Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json)
Hash identifier: nwQYIaCgq1Kmf6InKCNMHE9aMA7XkpS8dO74EzN6cyY=
Subject key identifier: EB:DA:37:94:1F:98:1D:26:72:80:E1:77:85:E0:D3:41:8D:5C:3C:0F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56D4626ECB201C7F7D751776CD86C96AA43210BB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
Signing time: Fri 07 Mar 2025 15:10:57 +0000
ROA not before: Fri 07 Mar 2025 15:10:57 +0000
ROA not after: Fri 11 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 15
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:d4:62:6e:cb:20:1c:7f:7d:75:17:76:cd:86:c9:6a:a4:32:10:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 7 15:10:57 2025 GMT
Not After : Apr 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5b:25:cf:81:fc:74:51:8e:75:a0:35:9e:8c:
e4:5b:df:f2:b0:d8:dd:1b:b6:96:57:3d:b6:58:bc:
ff:5f:81:96:74:1b:44:48:07:4d:a8:96:09:d6:72:
7f:94:12:1c:69:67:7d:14:74:3a:29:35:cf:a1:1e:
e6:5a:8f:25:c9:cb:ea:77:89:99:59:36:90:c6:ed:
4e:2a:f2:90:eb:b2:8a:df:e2:c4:b7:f5:12:d7:c7:
89:41:7e:5e:bf:3b:2a:f8:03:b1:30:0c:63:b2:a7:
d7:f9:c4:ea:6b:46:09:f5:64:fd:7e:ca:45:24:96:
f1:7b:86:25:22:e2:51:e6:f0:45:5d:3c:9e:ad:e6:
de:bb:96:62:a9:98:35:89:c8:85:c7:0f:75:cb:51:
05:18:56:37:35:e4:d8:58:1c:5c:66:a3:f6:c6:93:
a1:7f:bd:00:a9:e8:8d:53:79:2b:ff:47:7f:a8:3f:
2c:39:97:d3:27:6e:82:12:8d:f5:f4:e9:f1:6d:aa:
bb:dd:68:64:03:16:fa:b5:3b:c5:15:b2:c9:31:0b:
0c:88:ea:69:ff:ff:68:fc:e7:33:cb:93:ab:01:0f:
f1:93:39:ff:3e:02:a4:c6:30:02:c7:58:8d:2c:99:
9c:54:2d:a9:67:6b:c2:71:ff:50:e0:59:79:05:35:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DA:37:94:1F:98:1D:26:72:80:E1:77:85:E0:D3:41:8D:5C:3C:0F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
65:c1:a9:4d:9e:5b:7f:54:88:f8:89:3a:8e:2a:56:40:89:01:
d4:12:b6:44:65:ed:2f:ab:52:55:66:4a:d5:9e:54:89:07:87:
9f:4c:84:6c:b2:a4:c6:d3:03:26:bf:dd:f5:58:22:11:43:8e:
5d:5a:b8:b8:5d:d7:c1:ba:ae:ee:c7:bc:01:94:00:9d:68:d4:
b0:e7:36:81:71:83:a4:2e:3a:df:51:02:75:94:84:26:2f:6a:
ff:d4:b5:54:0c:96:86:2c:cf:59:5e:5f:47:29:65:d7:34:be:
ed:fc:24:85:3d:cf:02:b3:ac:41:d1:8d:96:0e:9b:f9:39:52:
51:f3:11:f8:ad:1e:83:b4:19:f4:df:b3:bd:e4:d0:dd:57:08:
8d:14:b4:82:f0:48:aa:b6:87:08:dc:86:7c:a9:51:0f:22:29:
90:b3:cc:44:12:f0:a4:fd:28:54:f3:03:fe:e2:cd:39:df:9b:
e7:58:dc:dc:70:4c:9e:3a:3c:a9:88:18:9e:0f:64:04:99:b3:
79:6a:76:7d:5e:1b:9f:f7:f1:26:43:2c:47:26:69:4d:be:9a:
8b:f8:94:76:22:8f:5a:ed:f6:4e:2b:9a:80:2c:0b:22:01:64:
c0:0c:d8:35:b3:50:b9:1c:ea:74:8f:a2:a9:10:80:b6:38:db:
ff:bd:ad:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVtRibssgHH99dRd2zYbJaqQyELswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMDcxNTEwNTdaFw0yNTA0MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjZjIwZTBiMDgwN2M3NmM4N2IzMjZmZGU2NjUwNDVjMjgwMjI0M2IwNTNh
OGFlZmY3NmIxNjVhMDc5NTY4YzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdbJc+B/HRRjnWgNZ6M5Fvf8rDY3Ru2llc9tli8/1+BlnQbREgHTaiWCdZy
f5QSHGlnfRR0Oik1z6Ee5lqPJcnL6neJmVk2kMbtTirykOuyit/ixLf1EtfHiUF+
Xr87KvgDsTAMY7Kn1/nE6mtGCfVk/X7KRSSW8XuGJSLiUebwRV08nq3m3ruWYqmY
NYnIhccPdctRBRhWNzXk2FgcXGaj9saToX+9AKnojVN5K/9Hf6g/LDmX0ydughKN
9fTp8W2qu91oZAMW+rU7xRWyyTELDIjqaf//aPznM8uTqwEP8ZM5/z4CpMYwAsdY
jSyZnFQtqWdrwnH/UOBZeQU1zd0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTr2jeU
H5gdJnKA4XeF4NNBjVw8DzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQBlwalNnlt/VIj4iTqOKlZAiQHUErZEZe0vq1JVZkrV
nlSJB4efTIRssqTG0wMmv931WCIRQ45dWri4XdfBuq7ux7wBlACdaNSw5zaBcYOk
LjrfUQJ1lIQmL2r/1LVUDJaGLM9ZXl9HKWXXNL7t/CSFPc8Cs6xB0Y2WDpv5OVJR
8xH4rR6DtBn037O95NDdVwiNFLSC8EiqtocI3IZ8qVEPIimQs8xEEvCk/ShU8wP+
4s0535vnWNzccEyeOjypiBieD2QEmbN5anZ9Xhuf9/EmQyxHJmlNvpqL+JR2Io9a
7fZOK5qALAsiAWTADNg1s1C5HOp0j6KpEIC2ONv/va0v
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:02:21 2025 by rpki-client