Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json)
Hash identifier: QvmRjQI1z6yYJJpUWL/Bh5uhsMtnPJbGEguciAb2lxY=
Subject key identifier: DC:C9:97:4B:FC:6F:2D:F7:21:A8:8D:FD:C2:76:22:F0:10:F4:78:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 46101FC233FDEFEA771DF1C26E4BA2BDF2CDEF57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
Signing time: Tue 01 Apr 2025 15:11:04 +0000
ROA not before: Tue 01 Apr 2025 15:11:04 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:10:1f:c2:33:fd:ef:ea:77:1d:f1:c2:6e:4b:a2:bd:f2:cd:ef:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:11:04 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=76f108d41db956f42e3c78b05533da2631e10bfbf0bcb2cac7ada3660e60b4ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:48:4d:ea:21:9b:d6:9e:f9:d0:0e:13:a5:f6:
3b:1d:0e:1e:f2:ae:9a:9f:26:e3:79:db:70:2a:9f:
6f:05:03:7d:48:84:81:84:24:a9:51:04:1b:27:87:
9c:99:cd:61:39:99:04:0e:32:3a:d8:2f:f3:fb:bd:
45:9d:01:5f:dd:92:19:56:c9:4c:76:30:97:32:53:
07:d5:b8:fc:5c:c0:31:19:ec:a9:05:14:d4:2e:0a:
5b:3a:83:ea:2c:b5:9f:04:d4:ef:0d:a5:03:a5:bf:
d3:75:63:1d:10:94:70:ca:5b:85:32:1f:98:75:00:
02:69:53:e1:56:9b:88:45:c0:bd:79:1b:1d:28:04:
ef:d6:aa:49:ad:ec:1e:f0:3d:c7:f8:b2:dc:59:5c:
25:84:54:06:00:60:ce:8e:32:b4:58:ce:8d:23:81:
5a:26:59:78:8b:6a:5b:8d:4c:6f:f0:bb:04:27:d2:
6c:e9:08:1e:c9:4d:29:9c:03:96:89:5e:68:93:bc:
ae:15:69:2d:c5:0f:13:60:83:e4:c1:42:57:78:09:
80:59:6d:fd:8a:c1:f8:ac:aa:3c:48:7d:da:88:e6:
9e:bc:64:9c:49:29:c4:10:49:40:c3:36:a2:11:20:
47:81:30:81:05:2a:e5:fa:64:1b:9d:cb:73:74:f6:
61:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C9:97:4B:FC:6F:2D:F7:21:A8:8D:FD:C2:76:22:F0:10:F4:78:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:13:8d:87:b4:c6:45:6a:02:dd:71:6d:1d:9a:39:33:f6:64:
4f:51:20:ba:dc:8f:39:41:6f:24:e0:bf:c4:de:00:14:96:35:
ff:c7:7a:2d:77:52:a2:44:6e:1c:54:be:89:fd:24:ed:92:bc:
09:58:1b:8d:3e:a9:e4:f9:16:99:33:47:19:de:73:03:6d:94:
92:df:06:27:7a:03:0b:c4:32:18:ee:ee:d7:13:e3:14:ee:ce:
b4:c5:50:0f:8c:9c:5b:ba:89:83:6b:7e:b8:6c:da:72:e2:de:
4d:e9:9c:dc:43:21:21:a8:62:2e:ba:b6:f3:95:43:cd:13:28:
8c:68:bf:18:9e:7c:91:74:fd:76:d0:b4:07:7b:4c:0f:68:f1:
f5:b4:64:35:c4:e4:82:4d:32:1d:cc:86:ee:bc:71:dd:80:01:
de:df:f2:f2:da:4f:f2:10:d1:a4:e4:b0:31:8f:33:a5:bc:e8:
2f:f8:43:a2:02:13:41:fc:e2:ec:d2:67:3e:40:c7:d2:b0:35:
c8:68:18:5e:27:ba:8f:f6:9e:ec:64:41:1c:aa:06:aa:b9:0e:
49:85:28:6d:07:28:c9:8b:45:b2:57:19:3e:2a:72:d8:a0:a4:
7e:ae:4f:1d:3a:82:b9:7f:a9:60:05:c8:a1:4d:00:0f:f9:c3:
8c:92:5f:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURhAfwjP97+p3HfHCbkuivfLN71cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTExMDRaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZjEwOGQ0MWRiOTU2ZjQyZTNjNzhiMDU1MzNkYTI2MzFlMTBiZmJmMGJj
YjJjYWM3YWRhMzY2MGU2MGI0YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpITeohm9ae+dAOE6X2Ox0OHvKump8m43nbcCqfbwUDfUiEgYQkqVEEGyeH
nJnNYTmZBA4yOtgv8/u9RZ0BX92SGVbJTHYwlzJTB9W4/FzAMRnsqQUU1C4KWzqD
6iy1nwTU7w2lA6W/03VjHRCUcMpbhTIfmHUAAmlT4VabiEXAvXkbHSgE79aqSa3s
HvA9x/iy3FlcJYRUBgBgzo4ytFjOjSOBWiZZeItqW41Mb/C7BCfSbOkIHslNKZwD
loleaJO8rhVpLcUPE2CD5MFCV3gJgFlt/YrB+KyqPEh92ojmnrxknEkpxBBJQMM2
ohEgR4EwgQUq5fpkG53Lc3T2Yf0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTcyZdL
/G8t9yGojf3CdiLwEPR4wTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBoE42HtMZFagLdcW0dmjkz9mRPUSC63I85QW8k4L/E
3gAUljX/x3otd1KiRG4cVL6J/STtkrwJWBuNPqnk+RaZM0cZ3nMDbZSS3wYnegML
xDIY7u7XE+MU7s60xVAPjJxbuomDa364bNpy4t5N6ZzcQyEhqGIuurbzlUPNEyiM
aL8YnnyRdP120LQHe0wPaPH1tGQ1xOSCTTIdzIbuvHHdgAHe3/Ly2k/yENGk5LAx
jzOlvOgv+EOiAhNB/OLs0mc+QMfSsDXIaBheJ7qP9p7sZEEcqgaquQ5JhShtByjJ
i0WyVxk+KnLYoKR+rk8dOoK5f6lgBcihTQAP+cOMkl/P
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net