Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json)
Hash identifier: ZnKbNM+s9+JcqJSz75tUrikr689z7pr3HMBXY2F20X8=
Subject key identifier: 82:E5:69:55:F1:EE:51:E5:B9:63:FC:6F:43:47:67:F5:77:95:18:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7785F750213D49926F38CE74D2C1EDE5CD8CC080
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
Signing time: Fri 07 Mar 2025 15:10:19 +0000
ROA not before: Fri 07 Mar 2025 15:10:19 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:85:f7:50:21:3d:49:92:6f:38:ce:74:d2:c1:ed:e5:cd:8c:c0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:19 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3e:32:79:2e:c6:c1:6d:ce:34:fb:a2:53:c9:
01:f8:79:7e:b7:e0:56:98:f5:cb:1a:55:71:83:b2:
88:8c:54:51:a0:2d:cc:34:2b:1f:78:10:b7:f8:93:
79:46:39:c1:5e:b1:b7:64:4c:fe:8a:1b:9a:ac:be:
48:e1:10:eb:4e:a1:a1:17:88:2f:3b:8d:ff:75:85:
c2:98:87:63:8a:82:45:0a:aa:14:2b:47:70:b2:7d:
8b:f2:41:ad:da:e8:2d:cf:9b:5c:d5:1a:15:de:bd:
b9:41:93:98:af:ba:bc:c9:ca:d2:0f:5e:dc:93:10:
47:75:32:cb:e2:f2:eb:01:93:3a:4e:4c:2e:34:49:
c5:3d:3c:5b:c2:08:c4:77:3c:1d:d7:b5:3d:82:e5:
1e:8f:ae:82:44:e0:df:0b:0c:66:0c:b1:9e:5f:42:
47:22:44:ae:44:7e:cf:a6:65:9b:00:b0:9d:40:f8:
10:23:9b:89:b7:37:dc:d7:d8:ed:1b:58:d5:ce:87:
d8:ed:b6:24:aa:7c:45:b4:f6:ff:76:cb:65:d2:0a:
8e:80:12:be:da:e3:30:6b:bb:d6:05:8f:15:2c:26:
01:54:02:31:5e:5c:49:e5:ef:cb:ba:b3:c0:de:a5:
56:18:c2:11:2c:61:8b:94:5d:15:e9:21:2e:4c:99:
a0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E5:69:55:F1:EE:51:E5:B9:63:FC:6F:43:47:67:F5:77:95:18:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:9b:07:61:1d:5c:fc:1f:af:cd:4f:d3:50:3d:37:a3:22:75:
b8:27:d4:c8:1e:9a:86:70:71:c1:d9:ed:91:9a:5d:21:28:4c:
4f:e3:1a:c3:71:4d:b7:3a:7b:8b:9a:d1:aa:d9:88:22:fc:9e:
7c:ea:dd:b2:18:ca:a5:7c:c9:8f:0a:22:53:32:cd:30:27:2a:
6a:b2:80:f2:b1:17:51:7c:7f:4a:c1:df:e9:8e:5d:ce:a8:cf:
95:dd:8c:cd:46:12:a5:69:b8:82:db:f4:c0:b8:4a:99:7a:7f:
ec:b5:87:69:c4:75:58:fa:bf:5c:1b:57:b5:d2:cb:75:2e:47:
1a:fc:ad:46:c1:92:10:34:f4:e3:bf:83:54:3f:34:21:f2:ea:
d1:88:a1:2a:a4:3c:22:61:3f:45:4d:7b:4e:78:b8:7f:6d:c1:
32:2b:bd:70:d0:b0:3b:5f:2e:27:17:c3:30:70:95:e8:d1:a6:
17:a3:3b:43:60:fd:81:4a:a4:d3:fc:dd:14:ff:6e:0b:ae:fc:
f2:d8:d2:61:d0:17:a0:16:c4:bf:e9:bd:8f:c9:b4:29:db:64:
c9:ab:f6:9a:c0:22:59:b0:aa:df:8e:d9:91:10:20:79:f3:c1:
7a:bd:cc:30:61:b4:e5:1a:54:69:86:e6:0d:8e:61:49:4d:6c:
ff:7d:2d:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd4X3UCE9SZJvOM500sHt5c2MwIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwMTlaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MWFmMTZmZjY2Y2M4MjE5YjNiYzA0ZmYyNGQ2ZmFiMzYyYmM2OWZjNTBl
Y2QzNDczOGFjZjI5ZWY1OTIzZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOE+MnkuxsFtzjT7olPJAfh5frfgVpj1yxpVcYOyiIxUUaAtzDQrH3gQt/iT
eUY5wV6xt2RM/oobmqy+SOEQ606hoReILzuN/3WFwpiHY4qCRQqqFCtHcLJ9i/JB
rdroLc+bXNUaFd69uUGTmK+6vMnK0g9e3JMQR3Uyy+Ly6wGTOk5MLjRJxT08W8II
xHc8Hde1PYLlHo+ugkTg3wsMZgyxnl9CRyJErkR+z6ZlmwCwnUD4ECObibc33NfY
7RtY1c6H2O22JKp8RbT2/3bLZdIKjoASvtrjMGu71gWPFSwmAVQCMV5cSeXvy7qz
wN6lVhjCESxhi5RdFekhLkyZoFMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSC5WlV
8e5R5blj/G9DR2f1d5UY6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQB5mwdhHVz8H6/NT9NQPTejInW4J9TIHpqGcHHB2e2R
ml0hKExP4xrDcU23OnuLmtGq2Ygi/J586t2yGMqlfMmPCiJTMs0wJypqsoDysRdR
fH9Kwd/pjl3OqM+V3YzNRhKlabiC2/TAuEqZen/stYdpxHVY+r9cG1e10st1Lkca
/K1GwZIQNPTjv4NUPzQh8urRiKEqpDwiYT9FTXtOeLh/bcEyK71w0LA7Xy4nF8Mw
cJXo0aYXoztDYP2BSqTT/N0U/24Lrvzy2NJh0BegFsS/6b2PybQp22TJq/aawCJZ
sKrfjtmRECB588F6vcwwYbTlGlRphuYNjmFJTWz/fS1s
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:10:12 2025 by rpki-client