd:d7:83:4b:d6:8b:7a:5e:3e:bd:3a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=38df7e16ada2f3d35269fe1dfec467a1359511cb6a436afe0d99c9a8a3f8548b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:85:55:63:fc:63:c5:b7:75:30:ae:88:07:
35:5b:b8:46:07:15:ee:be:e8:16:92:31:d7:08:d7:
e3:ba:56:14:e7:a2:ee:32:a4:31:4e:44:94:ee:91:
c3:48:13:7f:db:cf:f9:33:83:79:2a:3a:6c:74:bb:
27:a5:ba:53:ce:87:17:67:79:4b:51:83:a4:76:84:
6e:59:ae:e5:5c:cd:18:19:b9:c7:64:66:8e:b3:57:
ad:3c:5e:a2:58:70:84:92:90:ed:d9:d1:0b:38:63:
f8:c7:42:b3:3a:ff:5e:af:31:a0:eb:e0:f3:0a:5a:
2f:04:bb:31:4f:28:aa:2a:6b:de:d2:34:8c:fc:06:
77:22:04:ba:ee:63:f0:4f:c0:c2:0c:3d:3c:46:05:
8d:07:4b:54:0d:e6:a8:1a:79:9d:cb:53:9b:b2:bb:
4c:19:04:47:f0:56:da:21:99:a2:c6:36:41:99:d5:
a7:9d:ec:2f:de:87:e2:2c:c2:e4:ea:0b:c7:3f:4e:
70:6c:fb:94:e4:04:03:a7:a8:c6:5e:52:87:41:9e:
2c:03:0c:23:71:03:c6:25:7c:6d:3f:c7:66:b5:7f:
86:2c:6f:93:0e:66:35:42:61:80:80:7d:6f:a8:28:
1a:7a:cc:be:b9:e0:09:40:37:2c:0e:1e:1b:a2:0e:
de:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5B:8F:74:0D:1E:1B:44:35:DE:5B:9D:08:F6:7D:87:3C:C8:53:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:ce:d9:b0:e4:49:d9:d2:b2:09:3a:80:4a:e7:a0:56:8d:f2:
c1:ce:5e:fd:ce:9b:c7:3a:db:e4:2d:24:eb:67:e2:a2:ab:1c:
dd:f7:7a:3b:89:1e:25:df:d9:00:48:25:f6:0e:15:ef:b6:dd:
8f:b0:95:7c:d7:10:11:42:06:ba:b8:31:1f:cf:04:70:66:15:
a2:5c:e7:ac:43:b1:3a:38:1e:4d:70:64:3a:fe:ab:2e:00:21:
3a:b6:5e:0f:e2:47:68:5e:3a:d1:40:bc:83:95:85:e9:a3:b1:
8b:ff:30:90:d2:79:3e:15:f9:f8:64:78:24:59:0e:0b:88:66:
7c:e9:4c:7b:56:d0:b7:99:61:ea:fe:59:a9:7b:25:39:2b:d9:
38:03:de:65:43:34:3b:7d:31:a7:f0:ca:b7:f3:a2:67:8f:68:
09:de:be:83:04:2d:80:a0:2f:d3:3d:2b:a6:7f:94:97:6f:fe:
f7:4d:0d:b3:12:cc:a1:3c:25:72:3a:0c:b1:1f:83:59:5d:45:
de:d7:d7:3b:11:b7:16:1b:2e:32:6a:32:5d:7c:2c:6d:68:9a:
5e:3a:e2:30:c0:85:ef:bc:25:99:83:76:db:d8:ce:4c:c1:2b:
9a:61:66:78:89:cf:f2:a4:50:5d:d2:0b:2e:36:81:92:6b:ed:
13:36:f7:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbPLqI+co+ezN14NL1ot6Xj69OqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ZGY3ZTE2YWRhMmYzZDM1MjY5ZmUxZGZlYzQ2N2ExMzU5NTExY2I2YTQz
NmFmZTBkOTljOWE4YTNmODU0OGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7ghVVj/GPFt3UwrogHNVu4RgcV7r7oFpIx1wjX47pWFOei7jKkMU5ElO6R
w0gTf9vP+TODeSo6bHS7J6W6U86HF2d5S1GDpHaEblmu5VzNGBm5x2RmjrNXrTxe
olhwhJKQ7dnRCzhj+MdCszr/Xq8xoOvg8wpaLwS7MU8oqipr3tI0jPwGdyIEuu5j
8E/Awgw9PEYFjQdLVA3mqBp5nctTm7K7TBkER/BW2iGZosY2QZnVp53sL96H4izC
5OoLxz9OcGz7lOQEA6eoxl5Sh0GeLAMMI3EDxiV8bT/HZrV/hixvkw5mNUJhgIB9
b6goGnrMvrngCUA3LA4eG6IO3gsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRoW490
DR4bRDXeW50I9n2HPMhTmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODdjYmM0NTQtZTc3Ny00MzdkLWE0M2EtOTExOTk1ZDJhN2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQDBztmw5EnZ0rIJOoBK56BWjfLBzl79zpvHOtvkLSTr
Z+Kiqxzd93o7iR4l39kASCX2DhXvtt2PsJV81xARQga6uDEfzwRwZhWiXOesQ7E6
OB5NcGQ6/qsuACE6tl4P4kdoXjrRQLyDlYXpo7GL/zCQ0nk+Ffn4ZHgkWQ4LiGZ8
6Ux7VtC3mWHq/lmpeyU5K9k4A95lQzQ7fTGn8Mq386Jnj2gJ3r6DBC2AoC/TPSum
f5SXb/73TQ2zEsyhPCVyOgyxH4NZXUXe19c7EbcWGy4yajJdfCxtaJpeOuIwwIXv
vCWZg3bb2M5MwSuaYWZ4ic/ypFBd0gsuNoGSa+0TNvce
-----END CERTIFICATE-----
Generated at Mon May 5 03:59:53 2025 by rpki-client