Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json)
Hash identifier: ujuuVHyLqUzAotxtWmM+HOG4wapqfpeVzOaDaxKIaIM=
Subject key identifier: 2C:C1:8C:72:C1:55:DF:B3:95:E0:5E:87:F4:6F:B9:E8:9D:B7:CE:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A1D4E39061C294DB8AACA0E4DD55B09D437781E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
Signing time: Tue 01 Apr 2025 15:11:02 +0000
ROA not before: Tue 01 Apr 2025 15:11:02 +0000
ROA not after: Tue 06 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 15
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:1d:4e:39:06:1c:29:4d:b8:aa:ca:0e:4d:d5:5b:09:d4:37:78:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 15:11:02 2025 GMT
Not After : May 6 23:59:59 2025 GMT
Subject: serialNumber=b56c48d50ff9314318751559b16e24cb8ea9f54fa63177ffda8b3d7c989c18fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ae:0d:74:7a:32:47:9a:02:92:e6:5d:a3:b2:
04:e0:c8:77:60:3e:cb:47:3c:52:15:8b:ed:0d:df:
95:47:58:ae:fc:6f:73:81:7b:da:c4:7d:0b:9a:c9:
bd:a6:6f:67:db:e3:70:e3:40:b1:92:17:a3:70:0b:
75:5e:70:fd:a8:88:b2:d0:a7:60:6f:95:0d:99:94:
cc:64:92:2e:6f:1d:86:1e:89:46:83:78:38:03:9b:
65:2e:30:5f:fb:44:b2:17:4b:7a:fc:54:ab:5a:33:
f9:48:61:be:ae:28:f6:01:ac:39:d7:aa:e6:82:cf:
08:84:cd:73:b6:6d:0b:5b:a8:ba:73:8c:be:6d:69:
69:eb:9e:04:2c:d1:46:96:66:92:34:bb:a1:62:c3:
7f:15:48:12:c7:5c:bf:6d:8b:57:91:5f:93:92:83:
0e:8b:b2:11:ed:0c:82:0a:60:15:ff:73:b9:de:8a:
8a:e7:89:bf:09:7e:1d:6c:6b:65:08:2c:0a:13:e5:
47:39:02:9d:74:68:a3:69:55:9d:85:24:7e:da:c5:
db:2e:6b:ed:2f:fe:08:2f:ae:69:93:7f:9b:d8:45:
dc:fb:53:8c:49:89:dd:2d:1c:3c:f0:0d:57:d9:21:
03:11:47:f1:1f:d2:1d:f8:ac:84:eb:3d:4a:b9:36:
b1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C1:8C:72:C1:55:DF:B3:95:E0:5E:87:F4:6F:B9:E8:9D:B7:CE:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
32:b1:f2:a6:a6:1a:56:58:34:bb:5b:22:87:a6:18:7a:26:e6:
50:07:9c:24:05:71:8f:e5:a8:e0:dc:d8:06:db:7a:bb:3f:a5:
91:d4:ad:59:88:f4:e2:29:7c:95:e4:ea:0e:c1:8e:72:bf:3f:
00:2a:ba:fb:ab:6e:86:6e:9f:6e:cb:c7:ae:e0:ef:2b:c4:68:
a3:42:ad:5a:4a:58:cd:63:02:a1:ea:e4:1b:67:36:1c:cd:81:
3d:d5:b5:99:5a:fb:5c:22:5b:48:e5:05:bc:91:77:93:0d:34:
d7:02:3a:83:59:8a:9c:bc:78:b7:ac:2d:c7:1f:64:54:27:9d:
22:2a:6e:05:73:b5:96:a4:91:18:ac:42:d5:b4:8d:25:f3:50:
40:30:49:10:76:b1:7e:09:6e:4d:db:64:43:d1:61:6c:f8:cd:
b0:e5:85:e9:1e:ad:c5:ca:a8:23:1d:4d:1d:ae:c1:ed:ce:c0:
48:ca:53:58:11:b2:07:62:0c:7a:41:66:e5:05:7a:c0:bc:09:
86:91:fe:5c:ff:4e:57:d1:ba:cd:52:49:78:15:07:77:e5:85:
fe:c6:82:d0:73:5b:a0:3c:6e:62:ec:f7:38:32:3b:82:a2:e2:
63:25:67:6f:95:b8:c3:d7:52:64:18:fc:38:e1:4f:40:7f:a4:
11:5a:7c:d7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCh1OOQYcKU24qsoOTdVbCdQ3eB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MDExNTExMDJaFw0yNTA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NmM0OGQ1MGZmOTMxNDMxODc1MTU1OWIxNmUyNGNiOGVhOWY1NGZhNjMx
NzdmZmRhOGIzZDdjOTg5YzE4ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWuDXR6MkeaApLmXaOyBODId2A+y0c8UhWL7Q3flUdYrvxvc4F72sR9C5rJ
vaZvZ9vjcONAsZIXo3ALdV5w/aiIstCnYG+VDZmUzGSSLm8dhh6JRoN4OAObZS4w
X/tEshdLevxUq1oz+Uhhvq4o9gGsOdeq5oLPCITNc7ZtC1uounOMvm1paeueBCzR
RpZmkjS7oWLDfxVIEsdcv22LV5Ffk5KDDouyEe0MggpgFf9zud6KiueJvwl+HWxr
ZQgsChPlRzkCnXRoo2lVnYUkftrF2y5r7S/+CC+uaZN/m9hF3PtTjEmJ3S0cPPAN
V9khAxFH8R/SHfishOs9Srk2sSkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQswYxy
wVXfs5XgXof0b7nonbfOCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAysfKmphpWWDS7WyKHphh6JuZQB5wkBXGP5ajg3NgG
23q7P6WR1K1ZiPTiKXyV5OoOwY5yvz8AKrr7q26Gbp9uy8eu4O8rxGijQq1aSljN
YwKh6uQbZzYczYE91bWZWvtcIltI5QW8kXeTDTTXAjqDWYqcvHi3rC3HH2RUJ50i
Km4Fc7WWpJEYrELVtI0l81BAMEkQdrF+CW5N22RD0WFs+M2w5YXpHq3FyqgjHU0d
rsHtzsBIylNYEbIHYgx6QWblBXrAvAmGkf5c/05X0brNUkl4FQd35YX+xoLQc1ug
PG5i7Pc4MjuCouJjJWdvlbjD11JkGPw44U9Af6QRWnzX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:11 2025 by rpki-client on console.sobornost.net