Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: bIUDy1KFK4C0dLBiIqsD8JYjPn/P0a6qnUhhEn2UQGU=
Subject key identifier: DE:5B:41:33:3E:82:06:31:3B:EE:2D:53:BF:D9:70:65:89:95:7F:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32470482AFF820E13E9637945A388DC8FAADDE6F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:47:04:82:af:f8:20:e1:3e:96:37:94:5a:38:8d:c8:fa:ad:de:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=ac8df03242284a91e5e6706b8eeacc38baab0ac3ec67b8b1463707c6f684de4e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:72:16:6a:87:7e:2c:db:f5:3f:3a:1d:3c:9e:
d3:22:5b:42:cc:2b:90:65:9d:7e:5f:3f:51:8d:28:
ae:77:43:20:6d:45:2e:e1:3c:6d:38:73:e1:c7:d8:
cc:68:c0:1f:18:8d:96:19:34:9e:c0:f5:59:8b:13:
5c:51:69:7b:b5:d9:43:33:1e:56:6e:c2:9b:ee:cd:
bc:58:9a:b7:06:a1:a6:bc:04:a5:32:93:8e:66:dd:
94:0c:1a:63:40:9c:fb:96:84:51:52:61:dc:0e:3a:
5b:3d:68:fe:db:5f:1e:80:36:ec:6e:f0:e6:f3:ce:
eb:35:97:21:8d:55:d2:c1:77:80:24:c7:04:b7:bf:
59:09:40:90:ad:7d:45:b1:92:c8:d0:3e:8c:86:82:
e4:a4:9a:4b:ab:27:28:27:87:13:de:9b:36:7a:70:
31:92:7a:59:79:51:92:08:22:83:bb:73:91:ab:dd:
61:8e:f1:2e:89:0c:41:43:73:fb:9f:c3:b9:eb:e4:
cd:65:0b:23:6a:e6:ef:51:4e:20:a6:92:7d:af:0e:
9b:3c:fa:bf:33:8b:f4:b9:e6:83:8e:bc:14:0b:30:
07:9b:7a:10:a5:a5:fe:9b:a7:91:75:33:78:11:55:
14:38:51:b3:94:b6:ad:a8:e9:b4:65:aa:8e:43:89:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5B:41:33:3E:82:06:31:3B:EE:2D:53:BF:D9:70:65:89:95:7F:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9d:0e:fc:5a:e7:d5:86:18:55:3b:51:c9:1c:b2:2c:1c:22:fe:
6e:7b:15:bd:bc:93:9e:28:77:aa:a2:16:1c:c6:2b:68:95:f9:
65:07:da:37:ff:24:5d:20:8c:1e:33:d4:f9:fa:cc:c5:5f:54:
2a:48:17:6c:ba:85:90:54:0a:72:55:61:7d:ad:dd:f3:38:7e:
f5:44:ca:d3:44:24:a0:cd:a6:09:f4:d2:c1:b5:26:20:b1:d4:
61:f7:3d:b1:b4:b7:07:75:ec:58:a4:d0:b6:82:48:ea:9a:33:
50:69:55:0d:47:25:55:ca:a1:12:85:14:48:76:61:fd:2d:46:
b9:d0:2a:44:91:97:a2:94:07:ff:e1:ef:d7:3b:66:69:de:76:
05:bb:3b:13:7c:84:d7:66:42:33:b9:9f:51:70:10:4e:d0:95:
f7:66:9b:4c:86:2d:4d:b2:92:6f:4b:34:4b:4c:b1:a2:e4:db:
f4:46:17:fd:9a:48:6c:a3:81:fa:2d:0d:19:95:5c:51:f6:d5:
18:4e:72:51:43:28:50:12:1c:bf:29:8b:09:8f:db:70:2b:43:
71:34:b7:73:a2:2a:4f:7d:fb:cd:c4:51:be:98:ae:62:87:f0:
65:59:69:4c:b2:a7:62:88:7e:72:99:cb:2d:11:a0:59:76:bd:
ba:a8:6e:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMkcEgq/4IOE+ljeUWjiNyPqt3m8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjOGRmMDMyNDIyODRhOTFlNWU2NzA2YjhlZWFjYzM4YmFhYjBhYzNlYzY3
YjhiMTQ2MzcwN2M2ZjY4NGRlNGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFyFmqHfizb9T86HTye0yJbQswrkGWdfl8/UY0orndDIG1FLuE8bThz4cfY
zGjAHxiNlhk0nsD1WYsTXFFpe7XZQzMeVm7Cm+7NvFiatwahprwEpTKTjmbdlAwa
Y0Cc+5aEUVJh3A46Wz1o/ttfHoA27G7w5vPO6zWXIY1V0sF3gCTHBLe/WQlAkK19
RbGSyNA+jIaC5KSaS6snKCeHE96bNnpwMZJ6WXlRkggig7tzkavdYY7xLokMQUNz
+5/DuevkzWULI2rm71FOIKaSfa8Omzz6vzOL9Lnmg468FAswB5t6EKWl/punkXUz
eBFVFDhRs5S2rajptGWqjkOJ2isCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTeW0Ez
PoIGMTvuLVO/2XBliZV/ZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQCdDvxa59WGGFU7UckcsiwcIv5uexW9vJOeKHeqohYc
xitolfllB9o3/yRdIIweM9T5+szFX1QqSBdsuoWQVApyVWF9rd3zOH71RMrTRCSg
zaYJ9NLBtSYgsdRh9z2xtLcHdexYpNC2gkjqmjNQaVUNRyVVyqEShRRIdmH9LUa5
0CpEkZeilAf/4e/XO2Zp3nYFuzsTfITXZkIzuZ9RcBBO0JX3ZptMhi1NspJvSzRL
TLGi5Nv0Rhf9mkhso4H6LQ0ZlVxR9tUYTnJRQyhQEhy/KYsJj9twK0NxNLdzoipP
ffvNxFG+mK5ih/BlWWlMsqdiiH5ymcstEaBZdr26qG5t
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:15:18 2025 by rpki-client