Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: 1UGfaEaEKgeBVnl77nxWssdmEZPjvEu66QouCcGLYcE=
Subject key identifier: 90:66:A6:4A:D0:23:11:B2:7E:BB:4B:F2:2A:88:54:35:4D:73:A9:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DB65E945C1F17094039101CC983C090F40FEBC6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b6:5e:94:5c:1f:17:09:40:39:10:1c:c9:83:c0:90:f4:0f:eb:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d69e3d0b60065d484746f47e36b4c1782d1adfa5c3f4bdabdea3ac9c698a0d5a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:97:b8:1d:62:aa:ac:62:23:80:a8:8b:56:2c:
a1:43:a1:10:bd:25:a5:3f:1a:d7:63:ec:5f:bd:f9:
8f:c1:91:b0:62:b4:20:cb:ed:50:26:60:62:34:f8:
83:e2:c5:29:60:fc:5e:ec:95:0b:1b:9d:ff:46:b0:
33:59:cf:72:49:87:bb:c5:74:89:fc:a5:d7:fc:e3:
d9:6f:8a:7c:9b:14:87:d3:03:21:f1:51:26:93:48:
b3:f8:80:be:70:91:3e:1a:09:de:9b:7b:a1:72:c8:
7f:09:30:58:63:93:15:71:5a:a3:b8:02:b7:5f:c1:
11:0f:11:69:6b:66:67:cf:81:44:cf:dc:7f:c5:a9:
ad:96:17:8b:be:74:17:dc:ce:fa:66:8d:13:09:57:
ab:70:2a:9d:71:9a:34:73:39:ac:73:6d:e0:20:7c:
cc:cc:d6:d6:bc:6d:f6:07:7b:07:49:79:39:2a:30:
19:4c:c3:e8:36:c1:96:f2:d6:6a:2c:bd:b9:03:76:
d5:4f:1b:8c:bf:3d:7c:4d:cf:e6:6a:80:94:fe:3c:
89:b5:13:86:64:70:35:0f:e3:65:c0:33:8a:93:4b:
06:a1:11:05:53:02:b0:f0:82:7d:fb:68:4d:c0:44:
1c:5d:6f:68:16:d3:c8:23:62:1f:77:7f:14:02:e0:
85:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:66:A6:4A:D0:23:11:B2:7E:BB:4B:F2:2A:88:54:35:4D:73:A9:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:cf:99:e4:00:4b:22:a7:84:32:e9:12:1c:ee:eb:75:1d:e9:
4d:f7:01:d2:77:ba:b5:ba:04:2f:86:84:ef:dd:04:f0:3b:7c:
5f:20:e5:de:60:2a:cb:a6:80:8a:b6:6f:5d:76:ac:f1:95:53:
69:c3:d1:d5:bf:af:c1:b7:bb:2b:65:f0:c7:fe:b8:7d:db:2b:
35:b5:b5:ad:1a:dc:e5:6a:7e:27:69:ad:52:f9:54:8f:01:9a:
6e:d7:32:fa:b7:29:3e:54:87:89:1f:e0:28:d0:ff:3a:3e:2d:
2d:85:44:11:6e:32:4a:b9:bf:1b:bd:c7:dd:fe:57:4a:9d:4d:
a0:03:01:bd:9e:7d:ce:ff:01:cb:ba:a3:a3:c9:6a:9a:0e:8c:
06:c8:3e:c0:e2:2d:6e:e6:7f:30:1f:8a:b9:9d:45:9b:b8:6a:
bb:a3:86:53:f8:f7:18:ea:ce:37:cb:54:27:f3:f5:ed:34:c1:
e9:b1:61:a6:4f:39:ae:21:e5:73:4a:d9:be:8e:de:64:f1:23:
33:c1:b0:10:f7:83:16:83:2c:89:06:e7:ac:e4:a4:93:32:f2:
f3:07:6e:00:38:d4:8c:32:3e:ed:7b:01:bf:91:3d:df:75:cf:
f2:82:e3:6b:97:0a:9b:be:b0:cf:ae:8e:fe:a9:37:67:58:9c:
f4:f0:bb:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDbZelFwfFwlAORAcyYPAkPQP68YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2OWUzZDBiNjAwNjVkNDg0NzQ2ZjQ3ZTM2YjRjMTc4MmQxYWRmYTVjM2Y0
YmRhYmRlYTNhYzljNjk4YTBkNWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyXuB1iqqxiI4Coi1YsoUOhEL0lpT8a12PsX735j8GRsGK0IMvtUCZgYjT4
g+LFKWD8XuyVCxud/0awM1nPckmHu8V0ifyl1/zj2W+KfJsUh9MDIfFRJpNIs/iA
vnCRPhoJ3pt7oXLIfwkwWGOTFXFao7gCt1/BEQ8RaWtmZ8+BRM/cf8WprZYXi750
F9zO+maNEwlXq3AqnXGaNHM5rHNt4CB8zMzW1rxt9gd7B0l5OSowGUzD6DbBlvLW
aiy9uQN21U8bjL89fE3P5mqAlP48ibUThmRwNQ/jZcAzipNLBqERBVMCsPCCffto
TcBEHF1vaBbTyCNiH3d/FALghaUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQZqZK
0CMRsn67S/IqiFQ1TXOpTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQDCz5nkAEsip4Qy6RIc7ut1HelN9wHSd7q1ugQvhoTv
3QTwO3xfIOXeYCrLpoCKtm9ddqzxlVNpw9HVv6/Bt7srZfDH/rh92ys1tbWtGtzl
an4naa1S+VSPAZpu1zL6tyk+VIeJH+Ao0P86Pi0thUQRbjJKub8bvcfd/ldKnU2g
AwG9nn3O/wHLuqOjyWqaDowGyD7A4i1u5n8wH4q5nUWbuGq7o4ZT+PcY6s43y1Qn
8/XtNMHpsWGmTzmuIeVzStm+jt5k8SMzwbAQ94MWgyyJBues5KSTMvLzB24AONSM
Mj7tewG/kT3fdc/yguNrlwqbvrDPro7+qTdnWJz08Lu7
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:14:40 2025 by rpki-client