Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: QtjEJFSBsqs5PIXQsE/P9SleF2jBWf2j4jNRlZHVSSo=
Subject key identifier: FD:13:15:91:58:DA:02:93:38:0D:3A:63:F0:80:E1:1A:64:C6:8E:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2AF1F34F2383846FAEFE57D437ADC937D97128DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:f1:f3:4f:23:83:84:6f:ae:fe:57:d4:37:ad:c9:37:d9:71:28:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=958b3c87eb0f355f9d3a73db0c657ebfd2e22ae4504c7d148094e19ef010a21c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:f5:1e:b2:8e:38:59:b1:b8:77:b4:99:12:
5c:96:7e:aa:d8:36:45:1b:b4:8e:09:04:c6:ee:52:
aa:0a:79:e0:e1:b0:5a:08:aa:b0:3e:75:a1:7b:55:
ea:83:87:0a:58:cd:dc:9f:cd:b4:c5:ee:1f:5e:e2:
e2:e6:7e:64:62:91:79:14:1e:35:ab:fc:a4:af:ec:
d3:89:64:1e:ca:1f:cc:e9:cc:88:6d:24:36:5d:85:
15:b8:5f:94:cd:7c:51:f5:6c:49:d0:ba:6f:6b:0a:
0c:f8:65:c9:3f:c2:e8:99:f9:04:9e:08:68:10:e4:
04:85:4f:24:be:6a:54:ba:de:d0:17:6f:3c:c4:92:
7c:6f:3d:79:b0:37:0e:65:17:4b:36:be:75:b9:f7:
77:10:d4:2a:a7:32:bc:1c:63:33:24:ae:3b:ae:0d:
cc:d9:f4:ff:77:e4:4d:28:e2:63:72:cc:c5:1b:d9:
72:17:5d:6f:da:57:7c:a2:4b:53:4e:f7:49:00:15:
d7:b6:75:4e:41:da:64:a2:7c:ad:a7:fc:3e:51:7b:
43:55:9c:14:20:90:ff:e2:21:cd:63:39:16:9c:0e:
36:50:87:84:66:de:79:76:9a:ae:86:2c:e9:a3:f9:
15:ea:a6:ef:89:94:27:6e:aa:dd:c4:29:5f:16:bd:
dd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:13:15:91:58:DA:02:93:38:0D:3A:63:F0:80:E1:1A:64:C6:8E:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:67:08:4a:cc:78:7d:de:4e:c3:68:33:5d:17:e3:62:c8:5a:
e0:8b:cc:e8:b8:67:22:c8:e3:ab:ac:2c:c1:fb:4d:1f:ad:77:
ef:df:39:68:b2:ae:af:56:71:b1:36:95:7b:58:53:4e:4e:13:
91:f4:27:07:46:15:a9:da:b0:29:2d:f8:25:be:18:79:50:be:
26:70:49:98:05:c2:d2:7b:c7:c5:90:69:c7:f1:6a:e7:4c:63:
32:74:15:97:6e:af:e5:f2:d7:8a:0e:b5:9b:cf:5a:eb:7e:95:
97:f3:4c:90:c7:f6:e9:74:2f:37:6a:07:5d:88:7d:76:03:0f:
29:95:8f:6a:ef:af:1f:ce:0e:6a:3f:7d:c3:95:6e:ae:15:08:
d0:28:af:65:19:c3:8b:a7:2e:2a:a1:6c:18:9b:b4:51:ea:8d:
8a:cc:cf:f8:c9:15:78:05:e1:97:5e:ea:22:81:e1:1b:80:40:
d4:cf:cd:09:32:28:a8:44:3a:97:db:06:64:42:7f:2d:c0:61:
f7:4f:ba:68:4e:e5:d9:fc:ed:2b:67:c8:3f:fb:0b:a4:4b:6b:
fb:01:4c:33:73:a7:45:94:f6:36:84:01:c8:14:36:b9:9d:bd:
01:d7:0b:68:a4:c8:7f:e8:8b:88:fe:44:18:3a:84:fc:32:48:
c6:d5:43:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKvHzTyODhG+u/lfUN63JN9lxKN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1OGIzYzg3ZWIwZjM1NWY5ZDNhNzNkYjBjNjU3ZWJmZDJlMjJhZTQ1MDRj
N2QxNDgwOTRlMTllZjAxMGEyMWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAC9R6yjjhZsbh3tJkSXJZ+qtg2RRu0jgkExu5Sqgp54OGwWgiqsD51oXtV
6oOHCljN3J/NtMXuH17i4uZ+ZGKReRQeNav8pK/s04lkHsofzOnMiG0kNl2FFbhf
lM18UfVsSdC6b2sKDPhlyT/C6Jn5BJ4IaBDkBIVPJL5qVLre0BdvPMSSfG89ebA3
DmUXSza+dbn3dxDUKqcyvBxjMySuO64NzNn0/3fkTSjiY3LMxRvZchddb9pXfKJL
U073SQAV17Z1TkHaZKJ8raf8PlF7Q1WcFCCQ/+IhzWM5FpwONlCHhGbeeXaaroYs
6aP5Feqm74mUJ26q3cQpXxa93YcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT9ExWR
WNoCkzgNOmPwgOEaZMaOPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQAlZwhKzHh93k7DaDNdF+NiyFrgi8zouGciyOOrrCzB
+00frXfv3zlosq6vVnGxNpV7WFNOThOR9CcHRhWp2rApLfglvhh5UL4mcEmYBcLS
e8fFkGnH8WrnTGMydBWXbq/l8teKDrWbz1rrfpWX80yQx/bpdC83agddiH12Aw8p
lY9q768fzg5qP33DlW6uFQjQKK9lGcOLpy4qoWwYm7RR6o2KzM/4yRV4BeGXXuoi
geEbgEDUz80JMiioRDqX2wZkQn8twGH3T7poTuXZ/O0rZ8g/+wukS2v7AUwzc6dF
lPY2hAHIFDa5nb0B1wtopMh/6IuI/kQYOoT8MkjG1UPg
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:15:13 2025 by rpki-client