Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
File: 018d1278-2c0d-467a-ae97-a69101b9f274.roa (raw, json)
Hash identifier: RyjoYFz2CMsuEqxDFoEMpCdsIix3e2qQwUjquglB3DI=
Subject key identifier: 4F:27:4A:BA:BE:43:06:EC:2F:53:70:A1:C8:E6:B3:8D:19:42:C0:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D3DB717FF38C12FB26B21F02622B433DAC8B8B3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:3d:b7:17:ff:38:c1:2f:b2:6b:21:f0:26:22:b4:33:da:c8:b8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7f:30:2d:fb:a6:83:ad:e4:ba:79:9a:7f:6f:
51:be:aa:f9:53:ea:b3:b6:d0:a1:d6:ab:6a:9f:86:
e4:0e:5c:0d:0b:11:c7:83:dd:26:46:a1:a1:d3:cf:
9a:6d:58:7f:09:da:c3:00:63:e8:fc:c9:bd:e3:8a:
c3:80:49:c7:b2:e9:59:5a:09:a0:63:55:60:12:e7:
fe:76:30:c9:49:ca:37:ee:02:e7:25:3f:d7:46:f3:
bf:e3:a6:b7:47:e5:5c:56:1c:c6:12:43:b6:df:4f:
4a:fb:bd:55:af:f0:80:dc:79:75:55:6f:83:2d:32:
8c:c3:48:f9:fa:56:46:b0:b5:0a:7a:19:02:55:75:
93:f0:f1:d3:46:6f:1f:7a:5a:62:ea:56:ca:ae:c1:
e9:4a:eb:49:27:2b:ce:75:70:06:9f:82:a1:4f:db:
7f:97:05:49:ba:81:a8:e6:26:23:7b:4e:c3:e9:41:
cb:8a:f5:68:8c:8a:82:b2:d6:39:fe:39:a9:f7:93:
aa:61:e8:4d:e6:83:9e:5b:68:ba:dd:e7:f3:c2:6f:
24:e8:1d:ed:40:5e:56:eb:3a:ef:7e:5a:b3:84:a1:
fd:fa:78:f4:f2:23:fc:ed:ba:ed:6f:cb:5a:d7:b1:
73:89:83:72:ce:80:f9:9a:c3:ca:c8:0e:2d:ad:b0:
de:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:27:4A:BA:BE:43:06:EC:2F:53:70:A1:C8:E6:B3:8D:19:42:C0:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:2a:e9:52:27:a0:3a:62:0a:86:17:81:fc:1a:26:9c:5b:d5:
47:e7:7a:28:81:6a:d7:0e:9b:40:1c:f7:fc:2e:61:7f:88:81:
e9:28:82:61:a3:4e:43:6d:e4:a2:d1:4b:df:3f:72:12:ba:0f:
40:80:de:e8:ae:1c:a0:d5:0d:0b:51:6c:b3:37:5c:36:c9:32:
d9:ef:84:03:c8:d6:e7:d9:bd:69:b6:ed:c3:64:0c:3e:de:58:
83:47:29:f4:27:08:52:49:ee:e3:ef:00:83:80:35:b6:1a:f7:
93:e3:b1:d4:cb:ae:e8:0e:9a:8e:b4:39:3a:d6:07:32:2a:44:
13:0b:ee:ed:10:c2:4a:01:a5:50:fb:18:ad:aa:35:74:9d:34:
ac:22:17:7f:35:e5:b9:6e:9b:28:1e:b8:aa:4a:b5:c6:a5:b9:
2c:d6:67:c8:63:f7:7d:63:36:1a:a7:3b:8f:82:89:da:ff:35:
8a:6c:25:46:21:a2:6b:28:5f:ff:14:d4:79:b5:9a:f1:a5:d5:
fa:b2:78:e1:be:83:a6:a9:bc:df:b7:fa:ad:f3:65:76:0d:cb:
e1:95:95:7e:9c:eb:bf:80:5e:c4:81:8e:b8:87:c2:95:30:0e:
5c:53:60:bc:99:aa:e5:43:77:0f:0e:1e:34:df:a6:92:b5:f0:
fc:c3:98:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXT23F/84wS+yayHwJiK0M9rIuLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MTVlZDI1MWQ3YzZhOTJiMWNjM2Y3YmUwMDAzM2E0NmQxYThhZWMxZTdh
YmJjMDU1OTIzZTM0M2QyMGQ2ZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZ/MC37poOt5Lp5mn9vUb6q+VPqs7bQodarap+G5A5cDQsRx4PdJkahodPP
mm1YfwnawwBj6PzJveOKw4BJx7LpWVoJoGNVYBLn/nYwyUnKN+4C5yU/10bzv+Om
t0flXFYcxhJDtt9PSvu9Va/wgNx5dVVvgy0yjMNI+fpWRrC1CnoZAlV1k/Dx00Zv
H3paYupWyq7B6UrrSScrznVwBp+CoU/bf5cFSbqBqOYmI3tOw+lBy4r1aIyKgrLW
Of45qfeTqmHoTeaDnltout3n88JvJOgd7UBeVus6735as4Sh/fp49PIj/O267W/L
Wtexc4mDcs6A+ZrDysgOLa2w3nECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRPJ0q6
vkMG7C9TcKHI5rONGULAiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDE4ZDEyNzgtMmMwZC00NjdhLWFlOTctYTY5MTAxYjlmMjc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCiKulSJ6A6YgqGF4H8GiacW9VH53oogWrXDptAHPf8
LmF/iIHpKIJho05DbeSi0UvfP3ISug9AgN7orhyg1Q0LUWyzN1w2yTLZ74QDyNbn
2b1ptu3DZAw+3liDRyn0JwhSSe7j7wCDgDW2GveT47HUy67oDpqOtDk61gcyKkQT
C+7tEMJKAaVQ+xitqjV0nTSsIhd/NeW5bpsoHriqSrXGpbks1mfIY/d9YzYapzuP
gona/zWKbCVGIaJrKF//FNR5tZrxpdX6snjhvoOmqbzft/qt82V2DcvhlZV+nOu/
gF7EgY64h8KVMA5cU2C8marlQ3cPDh4036aStfD8w5g+
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:19:14 2025 by rpki-client