Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: 6CWif2WLebmlQnl/yQoSUuO4fFWr1zP/LdxRatm0/DE=
Subject key identifier: 36:84:D0:BF:58:75:11:97:CF:C0:5E:02:6F:52:0C:9C:3F:4F:45:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2DED15AFDB0987FD0F6E516266A06F302A1F76E5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ed:15:af:db:09:87:fd:0f:6e:51:62:66:a0:6f:30:2a:1f:76:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=7264fb64e226cc30042d6cd2238b35a63e79732bfa751f9edcf7148869c43b54, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:ae:b9:85:20:c5:bb:3d:55:b9:ad:f6:f6:
c5:b5:69:4b:7a:80:f1:54:d0:43:1e:dd:08:ae:6e:
c4:3d:2b:20:b7:49:ca:1e:2d:6d:81:16:34:b0:c6:
d0:2f:d9:ed:f7:91:85:d4:3e:59:47:b0:e8:d9:3e:
c5:38:ea:14:23:55:93:4d:69:bc:dd:8a:4d:ce:64:
3b:85:4c:23:d8:7f:36:51:ae:77:9c:95:24:9e:b1:
db:33:11:26:4f:2e:7c:dc:54:d8:d5:09:00:46:cd:
43:0b:ba:9e:1e:54:08:52:3b:dd:65:97:cb:f5:28:
ef:cb:b8:6e:11:e1:90:1d:17:e5:fb:a6:2b:d1:79:
44:8a:41:f1:2c:07:aa:0f:23:43:5d:2f:de:80:ad:
22:67:cd:aa:86:b7:0a:99:0e:90:71:3a:ec:c0:6b:
9b:86:74:e8:f9:7b:1d:11:d2:c6:44:71:69:e6:46:
12:f4:39:1e:3b:c7:6c:45:ed:ea:49:60:fa:47:a8:
ab:c2:d4:d9:69:d8:45:0e:48:49:d6:5e:3a:b3:f6:
b6:49:0d:9f:f3:b3:47:d2:3e:14:c5:ed:a2:9d:6b:
2e:cb:85:45:76:44:26:68:46:30:6e:fd:e2:16:73:
1b:d8:a9:21:5f:72:29:96:8a:91:68:b7:c8:1d:61:
8f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:84:D0:BF:58:75:11:97:CF:C0:5E:02:6F:52:0C:9C:3F:4F:45:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:c6:18:dc:72:e2:74:7b:73:89:cd:9f:b2:0b:1b:03:8d:05:
31:90:08:2a:de:32:19:1f:fe:e6:02:5d:7e:8c:3c:72:32:b3:
bd:18:5f:09:8f:d8:d7:cc:04:9e:d8:0f:56:f9:3b:0f:26:17:
e5:2f:73:ea:96:89:9f:3e:40:58:b6:eb:f8:bc:74:7a:db:3f:
10:c3:aa:bb:9d:26:b7:98:c3:b4:7e:14:c1:3b:d5:d1:78:eb:
77:30:bd:c1:dc:38:fa:67:2c:d0:7e:5d:d6:bb:ac:94:9e:a8:
03:08:83:0b:eb:6d:0c:7a:88:0e:9a:75:58:77:b2:92:c4:05:
99:c9:ab:f1:50:68:ae:fa:8f:b8:9a:a9:f6:f3:36:48:89:1c:
55:15:17:b2:a6:85:d0:7a:3e:0f:49:f4:4e:5b:4b:9c:a3:31:
13:c5:fd:f6:3a:a0:7e:a2:00:af:d6:8a:47:aa:73:68:c5:b4:
70:ee:f7:b8:31:76:d7:6f:48:a5:51:a1:c0:55:d5:3d:60:bf:
19:64:c2:05:f9:f8:9b:d6:77:5a:82:56:85:77:52:49:5b:0c:
55:33:1e:68:b3:60:fd:98:f7:28:b5:60:8a:48:06:d8:22:1c:
67:f6:b2:77:8b:cd:5b:be:d1:7c:b4:3c:a5:ef:33:4f:65:02:
1b:38:e0:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULe0Vr9sJh/0PblFiZqBvMCofduUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNjRmYjY0ZTIyNmNjMzAwNDJkNmNkMjIzOGIzNWE2M2U3OTczMmJmYTc1
MWY5ZWRjZjcxNDg4NjljNDNiNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgOrrmFIMW7PVW5rfb2xbVpS3qA8VTQQx7dCK5uxD0rILdJyh4tbYEWNLDG
0C/Z7feRhdQ+WUew6Nk+xTjqFCNVk01pvN2KTc5kO4VMI9h/NlGud5yVJJ6x2zMR
Jk8ufNxU2NUJAEbNQwu6nh5UCFI73WWXy/Uo78u4bhHhkB0X5fumK9F5RIpB8SwH
qg8jQ10v3oCtImfNqoa3CpkOkHE67MBrm4Z06Pl7HRHSxkRxaeZGEvQ5HjvHbEXt
6klg+keoq8LU2WnYRQ5ISdZeOrP2tkkNn/OzR9I+FMXtop1rLsuFRXZEJmhGMG79
4hZzG9ipIV9yKZaKkWi3yB1hj8cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2hNC/
WHURl8/AXgJvUgycP09FvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQA3xhjccuJ0e3OJzZ+yCxsDjQUxkAgq3jIZH/7mAl1+
jDxyMrO9GF8Jj9jXzASe2A9W+TsPJhflL3PqlomfPkBYtuv4vHR62z8Qw6q7nSa3
mMO0fhTBO9XReOt3ML3B3Dj6ZyzQfl3Wu6yUnqgDCIML620MeogOmnVYd7KSxAWZ
yavxUGiu+o+4mqn28zZIiRxVFReypoXQej4PSfROW0ucozETxf32OqB+ogCv1opH
qnNoxbRw7ve4MXbXb0ilUaHAVdU9YL8ZZMIF+fib1ndaglaFd1JJWwxVMx5os2D9
mPcotWCKSAbYIhxn9rJ3i81bvtF8tDyl7zNPZQIbOOAG
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:33:53 2025 by rpki-client