Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: pNEIN25HtAnCS4l2l3/i8tvGpqrYf9i9uJSK/ekXDbw=
Subject key identifier: 05:F8:35:31:98:5B:9D:70:80:50:02:67:F9:90:0E:75:63:75:EB:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 687B677F703AB98553ACEDCA92FDED0B73972B68
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Mon 10 Mar 2025 15:30:10 +0000
ROA not before: Mon 10 Mar 2025 15:30:10 +0000
ROA not after: Mon 14 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7b:67:7f:70:3a:b9:85:53:ac:ed:ca:92:fd:ed:0b:73:97:2b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 10 15:30:10 2025 GMT
Not After : Apr 14 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7c:7e:fb:f6:1c:30:ce:a2:f1:18:01:59:18:
3f:a8:df:90:70:a9:f6:13:97:23:86:3f:ca:c2:c3:
3e:07:0c:1f:ed:a7:e9:32:5e:d5:2d:f1:de:7d:27:
d3:52:f7:e6:37:1f:3b:8d:54:5e:dc:ad:61:75:54:
40:08:07:e4:b3:c7:04:80:0d:1a:36:58:c6:de:59:
12:59:70:1a:ba:e8:34:12:74:1a:20:1a:6c:9b:e3:
8c:f6:1c:44:b3:1f:f5:61:cc:a6:3a:cc:62:7c:98:
0f:69:52:8d:c1:80:0e:27:61:05:58:1a:83:1b:7a:
86:30:e6:b3:49:c8:27:9e:40:2d:62:65:9c:a9:2b:
70:32:55:b0:c0:08:88:e5:39:76:0b:09:4d:b1:b3:
17:1e:02:5a:b7:51:5e:00:46:4b:9e:29:72:bd:b6:
7d:a4:26:2b:cd:75:6e:ee:34:2f:2d:ca:dc:30:d9:
71:f2:55:1c:ee:e7:ef:70:57:cd:b5:32:ce:d7:fc:
35:39:96:d6:8e:14:70:42:d5:24:29:f1:9e:11:95:
74:e4:f6:24:8f:0b:26:ad:60:94:6b:9c:5e:07:87:
ff:59:db:ea:1e:a3:57:68:af:76:db:b9:e7:33:54:
36:77:9f:f0:35:51:eb:1a:f0:23:d1:af:38:44:0a:
6b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F8:35:31:98:5B:9D:70:80:50:02:67:F9:90:0E:75:63:75:EB:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
85:66:51:37:fd:ff:d0:5b:ee:c4:76:6d:a3:d8:8e:86:b5:71:
26:75:74:21:72:25:2e:4e:f9:a9:74:a4:98:50:65:c8:b9:e1:
98:c0:39:03:6c:f7:ac:34:17:fd:8e:7e:00:6c:c3:32:3e:b9:
33:cf:8c:44:4b:9a:65:0b:d5:ee:5e:ab:96:b8:80:94:7b:6d:
7f:99:4c:98:c4:64:1f:35:b2:38:f9:9b:ee:40:e7:70:13:78:
c1:cd:e7:e3:a3:a1:f8:e1:a5:a0:df:7b:b3:0c:22:8f:26:28:
c2:d7:b8:ff:f6:3c:32:f9:61:f4:aa:49:d4:c6:44:c6:52:c1:
3e:f2:8f:c2:d3:73:7e:87:a8:89:09:50:08:93:4f:98:cb:ec:
f4:ac:08:77:73:25:e6:4f:d5:ad:c9:2e:f6:23:cc:72:26:8e:
ec:fb:62:2a:cd:3b:1c:cc:29:bc:fa:36:03:4f:f1:ba:89:1d:
c4:65:cc:fb:0c:27:85:4b:c6:a5:38:77:12:5b:6b:b3:0e:db:
a0:4a:df:95:71:b0:07:71:c6:ed:26:0e:b9:5c:b2:f8:7d:92:
3b:e8:32:3b:c5:e2:54:65:cc:fd:10:52:ea:e8:88:78:8c:ab:
56:f6:81:81:7e:c2:8b:05:ef:7d:7b:63:92:0e:ed:cb:23:c4:
06:ea:9a:29
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaHtnf3A6uYVTrO3Kkv3tC3OXK2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTAxNTMwMTBaFw0yNTA0MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3MTVhYzA3ZDI0MGFiNDUwMWJjMmY4ODYyMGYyMzk1MDI4ZGU3ZjkzMWMw
NjZhMjY2NmViNmQ1YmU4MTViZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK58fvv2HDDOovEYAVkYP6jfkHCp9hOXI4Y/ysLDPgcMH+2n6TJe1S3x3n0n
01L35jcfO41UXtytYXVUQAgH5LPHBIANGjZYxt5ZEllwGrroNBJ0GiAabJvjjPYc
RLMf9WHMpjrMYnyYD2lSjcGADidhBVgagxt6hjDms0nIJ55ALWJlnKkrcDJVsMAI
iOU5dgsJTbGzFx4CWrdRXgBGS54pcr22faQmK811bu40Ly3K3DDZcfJVHO7n73BX
zbUyztf8NTmW1o4UcELVJCnxnhGVdOT2JI8LJq1glGucXgeH/1nb6h6jV2ivdtu5
5zNUNnef8DVR6xrwI9GvOEQKay0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQF+DUx
mFudcIBQAmf5kA51Y3Xr1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQCFZlE3/f/QW+7Edm2j2I6GtXEmdXQhciUuTvmpdKSY
UGXIueGYwDkDbPesNBf9jn4AbMMyPrkzz4xES5plC9XuXquWuICUe21/mUyYxGQf
NbI4+ZvuQOdwE3jBzefjo6H44aWg33uzDCKPJijC17j/9jwy+WH0qknUxkTGUsE+
8o/C03N+h6iJCVAIk0+Yy+z0rAh3cyXmT9WtyS72I8xyJo7s+2IqzTsczCm8+jYD
T/G6iR3EZcz7DCeFS8alOHcSW2uzDtugSt+VcbAHccbtJg65XLL4fZI76DI7xeJU
Zcz9EFLq6Ih4jKtW9oGBfsKLBe99e2OSDu3LI8QG6pop
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:07:31 2025 by rpki-client